2023-11-14
|
CVE-2023-23583
|
Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
|
Debian_linux, Core_i3\-1005g1_firmware, Core_i3\-10100y_firmware, Core_i3\-10110u_firmware, Core_i3\-10110y_firmware, Core_i3\-11100he_firmware, Core_i3\-1110g4_firmware, Core_i3\-1115g4_firmware, Core_i3\-1115g4e_firmware, Core_i3\-1115gre_firmware, Core_i3\-1120g4_firmware, Core_i3\-1125g4_firmware, Core_i5\-10200h_firmware, Core_i5\-10210u_firmware, Core_i5\-10210y_firmware, Core_i5\-10300h_firmware, Core_i5\-10310u_firmware, Core_i5\-10310y_firmware, Core_i5\-1035g1_firmware, Core_i5\-1035g4_firmware, Core_i5\-1035g7_firmware, Core_i5\-10400h_firmware, Core_i5\-10500h_firmware, Core_i5\-11260h_firmware, Core_i5\-11300h_firmware, Core_i5\-1130g7_firmware, Core_i5\-11320h, Core_i5\-1135g7_firmware, Core_i5\-11400_firmware, Core_i5\-11400f_firmware, Core_i5\-11400h_firmware, Core_i5\-11400t_firmware, Core_i5\-1140g7_firmware, Core_i5\-1145g7_firmware, Core_i5\-1145g7e_firmware, Core_i5\-1145gre_firmware, Core_i5\-11500_firmware, Core_i5\-11500h_firmware, Core_i5\-11500he_firmware, Core_i5\-11500t_firmware, Core_i5\-1155g7, Core_i5\-11600_firmware, Core_i5\-11600k_firmware, Core_i5\-11600kf_firmware, Core_i5\-11600t_firmware, Core_i7\-10510u_firmware, Core_i7\-10510y_firmware, Core_i7\-10610u_firmware, Core_i7\-1065g7_firmware, Core_i7\-10710u_firmware, Core_i7\-10750h_firmware, Core_i7\-10810u_firmware, Core_i7\-10850h_firmware, Core_i7\-10870h_firmware, Core_i7\-10875h_firmware, Core_i7\-11370h_firmware, Core_i7\-11375h_firmware, Core_i7\-11390h_firmware, Core_i7\-11600h_firmware, Core_i7\-1160g7_firmware, Core_i7\-1165g7_firmware, Core_i7\-11700_firmware, Core_i7\-11700f_firmware, Core_i7\-11700k_firmware, Core_i7\-11700kf_firmware, Core_i7\-11700t_firmware, Core_i7\-11800h_firmware, Core_i7\-1180g7_firmware, Core_i7\-11850h_firmware, Core_i7\-11850he_firmware, Core_i7\-1185g7_firmware, Core_i7\-1185g7e_firmware, Core_i7\-1185gre_firmware, Core_i7\-1195g7_firmware, Core_i9\-10885h_firmware, Core_i9\-10980hk_firmware, Core_i9\-11900_firmware, Core_i9\-11900f_firmware, Core_i9\-11900h_firmware, Core_i9\-11900k_firmware, Core_i9\-11900kf_firmware, Core_i9\-11900t_firmware, Core_i9\-11950h_firmware, Core_i9\-11980hk_firmware, Xeon_d\-1513n_firmware, Xeon_d\-1518_firmware, Xeon_d\-1520_firmware, Xeon_d\-1521_firmware, Xeon_d\-1523n_firmware, Xeon_d\-1527_firmware, Xeon_d\-1528_firmware, Xeon_d\-1529_firmware, Xeon_d\-1531_firmware, Xeon_d\-1533n_firmware, Xeon_d\-1537_firmware, Xeon_d\-1539_firmware, Xeon_d\-1540_firmware, Xeon_d\-1541_firmware, Xeon_d\-1543n_firmware, Xeon_d\-1548_firmware, Xeon_d\-1553n_firmware, Xeon_d\-1557_firmware, Xeon_d\-1559_firmware, Xeon_d\-1567_firmware, Xeon_d\-1571_firmware, Xeon_d\-1577_firmware, Xeon_d\-1602_firmware, Xeon_d\-1622_firmware, Xeon_d\-1623n_firmware, Xeon_d\-1627_firmware, Xeon_d\-1633n_firmware, Xeon_d\-1637_firmware, Xeon_d\-1649n_firmware, Xeon_d\-1653n_firmware, Xeon_d\-1702_firmware, Xeon_d\-1712tr_firmware, Xeon_d\-1713nt_firmware, Xeon_d\-1713nte_firmware, Xeon_d\-1714_firmware, Xeon_d\-1715ter_firmware, Xeon_d\-1718t_firmware, Xeon_d\-1722ne_firmware, Xeon_d\-1726_firmware, Xeon_d\-1731nte_firmware, Xeon_d\-1732te_firmware, Xeon_d\-1733nt_firmware, Xeon_d\-1734nt_firmware, Xeon_d\-1735tr_firmware, Xeon_d\-1736_firmware, Xeon_d\-1736nt_firmware, Xeon_d\-1739_firmware, Xeon_d\-1746ter_firmware, Xeon_d\-1747nte_firmware, Xeon_d\-1748te_firmware, Xeon_d\-1749nt_firmware, Xeon_d\-2123it_firmware, Xeon_d\-2141i_firmware, Xeon_d\-2142it_firmware, Xeon_d\-2143it_firmware, Xeon_d\-2145nt_firmware, Xeon_d\-2146nt_firmware, Xeon_d\-2161i_firmware, Xeon_d\-2163it_firmware, Xeon_d\-2166nt_firmware, Xeon_d\-2173it_firmware, Xeon_d\-2177nt_firmware, Xeon_d\-2183it_firmware, Xeon_d\-2187nt_firmware, Xeon_d\-2712t_firmware, Xeon_d\-2733nt_firmware, Xeon_d\-2738_firmware, Xeon_d\-2745nx_firmware, Xeon_d\-2752nte_firmware, Xeon_d\-2752ter_firmware, Xeon_d\-2753nt_firmware, Xeon_d\-2757nx_firmware, Xeon_d\-2766nt_firmware, Xeon_d\-2775te_firmware, Xeon_d\-2776nt_firmware, Xeon_d\-2777nx_firmware, Xeon_d\-2779_firmware, Xeon_d\-2786nte_firmware, Xeon_d\-2795nt_firmware, Xeon_d\-2796nt_firmware, Xeon_d\-2796te_firmware, Xeon_d\-2798nt_firmware, Xeon_d\-2798nx_firmware, Xeon_d\-2799_firmware, Xeon_gold_5315y_firmware, Xeon_gold_5317_firmware, Xeon_gold_5318h_firmware, Xeon_gold_5318n_firmware, Xeon_gold_5318s_firmware, Xeon_gold_5318y_firmware, Xeon_gold_5320_firmware, Xeon_gold_5320h_firmware, Xeon_gold_5320t_firmware, Xeon_gold_6312u_firmware, Xeon_gold_6314u_firmware, Xeon_gold_6326_firmware, Xeon_gold_6328h_firmware, Xeon_gold_6328hl_firmware, Xeon_gold_6330_firmware, Xeon_gold_6330h_firmware, Xeon_gold_6330n_firmware, Xeon_gold_6334_firmware, Xeon_gold_6336y_firmware, Xeon_gold_6338_firmware, Xeon_gold_6338n_firmware, Xeon_gold_6338t_firmware, Xeon_gold_6342_firmware, Xeon_gold_6346_firmware, Xeon_gold_6348_firmware, Xeon_gold_6348h_firmware, Xeon_gold_6354_firmware, Xeon_platinum_8351n_firmware, Xeon_platinum_8352m_firmware, Xeon_platinum_8352s_firmware, Xeon_platinum_8352v_firmware, Xeon_platinum_8352y_firmware, Xeon_platinum_8353h_firmware, Xeon_platinum_8354h_firmware, Xeon_platinum_8356h_firmware, Xeon_platinum_8358_firmware, Xeon_platinum_8358p_firmware, Xeon_platinum_8360h_firmware, Xeon_platinum_8360hl_firmware, Xeon_platinum_8360y_firmware, Xeon_platinum_8362_firmware, Xeon_platinum_8368_firmware, Xeon_platinum_8376h_firmware, Xeon_platinum_8376hl_firmware, Xeon_platinum_8380_firmware, Xeon_platinum_8380h_firmware, Xeon_platinum_8380hl_firmware, Xeon_silver_4309y_firmware, Xeon_silver_4310_firmware, Xeon_silver_4310t_firmware, Xeon_silver_4314_firmware, Xeon_silver_4316_firmware, Affa900_firmware, Fas2820_firmware, Fas9500_firmware
|
7.8
|
|
|
2014-04-14
|
CVE-2014-2851
|
Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.
|
Debian_linux, Linux_kernel
|
N/A
|
|
|
2019-09-17
|
CVE-2019-14835
|
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
|
Ubuntu_linux, Debian_linux, Fedora, Imanager_neteco, Imanager_neteco_6000, Manageone, Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform, Virtualization, Virtualization_host
|
7.8
|
|
|
2022-03-25
|
CVE-2022-1049
|
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
|
Pcs, Debian_linux
|
8.8
|
|
|
2019-10-09
|
CVE-2019-17362
|
In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
|
Debian_linux, Libtomcrypt
|
9.1
|
|
|
2019-11-04
|
CVE-2013-4412
|
slim has NULL pointer dereference when using crypt() method from glibc 2.17
|
Slim, Debian_linux
|
7.5
|
|
|
2022-12-14
|
CVE-2022-46344
|
A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.
|
Debian_linux, Fedora, X_server
|
8.8
|
|
|
2023-08-22
|
CVE-2020-19189
|
Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
Debian_linux, Ncurses, Active_iq_unified_manager
|
6.5
|
|
|
2023-09-06
|
CVE-2023-4015
|
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used.
We recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2.
|
Debian_linux, Linux_kernel
|
7.8
|
|
|
2023-10-09
|
CVE-2023-43641
|
libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain...
|
Debian_linux, Fedora, Libcue
|
8.8
|
|
|