Skip to main content
CVE-2019-17056 LOW PATCH Monitor

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Linux Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.6%
CVE-2019-17055 LOW PATCH Monitor

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Linux Linux Kernel Debian Linux Fedora +5
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-17054 LOW PATCH Monitor

atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Linux Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-17053 LOW PATCH Monitor

ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Linux Linux Kernel
NVD
CVSS 3.1
3.3
EPSS
0.5%
CVE-2019-17052 LOW PATCH Monitor

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Linux Linux Kernel Debian Linux Fedora +1
NVD
CVSS 3.1
3.3
EPSS
0.6%
CVE-2019-10433 LOW PATCH Monitor

Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Jenkins Information Disclosure Dingding
NVD
CVSS 3.1
3.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy