Skip to main content

Solidfire Baseboard Management Controller Firmware

61 CVEs product

Monthly

CVE-2021-42252 HIGH PATCH This Week

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel H300s Firmware H500s Firmware +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-42008 HIGH POC PATCH This Week

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Memory Corruption Linux Kernel H300s Firmware +9
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2021-41864 HIGH PATCH This Week

prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Integer Overflow Linux Kernel Fedora +13
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-22947 MEDIUM POC PATCH This Month

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Curl Fedora Debian Linux Cloud Backup +22
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2021-22946 HIGH POC PATCH This Week

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Curl Debian Linux Fedora Cloud Backup +25
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2021-22945 CRITICAL POC PATCH Act Now

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Libcurl Fedora Cloud Backup Clustered Data Ontap +13
NVD
CVSS 3.1
9.1
EPSS
6.2%
CVE-2021-22924 LOW POC PATCH Monitor

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Libcurl Fedora Debian Linux Cloud Backup +29
NVD
CVSS 3.1
3.7
EPSS
6.3%
CVE-2021-3612 HIGH PATCH This Week

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Enterprise Linux Fedora +14
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-22901 HIGH POC PATCH THREAT This Week

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Use After Free OpenSSL Memory Corruption RCE Curl +25
NVD GitHub
CVSS 3.1
8.1
EPSS
60.1%
CVE-2021-22897 MEDIUM POC PATCH This Month

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Curl Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Function Cloud Native Environment Communications Cloud Native Core Network Repository Function +18
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-22543 HIGH POC This Week

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. Rated high severity (CVSS 8.7). Public exploit code available and no vendor patch available.

Buffer Overflow Privilege Escalation Linux Kernel Fedora Debian Linux +10
NVD GitHub
CVSS 4.0
8.7
EPSS
0.7%
CVE-2021-33574 CRITICAL POC Act Now

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Glibc Fedora +11
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-31440 HIGH PATCH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. Rated high severity (CVSS 7.0).

Linux RCE Linux Kernel Solidfire Baseboard Management Controller Firmware Cloud Backup +7
NVD
CVSS 3.1
7.0
EPSS
1.8%
CVE-2021-32399 HIGH POC PATCH This Week

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Information Disclosure Race Condition Linux Kernel Debian Linux +9
NVD GitHub
CVSS 3.1
7.0
EPSS
0.7%
CVE-2021-3501 HIGH PATCH This Week

A flaw was found in the Linux kernel in versions before 5.12. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Enterprise Linux +17
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2021-23133 HIGH POC PATCH This Week

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Privilege Escalation Race Condition Linux Kernel Fedora +13
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2021-3506 HIGH PATCH This Week

An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure Linux Kernel Debian Linux +10
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2021-28972 MEDIUM PATCH This Month

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel Fedora Cloud Backup +2
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2021-28971 MEDIUM PATCH This Month

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Intel Denial Of Service Linux Kernel Fedora +5
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2021-28964 MEDIUM This Month

A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Denial Of Service Race Condition Linux Kernel Fedora +5
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2021-28952 HIGH PATCH This Week

An issue was discovered in the Linux kernel through 5.11.8. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel Fedora Cloud Backup +4
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2021-28951 MEDIUM PATCH This Month

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Fedora A250 Firmware +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-28660 HIGH PATCH This Week

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption Linux Kernel Fedora +10
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-28375 HIGH PATCH This Week

An issue was discovered in the Linux kernel through 5.11.6. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Linux Authentication Bypass Linux Kernel Fedora Cloud Backup +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-27365 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Memory Corruption Linux Kernel Debian Linux +2
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2021-27364 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure Linux Kernel Debian Linux +3
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2021-27363 MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel through 5.11.3. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Debian Linux Cloud Backup +1
NVD
CVSS 3.1
4.4
EPSS
0.7%
CVE-2021-28039 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel Xen Cloud Backup +1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-28038 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Linux Denial Of Service Linux Kernel Debian Linux Cloud Backup +1
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-27825 MEDIUM PATCH This Month

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). Rated medium severity (CVSS 5.7).

Race Condition Denial Of Service Linux Linux Kernel Enterprise Linux +5
NVD
CVSS 3.1
5.7
EPSS
0.3%
CVE-2020-27350 MEDIUM This Month

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Advanced Package Tool Solidfire Baseboard Management Controller Firmware
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2020-29661 HIGH PATCH This Week

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Memory Corruption Information Disclosure Linux Kernel +11
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-29660 MEDIUM POC PATCH This Month

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Memory Corruption Information Disclosure Linux Kernel +10
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2020-25692 HIGH PATCH This Week

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Openldap Enterprise Linux Cloud Backup +1
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-14305 HIGH POC PATCH This Week

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Denial Of Service Linux Memory Corruption Linux Kernel +5
NVD
CVSS 3.1
8.1
EPSS
5.1%
CVE-2020-29370 HIGH POC PATCH This Week

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Information Disclosure Linux Kernel Cloud Backup +5
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2020-15436 MEDIUM POC This Month

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free Linux Memory Corruption Linux Kernel +18
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2020-14356 HIGH POC PATCH This Week

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Enterprise Linux +8
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-13143 MEDIUM PATCH This Month

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure Linux Kernel Leap +22
NVD
CVSS 3.1
6.5
EPSS
4.5%
CVE-2020-12888 MEDIUM This Month

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. Rated medium severity (CVSS 5.3). No vendor patch available.

Linux Information Disclosure Linux Kernel Fedora Leap +22
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2020-8832 MEDIUM This Month

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Ubuntu Linux Intel Information Disclosure Ubuntu Linux +31
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-9383 HIGH PATCH This Week

An issue was discovered in the Linux kernel 3.16 through 5.5.6. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure Linux Kernel Debian Linux +10
NVD GitHub
CVSS 3.1
7.1
EPSS
0.7%
CVE-2019-19448 HIGH POC This Week

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel +17
NVD GitHub
CVSS 3.1
7.8
EPSS
2.1%
CVE-2019-14815 HIGH PATCH This Week

A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Linux Linux Kernel Codeready Linux Builder Eus +16
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-19063 MEDIUM PATCH This Month

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Sd Wan Edge Ubuntu Linux +15
NVD GitHub
CVSS 3.1
4.6
EPSS
0.9%
CVE-2019-19061 HIGH PATCH This Week

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Active Iq Unified Manager +12
NVD GitHub
CVSS 3.1
7.5
EPSS
3.3%
CVE-2019-19060 HIGH PATCH This Week

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Active Iq Unified Manager Aff Baseboard Management Controller +13
NVD GitHub
CVSS 3.1
7.5
EPSS
3.8%
CVE-2019-19057 LOW PATCH Monitor

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux +15
NVD GitHub
CVSS 3.1
3.3
EPSS
0.8%
CVE-2019-19054 MEDIUM PATCH This Month

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel Ubuntu Linux Fedora +14
NVD GitHub
CVSS 3.1
4.7
EPSS
0.4%
CVE-2019-19053 HIGH PATCH This Week

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Active Iq Unified Manager +12
NVD GitHub
CVSS 3.1
7.5
EPSS
3.3%
CVE-2019-19052 HIGH PATCH This Week

A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Sd Wan Edge Ubuntu Linux +15
NVD GitHub
CVSS 3.1
7.5
EPSS
5.4%
CVE-2019-19044 HIGH PATCH This Week

Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel Active Iq Unified Manager Aff Baseboard Management Controller +12
NVD GitHub
CVSS 3.1
7.5
EPSS
4.1%
CVE-2019-14591 MEDIUM This Month

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14590 MEDIUM This Month

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure Graphics Driver Cloud Backup +3
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-14574 MEDIUM This Month

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Information Disclosure Graphics Driver +4
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-11113 MEDIUM This Month

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure Graphics Driver Cloud Backup +3
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2019-11111 HIGH This Week

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service Intel Graphics Driver +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-11089 MEDIUM This Month

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver Cloud Backup Data Availability Services +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-2215 HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure Memory Corruption Android +76
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
72.1%
CVE-2019-5481 CRITICAL PATCH Act Now

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Curl Fedora Cloud Backup Steelstore +8
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2019-15118 MEDIUM PATCH This Month

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Ubuntu Linux Debian Linux +7
NVD
CVSS 3.1
5.5
EPSS
0.8%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel +9
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Memory Corruption +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Linux Integer Overflow +15
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM POC PATCH This Month

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Curl Fedora +24
NVD
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Curl Debian Linux +27
NVD
EPSS 6% CVSS 9.1
CRITICAL POC PATCH Act Now

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Libcurl Fedora +15
NVD
EPSS 6% CVSS 3.7
LOW POC PATCH Monitor

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Libcurl Fedora +31
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel +16
NVD
EPSS 60% CVSS 8.1
HIGH POC PATCH THREAT This Week

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Use After Free OpenSSL Memory Corruption +27
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Curl Communications Cloud Native Core Binding Support Function +20
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. Rated high severity (CVSS 8.7). Public exploit code available and no vendor patch available.

Buffer Overflow Privilege Escalation Linux Kernel +12
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +13
NVD
EPSS 2% CVSS 7.0
HIGH PATCH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. Rated high severity (CVSS 7.0).

Linux RCE Linux Kernel +9
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Information Disclosure Race Condition +11
NVD GitHub
EPSS 0% CVSS 7.1
HIGH PATCH This Week

A flaw was found in the Linux kernel in versions before 5.12. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption +19
NVD
EPSS 0% CVSS 7.0
HIGH POC PATCH This Week

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. Rated high severity (CVSS 7.0). Public exploit code available.

Linux Privilege Escalation Race Condition +15
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure +12
NVD
EPSS 1% CVSS 6.7
MEDIUM PATCH This Month

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Intel Denial Of Service +7
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. Rated medium severity (CVSS 4.7). No vendor patch available.

Linux Denial Of Service Race Condition +7
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in the Linux kernel through 5.11.8. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Linux Linux Kernel +6
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel +6
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Linux Memory Corruption +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in the Linux kernel through 5.11.6. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Linux Authentication Bypass Linux Kernel +3
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Memory Corruption +4
NVD
EPSS 1% CVSS 7.1
HIGH POC PATCH This Week

An issue was discovered in the Linux kernel through 5.11.3. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Information Disclosure +5
NVD
EPSS 1% CVSS 4.4
MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel through 5.11.3. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Linux Denial Of Service Linux Kernel +3
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Linux Denial Of Service Linux Kernel +3
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). Rated medium severity (CVSS 5.7).

Race Condition Denial Of Service Linux +7
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Advanced Package Tool +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Memory Corruption +13
NVD
EPSS 0% CVSS 4.4
MEDIUM POC PATCH This Month

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Memory Corruption +12
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Openldap +3
NVD
EPSS 5% CVSS 8.1
HIGH POC PATCH This Week

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Denial Of Service Linux +7
NVD
EPSS 1% CVSS 7.0
HIGH POC PATCH This Week

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Information Disclosure +7
NVD
EPSS 1% CVSS 6.7
MEDIUM POC This Month

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free Linux +20
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Linux Null Pointer Dereference Denial Of Service +10
NVD
EPSS 5% CVSS 6.5
MEDIUM PATCH This Month

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure +24
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. Rated medium severity (CVSS 5.3). No vendor patch available.

Linux Information Disclosure Linux Kernel +24
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Ubuntu Linux Intel +33
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An issue was discovered in the Linux kernel 3.16 through 5.5.6. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Linux Information Disclosure +12
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC This Week

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Linux Information Disclosure +19
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Heap Overflow Linux +18
NVD GitHub
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +17
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +14
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +15
NVD GitHub
EPSS 1% CVSS 3.3
LOW PATCH Monitor

Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel +17
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated medium severity (CVSS 4.7).

Denial Of Service Linux Linux Kernel +16
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +14
NVD GitHub
EPSS 5% CVSS 7.5
HIGH PATCH This Week

A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +17
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Linux Kernel +14
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Information Disclosure +5
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel +6
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Intel Information Disclosure +5
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Graphics Driver +4
NVD
EPSS 72% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure +78
NVD Exploit-DB
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Curl Fedora +10
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel +9
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy