Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:-
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-43903 |
IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894. Published: September 04, 2023; 8:15:07 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-3297 |
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. Published: September 01, 2023; 5:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-4688 |
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433. Published: August 31, 2023; 5:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-41750 |
Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 32047. Published: August 31, 2023; 5:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-41745 |
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. Published: August 31, 2023; 2:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-41742 |
Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979. Published: August 31, 2023; 11:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-33835 |
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 256015. Published: August 31, 2023; 10:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-33834 |
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain sensitive information that could aid in further attacks against the system. IBM X-force ID: 256014. Published: August 31, 2023; 10:15:08 AM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-33833 |
IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. IBM X-Force ID: 256013. Published: August 31, 2023; 9:15:42 AM -0400 |
V3.1: 3.3 LOW V2.0:(not available) |
CVE-2023-20900 |
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . Published: August 31, 2023; 6:15:08 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-4611 |
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak. Published: August 29, 2023; 6:15:09 PM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2023-1995 |
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W , before 09-66-/Q ; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02. Published: August 28, 2023; 10:15:07 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-4569 |
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. Published: August 28, 2023; 6:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-33850 |
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132. Published: August 22, 2023; 5:15:07 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-4459 |
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. Published: August 21, 2023; 3:15:09 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-2971 |
Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. Published: August 19, 2023; 2:15:47 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-2318 |
DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText. Published: August 19, 2023; 2:15:46 AM -0400 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
CVE-2023-2317 |
DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in <embed> tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. Published: August 19, 2023; 2:15:46 AM -0400 |
V3.1: 9.6 CRITICAL V2.0:(not available) |
CVE-2023-2316 |
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora. Published: August 19, 2023; 2:15:46 AM -0400 |
V3.1: 7.4 HIGH V2.0:(not available) |
CVE-2023-2110 |
Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian. Published: August 19, 2023; 2:15:45 AM -0400 |
V3.1: 7.1 HIGH V2.0:(not available) |