Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:-
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-45450 |
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984. Published: May 18, 2023; 6:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-33203 |
The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device. Published: May 18, 2023; 4:15:08 AM -0400 |
V3.1: 6.4 MEDIUM V2.0:(not available) |
CVE-2023-1859 |
A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. Published: May 17, 2023; 7:15:09 PM -0400 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-2124 |
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system. Published: May 15, 2023; 6:15:12 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-27863 |
IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325. Published: May 12, 2023; 3:15:08 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-2513 |
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. Published: May 08, 2023; 5:15:11 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32269 |
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. Published: May 05, 2023; 1:15:09 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2022-3405 |
Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. Published: May 03, 2023; 7:15:11 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-30995 |
Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545. Published: May 03, 2023; 7:15:11 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-41736 |
IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local user to obtain root privileges. IBM X-Force ID: 237810. Published: April 28, 2023; 11:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-26022 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. Published: April 28, 2023; 3:15:16 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-26021 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. Published: April 28, 2023; 3:15:16 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-27555 |
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 is vulnerable to a denial of service when attempting to use ACR client affinity for unfenced DRDA federation wrappers. IBM X-Force ID: 249187. Published: April 28, 2023; 2:15:26 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-25930 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. Published: April 28, 2023; 2:15:26 PM -0400 |
V3.1: 5.9 MEDIUM V2.0:(not available) |
CVE-2023-29255 |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. Published: April 27, 2023; 9:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-27559 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196. Published: April 26, 2023; 4:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-45456 |
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161. Published: April 26, 2023; 4:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-0458 |
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 Published: April 26, 2023; 3:15:08 PM -0400 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-29257 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011. Published: April 26, 2023; 9:15:08 AM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-2007 |
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Published: April 24, 2023; 7:15:18 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |