Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:-
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-1192 |
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. Published: November 01, 2023; 4:15:08 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-5178 |
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Published: November 01, 2023; 1:15:11 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-5847 |
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts. Published: November 01, 2023; 12:15:08 PM -0400 |
V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2023-47104 |
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. NOTE: this issue exists because of an incomplete fix for CVE-2020-36767, which only considered single and double quote characters. Published: October 30, 2023; 3:15:08 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2020-36767 |
tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data. Published: October 30, 2023; 3:15:07 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-46862 |
An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. Published: October 29, 2023; 12:15:11 AM -0400 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-46813 |
An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. Published: October 26, 2023; 11:15:08 PM -0400 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-43506 |
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance. Published: October 25, 2023; 2:17:31 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42031 |
IBM TXSeries for Multiplatforms, 8.1, 8.2, and 9.1, CICS TX Standard CICS TX Advanced 10.1 and 11.1 could allow a privileged user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 266016. Published: October 25, 2023; 2:17:31 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-5633 |
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges. Published: October 23, 2023; 6:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-40373 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574. Published: October 16, 2023; 8:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-40372 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499. Published: October 16, 2023; 8:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38719 |
IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607. Published: October 16, 2023; 8:15:10 PM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-40374 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575. Published: October 16, 2023; 7:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-30991 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 254037. Published: October 16, 2023; 7:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38740 |
IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613. Published: October 16, 2023; 6:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38728 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258. Published: October 16, 2023; 6:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38720 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616. Published: October 16, 2023; 5:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-30987 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain databases. IBM X-Force ID: 253440. Published: October 16, 2023; 5:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-45898 |
The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent. Published: October 15, 2023; 11:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |