Filtered by vendor Linux Subscriptions
Total 12743 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-51782 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-11-21 7.0 High
An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.
CVE-2023-51781 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-11-21 7.0 High
An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.
CVE-2023-51780 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2024-11-21 7.0 High
An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.
CVE-2023-51043 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 7.0 High
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.
CVE-2023-51042 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Logging and 2 more 2024-11-21 7.8 High
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2023-4688 4 Acronis, Apple, Linux and 1 more 4 Agent, Macos, Linux Kernel and 1 more 2024-11-21 5.5 Medium
Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.
CVE-2023-4553 3 Linux, Microsoft, Opentext 3 Linux Kernel, Windows, Appbuilder 2024-11-21 5.3 Medium
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2.
CVE-2023-4551 3 Linux, Microsoft, Opentext 3 Linux Kernel, Windows, Appbuilder 2024-11-21 7.2 High
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating system commands into the executing process. This issue affects AppBuilder: from 21.2 before 23.2.
CVE-2023-4550 3 Linux, Microsoft, Opentext 3 Linux Kernel, Windows, Appbuilder 2024-11-21 7.5 High
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2.
CVE-2023-4389 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 7 High
A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.
CVE-2023-4335 3 Broadcom, Intel, Linux 4 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 and 1 more 2024-11-21 7.5 High
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux
CVE-2023-4328 2 Broadcom, Linux 2 Raid Controller Web Interface, Linux Kernel 2024-11-21 5.5 Medium
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows
CVE-2023-4327 2 Broadcom, Linux 2 Raid Controller Web Interface, Linux Kernel 2024-11-21 5.5 Medium
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux
CVE-2023-49328 2 Linux, Wolterskluwer 2 Linux Kernel, B.point 2024-11-21 7.2 High
On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module.
CVE-2023-49322 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
CVE-2023-49321 4 Apple, F-secure, Linux and 1 more 10 Macos, Atlant, Client Security and 7 more 2024-11-21 5.3 Medium
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.
CVE-2023-49106 3 Hitachi, Linux, Microsoft 3 Device Manager, Linux Kernel, Windows 2024-11-21 4.6 Medium
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.
CVE-2023-47707 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 271522.
CVE-2023-47706 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 6.6 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: 271341.
CVE-2023-47705 3 Ibm, Linux, Microsoft 4 Aix, Security Guardium Key Lifecycle Manager, Linux Kernel and 1 more 2024-11-21 4.3 Medium
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation. IBM X-Force ID: 271228.