Filtered by vendor Linux
                         Subscriptions
                    
                    
                
                    Total
                    14620 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2020-36385 | 4 Linux, Netapp, Redhat and 1 more | 26 Linux Kernel, H300e, H300e Firmware and 23 more | 2024-11-21 | 7.8 High | 
| An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | ||||
| CVE-2020-36322 | 4 Debian, Linux, Redhat and 1 more | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-11-21 | 5.5 Medium | 
| An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. | ||||
| CVE-2020-36313 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High | 
| An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h, and virt/kvm/kvm_main.c. | ||||
| CVE-2020-36312 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium | 
| An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d. | ||||
| CVE-2020-36311 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium | 
| An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. | ||||
| CVE-2020-36310 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium | 
| An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52. | ||||
| CVE-2020-36281 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High | 
| Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. | ||||
| CVE-2020-36279 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High | 
| Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. | ||||
| CVE-2020-36278 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High | 
| Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. | ||||
| CVE-2020-36277 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 7.5 High | 
| Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c. | ||||
| CVE-2020-36158 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2024-11-21 | 8.8 High | 
| mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | ||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2024-11-21 | 6.5 Medium | 
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | ||||
| CVE-2020-35963 | 2 Linux, Treasuredata | 2 Linux Kernel, Fluent Bit | 2024-11-21 | 7.8 High | 
| flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion. | ||||
| CVE-2020-35753 | 3 Linux, Microsoft, Persis | 3 Linux Kernel, Windows, Human Resource Management Portal | 2024-11-21 | 6.1 Medium | 
| The job posting recommendation form in Persis Human Resource Management Portal (Versions 17.2.00 through 17.2.35 and 19.0.00 through 19.0.20), when the "Recommend job posting" function is enabled, allows XSS via the SENDER parameter. | ||||
| CVE-2020-35712 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2024-11-21 | 9.8 Critical | 
| Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations. | ||||
| CVE-2020-35519 | 2 Linux, Netapp | 20 Linux Kernel, Cloud Backup, H300e and 17 more | 2024-11-21 | 7.8 High | 
| An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2020-35513 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Extras Rt | 2024-11-21 | 4.9 Medium | 
| A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service. | ||||
| CVE-2020-35512 | 2 Freedesktop, Linux | 2 Dbus, Linux Kernel | 2024-11-21 | 7.8 High | 
| A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors | ||||
| CVE-2020-35508 | 3 Linux, Netapp, Redhat | 34 Linux Kernel, A700s, A700s Firmware and 31 more | 2024-11-21 | 4.5 Medium | 
| A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. | ||||
| CVE-2020-35501 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 3.4 Low | 
| A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem | ||||