Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-20746
In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519217.
Linuxfoundation Iot-yocto 22.2
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
4.4
CVSSv3
CVE-2023-20747
In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.
Linuxfoundation Iot-yocto 22.2
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.7
CVSSv3
CVE-2023-20738
In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.
Linuxfoundation Iot-yocto 22.2
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.7
CVSSv3
CVE-2023-20744
In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519200.
Linuxfoundation Iot-yocto 22.2
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
6.7
CVSSv3
CVE-2023-32855
In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.
Linuxfoundation Yocto 2.6
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Rdkcentral Rdk-b 2022q3
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02
4.3
CVSSv3
CVE-2020-13788
Harbor before 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
Linuxfoundation Harbor
4.3
CVSSv3
CVE-2020-13794
Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.
Linuxfoundation Harbor
9.8
CVSSv3
CVE-2021-43832
Spinnaker is an open source, multi-cloud continuous delivery platform. Spinnaker has improper permissions allowing pipeline creation & execution. This lets an arbitrary user with access to the gate endpoint to create a pipeline and execute it without authentication. If users ...
Linuxfoundation Spinnaker
6.5
CVSSv3
CVE-2021-32662
Backstage is an open platform for building developer portals, and techdocs-common contains common functionalities for Backstage's TechDocs. In `@backstage/techdocs-common` versions before 0.6.3, a malicious actor could read sensitive files from the environment where TechDocs...
Linuxfoundation Backstage
6.5
CVSSv3
CVE-2021-21369
Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. In Besu before version 1.5.1 there is a denial-of-service vulnerability involving the HTTP JSON-RPC API service. If username and password authentication is enabled for the HTTP JSON-RPC API s...
Linuxfoundation Besu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »