Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-41272
Besu is an Ethereum client written in Java. Starting in version 21.10.0, changes in the implementation of the SHL, SHR, and SAR operations resulted in the introduction of a signed type coercion error in values that represent negative values for 32 bit signed integers. Smart contr...
Linuxfoundation Besu 21.10.0
Linuxfoundation Besu 21.10.1
7.5
CVSSv3
CVE-2020-15687
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a co...
Linuxfoundation Acrn 1.6.1
Linuxfoundation Acrn 2.0
6.7
CVSSv3
CVE-2023-20732
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.
Linuxfoundation Yocto 3.1
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
4.4
CVSSv3
CVE-2023-20731
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.
Linuxfoundation Yocto 3.1
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
4.4
CVSSv3
CVE-2023-20728
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
Linuxfoundation Yocto 3.1
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Google Android 12.0
Google Android 13.0
8.5
CVSSv3
CVE-2023-22736
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, before 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the config...
Linuxfoundation Argo-cd 2.6.0
Linuxfoundation Argo-cd
8.8
CVSSv3
CVE-2023-22482
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions of Argo CD starting with v1.8.2 and before 2.3.13, 2.4.19, 2.5.6, and 2.6.0-rc-3 are vulnerable to an improper authorization bug causing the API to accept certain invalid tokens. OIDC providers inc...
Linuxfoundation Argo-cd 2.6.0
Linuxfoundation Argo-cd
6.5
CVSSv3
CVE-2022-24730
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 1.3.0 but prior to 2.1.11, 2.2.6, and 2.3.0 is vulnerable to a path traversal bug, compounded by an improper access control bug, allowing a malicious user with read-only reposi...
Linuxfoundation Argo-cd
Linuxfoundation Argo-cd 2.3.0
7.5
CVSSv3
CVE-2022-31006
indy-node is the server portion of Hyperledger Indy, a distributed ledger purpose-built for decentralized identity. In vulnerable versions of indy-node, an attacker can max out the number of client connections allowed by the ledger, leaving the ledger unable to be used for its in...
Linuxfoundation Indy-node
Linuxfoundation Indy-node 1.13.2
8.3
CVSSv3
CVE-2024-22424
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same pare...
Linuxfoundation Argo-cd
Linuxfoundation Argo-cd 2.10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »