linuxfoundation

523 tracked vulnerabilities.

CVE-2024-25626 HIGH
Yocto Project < 3.1.31 - Unauthenticated Remote Code Execution via Toaster HTTP Request
Feb 19, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21626 HIGH
runc (docker) File Descriptor Leak Privilege Escalation
Jan 31, 2024
CVSS 8.6
EPSS 0.05
CVE-2024-23656 HIGH
dex 2.37.0-2.37.x - Algorithm Downgrade via TLS Config Ignore
Jan 25, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-22424 HIGH
Argo CD <2.10-rc2, 2.9.4, 2.8.8, 2.7.15 - CSRF
Jan 19, 2024
CVSS 8.3
EPSS 0.00
CVE-2023-37038 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Uplink NAS Transport Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37037 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP S1Setup Request Missing Supported TAs Field
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37036 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Uplink NAS Transport Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37034 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Initial UE Message Missing TAI Field
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37033 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Initial UE Message Missing EUTRAN_CGI Field
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37032 HIGH
Magma <= 1.8.0 - Unauthenticated Denial of Service via Oversized Emergency Number List NAS Packet
Jan 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2023-37031 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP eNB Configuration Transfer Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37030 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Initial UE Message Missing eNB_UE_S1AP_ID
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37029 HIGH
Magma <= 1.8.0 - Denial of Service via Oversized NAS Packet
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2023-37028 MEDIUM
Magma <= 1.8.0 - Null Pointer Dereference via S1AP E-RAB Modification Indication Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37027 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP E-RAB Modification Indication Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37026 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP E-RAB Release Response Packet
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37025 MEDIUM
Magma <= 1.8.0 - Denial of Service via S1AP Reset Packet Missing ResetType Field
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2023-37024 HIGH
Magma <= 1.8.0 - Unauthenticated Denial of Service via Emergency Number List NAS Packet
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2023-27584 CRITICAL NUCLEI
Dragonfly < 2.0.9 and v2 >=2.1.0-alpha.0 <2.1.0-beta.1 - Authentication Bypass via Hard-coded JWT Secret Key
Sep 19, 2024
CVSS 9.8
EPSS 0.66
CVE-2023-32871 MEDIUM
Yocto - Local Privilege Escalation via Incorrect Status Check
May 06, 2024
CVSS 5.3
EPSS 0.00
CVE-2023-52728 MEDIUM
onos-lib-go 0.10.25 - Index Out-of-Range Write in putBitString
Apr 30, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-52727 HIGH
onos-lib-go 0.10.25 - Out-of-bounds Read in parseAlignBits
Apr 30, 2024
CVSS 8.1
EPSS 0.00
CVE-2023-52726 MEDIUM
onos-ric-sdk-go 0.8.12 - Denial of Service via Infinite Loop in Subscribe Function
Apr 30, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-52725 MEDIUM
onos-kpimon 0.4.7 - Denial of Service via errCh Channel Blocking
Apr 30, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-52724 HIGH
onos-kpimon 0.4.7 - Out-of-bounds Write in processIndicationFormat1
Apr 30, 2024
CVSS 8.1
EPSS 0.00
Products
yocto 114 pytorch 31 everest 29 nats-server 24 harbor 23 magma 22 containerd 16 runc 16 iot-yocto 15 cups-filters 14 backstage 13 dragonfly 13 open_network_operating_system 11 onnx 10 ceph 8 kubeedge 8 spinnaker 8 tekton_pipelines 8 automotive_grade_linux 6 cubefs 6 edge_virtualization_engine 5 foomatic-filters 5 osquery 5 dex 4 grpc_swift 4 indy-node 4 materialx 4 opendaylight 4 rekor 4 the_update_framework 4
Quick Filters
Critical CVEs With Exploits In CISA KEV