linuxfoundation

523 tracked vulnerabilities.

CVE-2020-26273 MEDIUM
osquery < 4.6.0 - Arbitrary File Write via SQLite ATTACH Verb
Dec 16, 2020
CVSS 5.2
EPSS 0.00
CVE-2020-9301 HIGH
Spinnaker < 1.21.5 - Authenticated Arbitrary File Read and Write via SpEL Expression Handling
Dec 11, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-15257 MEDIUM
containerd <1.3.9 and <1.4.3 - Privilege Escalation
Dec 01, 2020
CVSS 5.2
EPSS 0.12
CVE-2020-26892 CRITICAL
NATS nats-server <2.1.9 - Info Disclosure
Nov 06, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-26521 HIGH
nats-server < 2.1.9 - Denial of Service via JWT Library Nil Dereference
Nov 06, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-15157 MEDIUM
containerd <1.2.14 - Info Disclosure
Oct 16, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26149 HIGH
NATS nats.js < 2.0.0-209, nats.ws < 1.0.0-111, and nats.deno < 1.0.0-9 - Insufficiently Protected Credentials
Sep 30, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-13794 MEDIUM
Harbor 1.9.0-2.0.2 - Unauthenticated Exposure of Sensitive Information
Sep 30, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-15163 HIGH
Python TUF < 0.12.0 - Insufficient Verification of Data Authenticity
Sep 09, 2020
CVSS 8.7
EPSS 0.00
CVE-2020-15687 HIGH
ACRN 1.6.1 and 2.0 - Denial of Service via PCIe Assign/De-Assign Hypercalls
Aug 31, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-13788 MEDIUM
Harbor < 2.0.1 - Server-Side Request Forgery via Project Edit
Jul 15, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-11081 MEDIUM
osquery <4.4.0 - Privilege Escalation
Jul 10, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-10753 MEDIUM
Red Hat Ceph Storage RadosGW - HTTP Header Injection
Jun 26, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-10736 HIGH
Ceph 15.2.0-15.2.1 - Authenticated Authorization Bypass in ceph-mon and ceph-mgr
Jun 22, 2020
CVSS 8.0
EPSS 0.00
CVE-2020-10750 HIGH
jaegertracing/jaeger <1.18.1 - Info Disclosure
Jun 19, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-11090 HIGH
Indy Node 1.12.2 - Uncontrolled Resource Consumption via Malformed TAA Transaction
Jun 11, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-10749 MEDIUM
containernetworking/plugins <0.8.6 - Privilege Escalation
Jun 03, 2020
CVSS 6.0
EPSS 0.06
CVE-2020-12831 MEDIUM
FRRouting FRR <7.3.1 - Info Disclosure
May 13, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-1760 MEDIUM
Ceph < 14.2.21 - Cross-Site Scripting via Anonymous S3 Request Handling
Apr 23, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-12059 HIGH
Ceph < 13.2.9 - Denial of Service via Invalid Tagging XML
Apr 22, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-1699 HIGH
Ceph 14.2.5-14.2.6 and 15.0.0 - Unauthenticated Path Traversal
Apr 21, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-1759 MEDIUM
Red Hat Ceph Storage 4-Red Hat Openshift Container Storage 4.2 - Co...
Apr 13, 2020
CVSS 6.4
EPSS 0.00
CVE-2020-1887 CRITICAL
osquery 2.9.0-4.2.0 - Improper Certificate Validation
Mar 13, 2020
CVSS 9.1
EPSS 0.00
CVE-2020-5259 HIGH
dojox < 1.11.10 - Prototype Pollution via jqMix Method
Mar 10, 2020
CVSS 7.7
EPSS 0.00
CVE-2020-5258 HIGH
dojo < 1.11.10 - Prototype Pollution via deepCopy Method
Mar 10, 2020
CVSS 7.7
EPSS 0.02
Products
yocto 114 pytorch 31 everest 29 nats-server 24 harbor 23 magma 22 containerd 16 runc 16 iot-yocto 15 cups-filters 14 backstage 13 dragonfly 13 open_network_operating_system 11 onnx 10 ceph 8 kubeedge 8 spinnaker 8 tekton_pipelines 8 automotive_grade_linux 6 cubefs 6 edge_virtualization_engine 5 foomatic-filters 5 osquery 5 dex 4 grpc_swift 4 indy-node 4 materialx 4 opendaylight 4 rekor 4 the_update_framework 4
Quick Filters
Critical CVEs With Exploits In CISA KEV