• git://
#Vulnerabilities 4080
Date Id Summary Products Score Patch Annotated
2024-06-04 CVE-2022-28652 ~/.config/apport/settings parsing is vulnerable to "billion laughs" attack Apport, Ubuntu_linux 5.5
2024-06-04 CVE-2022-28654 is_closing_session() allows users to fill up apport.log Apport, Ubuntu_linux 5.5
2024-06-04 CVE-2022-28655 is_closing_session() allows users to create arbitrary tcp dbus connections Apport, Ubuntu_linux 7.1
2024-06-04 CVE-2022-28656 is_closing_session() allows users to consume RAM in the Apport process Apport, Ubuntu_linux 5.5
2024-06-04 CVE-2022-28657 Apport does not disable python crash handler before entering chroot Apport, Ubuntu_linux 7.8
2024-06-04 CVE-2022-28658 Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing Apport, Ubuntu_linux 5.5
2019-11-04 CVE-2019-18683 An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(),... Fabric_operating_system, Ubuntu_linux, Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Element_software, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 7.0
2014-09-28 CVE-2014-3186 Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report. Ubuntu_linux, Linux_kernel N/A
2015-03-16 CVE-2014-8159 The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/. Ubuntu_linux, Debian_linux, Linux_kernel N/A
2019-09-11 CVE-2019-16229 drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id Ubuntu_linux, Linux_kernel, Enterprise_linux 4.1