• git://
#Vulnerabilities 3648
Date Id Summary Products Score Patch Annotated
2020-07-15 CVE-2020-14591 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS... Fedora, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql 6.5
2020-09-23 CVE-2020-25602 An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the basis for auditing the guest access. For the MISC_ENABLE MSR, which is an Intel specific MSR, this MSR read is performed without error handling for a #GP fault, which is the consequence of trying to read this MSR on non-Intel hardware. A buggy or... Debian_linux, Fedora, Leap, Xen 6.0
2020-09-23 CVE-2020-25604 An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to release a lock that it didn't acquire. The most likely effect of the issue is a hang or crash of the hypervisor, i.e., a Denial of Service (DoS). All versions of Xen are affected. Only x86 systems are vulnerable. Arm... Debian_linux, Fedora, Leap, Xen 4.7
2022-01-14 CVE-2021-46019 An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Fedora, Recutils 5.5
2022-01-14 CVE-2021-46021 An Use-After-Free vulnerability in rec_record_destroy() at rec-record.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Fedora, Recutils 5.5
2022-01-14 CVE-2021-46022 An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash. Fedora, Recutils 5.5
2022-02-14 CVE-2021-45444 In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. Mac_os_x, Macos, Debian_linux, Fedora, Zsh 7.8
2022-02-14 CVE-2022-0572 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Debian_linux, Fedora, Vim 7.8
2022-03-25 CVE-2021-4147 A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition. Fedora, Ontap_select_deploy_administration_utility, Libvirt 6.5
2021-05-24 CVE-2020-26558 Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the... Bluetooth_core_specification, Debian_linux, Fedora, Ac_1550_firmware, Ac_3165_firmware, Ac_3168_firmware, Ac_7265_firmware, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9461_firmware, Ac_9462_firmware, Ac_9560_firmware, Ax1650_firmware, Ax1675_firmware, Ax200_firmware, Ax201_firmware, Ax210_firmware, Linux_kernel 4.2