2015-01-21
|
CVE-2015-0413
|
Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.
|
Ubuntu_linux, Jdk, Jre, Suse_linux_enterprise_server
|
N/A
|
|
|
2020-07-29
|
CVE-2020-15705
|
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
|
Ubuntu_linux, Debian_linux, Grub2, Windows_10, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019, Leap, Enterprise_linux, Enterprise_linux_atomic_host, Openshift_container_platform, Suse_linux_enterprise_server
|
6.4
|
|
|
2018-11-07
|
CVE-2018-19052
|
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
|
Debian_linux, Lighttpd, Backports_sle, Leap, Suse_linux_enterprise_server
|
7.5
|
|
|
2020-02-04
|
CVE-2019-15624
|
Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
|
Nextcloud_server, Backports, Suse_linux_enterprise_server
|
4.9
|
|
|
2018-01-04
|
CVE-2017-5753
|
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
|
Cortex\-A12_firmware, Cortex\-A15_firmware, Cortex\-A17_firmware, Cortex\-A57_firmware, Cortex\-A72_firmware, Cortex\-A73_firmware, Cortex\-A75_firmware, Cortex\-A76_firmware, Cortex\-A77_firmware, Cortex\-A78_firmware, Cortex\-A78ae_firmware, Cortex\-A8_firmware, Cortex\-A9_firmware, Cortex\-R7_firmware, Cortex\-R8_firmware, Cortex\-X1_firmware, Neoverse_n1_firmware, Neoverse_n2_firmware, Ubuntu_linux, Debian_linux, Atom_c, Atom_e, Atom_x3, Atom_x5\-E3930, Atom_x5\-E3940, Atom_x7\-E3950, Atom_z, Celeron_j, Celeron_n, Core_i3, Core_i5, Core_i7, Core_m, Core_m3, Core_m5, Core_m7, Pentium_j, Pentium_n, Xeon, Xeon_bronze_3104, Xeon_bronze_3106, Xeon_e3, Xeon_e3_1105c_v2, Xeon_e3_1125c, Xeon_e3_1125c_v2, Xeon_e3_1220, Xeon_e3_12201, Xeon_e3_12201_v2, Xeon_e3_1220_v2, Xeon_e3_1220_v3, Xeon_e3_1220_v5, Xeon_e3_1220_v6, Xeon_e3_1220l_v3, Xeon_e3_1225, Xeon_e3_1225_v2, Xeon_e3_1225_v3, Xeon_e3_1225_v5, Xeon_e3_1225_v6, Xeon_e3_1226_v3, Xeon_e3_1230, Xeon_e3_1230_v2, Xeon_e3_1230_v3, Xeon_e3_1230_v5, Xeon_e3_1230_v6, Xeon_e3_1230l_v3, Xeon_e3_1231_v3, Xeon_e3_1235, Xeon_e3_1235l_v5, Xeon_e3_1240, Xeon_e3_1240_v2, Xeon_e3_1240_v3, Xeon_e3_1240_v5, Xeon_e3_1240_v6, Xeon_e3_1240l_v3, Xeon_e3_1240l_v5, Xeon_e3_1241_v3, Xeon_e3_1245, Xeon_e3_1245_v2, Xeon_e3_1245_v3, Xeon_e3_1245_v5, Xeon_e3_1245_v6, Xeon_e3_1246_v3, Xeon_e3_1258l_v4, Xeon_e3_1260l, Xeon_e3_1260l_v5, Xeon_e3_1265l_v2, Xeon_e3_1265l_v3, Xeon_e3_1265l_v4, Xeon_e3_1268l_v3, Xeon_e3_1268l_v5, Xeon_e3_1270, Xeon_e3_1270_v2, Xeon_e3_1270_v3, Xeon_e3_1270_v5, Xeon_e3_1270_v6, Xeon_e3_1271_v3, Xeon_e3_1275, Xeon_e3_1275_v2, Xeon_e3_1275_v3, Xeon_e3_1275_v5, Xeon_e3_1275_v6, Xeon_e3_1275l_v3, Xeon_e3_1276_v3, Xeon_e3_1278l_v4, Xeon_e3_1280, Xeon_e3_1280_v2, Xeon_e3_1280_v3, Xeon_e3_1280_v5, Xeon_e3_1280_v6, Xeon_e3_1281_v3, Xeon_e3_1285_v3, Xeon_e3_1285_v4, Xeon_e3_1285_v6, Xeon_e3_1285l_v3, Xeon_e3_1285l_v4, Xeon_e3_1286_v3, Xeon_e3_1286l_v3, Xeon_e3_1290, Xeon_e3_1290_v2, Xeon_e3_1501l_v6, Xeon_e3_1501m_v6, Xeon_e3_1505l_v5, Xeon_e3_1505l_v6, Xeon_e3_1505m_v5, Xeon_e5, Xeon_e5_1428l, Xeon_e5_1428l_v2, Xeon_e5_1428l_v3, Xeon_e5_1620, Xeon_e5_1620_v2, Xeon_e5_1620_v3, Xeon_e5_1620_v4, Xeon_e5_1630_v3, Xeon_e5_1630_v4, Xeon_e5_1650, Xeon_e5_1650_v2, Xeon_e5_1650_v3, Xeon_e5_1650_v4, Xeon_e5_1660, Xeon_e5_1660_v2, Xeon_e5_1660_v3, Xeon_e5_1660_v4, Xeon_e5_1680_v3, Xeon_e5_1680_v4, Xeon_e5_2403, Xeon_e5_2403_v2, Xeon_e5_2407, Xeon_e5_2407_v2, Xeon_e5_2408l_v3, Xeon_e5_2418l, Xeon_e5_2418l_v2, Xeon_e5_2418l_v3, Xeon_e5_2420, Xeon_e5_2420_v2, Xeon_e5_2428l, Xeon_e5_2428l_v2, Xeon_e5_2428l_v3, Xeon_e5_2430, Xeon_e5_2430_v2, Xeon_e5_2430l, Xeon_e5_2430l_v2, Xeon_e5_2438l_v3, Xeon_e5_2440, Xeon_e5_2440_v2, Xeon_e5_2448l, Xeon_e5_2448l_v2, Xeon_e5_2450, Xeon_e5_2450_v2, Xeon_e5_2450l, Xeon_e5_2450l_v2, Xeon_e5_2470, Xeon_e5_2470_v2, Xeon_e5_2603, Xeon_e5_2603_v2, Xeon_e5_2603_v3, Xeon_e5_2603_v4, Xeon_e5_2608l_v3, Xeon_e5_2608l_v4, Xeon_e5_2609, Xeon_e5_2609_v2, Xeon_e5_2609_v3, Xeon_e5_2609_v4, Xeon_e5_2618l_v2, Xeon_e5_2618l_v3, Xeon_e5_2618l_v4, Xeon_e5_2620, Xeon_e5_2620_v2, Xeon_e5_2620_v3, Xeon_e5_2620_v4, Xeon_e5_2623_v3, Xeon_e5_2623_v4, Xeon_e5_2628l_v2, Xeon_e5_2628l_v3, Xeon_e5_2628l_v4, Xeon_e5_2630, Xeon_e5_2630_v2, Xeon_e5_2630_v3, Xeon_e5_2630_v4, Xeon_e5_2630l, Xeon_e5_2630l_v2, Xeon_e5_2630l_v3, Xeon_e5_2630l_v4, Xeon_e5_2637, Xeon_e5_2637_v2, Xeon_e5_2637_v3, Xeon_e5_2637_v4, Xeon_e5_2640, Xeon_e5_2640_v2, Xeon_e5_2640_v3, Xeon_e5_2640_v4, Xeon_e5_2643, Xeon_e5_2643_v2, Xeon_e5_2643_v3, Xeon_e5_2643_v4, Xeon_e5_2648l, Xeon_e5_2648l_v2, Xeon_e5_2648l_v3, Xeon_e5_2648l_v4, Xeon_e5_2650, Xeon_e5_2650_v2, Xeon_e5_2650_v3, Xeon_e5_2650_v4, Xeon_e5_2650l, Xeon_e5_2650l_v2, Xeon_e5_2650l_v3, Xeon_e7, Xeon_e\-1105c, Xeon_gold, Xeon_phi, Xeon_platinum, Xeon_silver, Hci, Solidfire, Leap, Local_service_management_system, Solaris, Btc12_firmware, Btc14_firmware, Visunet_rm_shell, Bl2_bpc_1000_firmware, Bl2_bpc_2000_firmware, Bl2_bpc_7000_firmware, Bl2_ppc_1000_firmware, Bl2_ppc_2000_firmware, Bl2_ppc_7000_firmware, Bl_bpc_2000_firmware, Bl_bpc_2001_firmware, Bl_bpc_3000_firmware, Bl_bpc_3001_firmware, Bl_bpc_7000_firmware, Bl_bpc_7001_firmware, Bl_ppc12_1000_firmware, Bl_ppc15_1000_firmware, Bl_ppc15_3000_firmware, Bl_ppc15_7000_firmware, Bl_ppc17_1000_firmware, Bl_ppc17_3000_firmware, Bl_ppc17_7000_firmware, Bl_ppc_1000_firmware, Bl_ppc_7000_firmware, Bl_rackmount_2u_firmware, Bl_rackmount_4u_firmware, Dl_ppc15_1000_firmware, Dl_ppc15m_7000_firmware, Dl_ppc18\.5m_7000_firmware, Dl_ppc21\.5m_7000_firmware, El_ppc_1000\/m_firmware, El_ppc_1000\/wt_firmware, El_ppc_1000_firmware, Valueline_ipc_firmware, Vl2_bpc_1000_firmware, Vl2_bpc_2000_firmware, Vl2_bpc_3000_firmware, Vl2_bpc_7000_firmware, Vl2_bpc_9000_firmware, Vl2_ppc12_1000_firmware, Vl2_ppc7_1000_firmware, Vl2_ppc9_1000_firmware, Vl2_ppc_1000_firmware, Vl2_ppc_2000_firmware, Vl2_ppc_3000_firmware, Vl2_ppc_7000_firmware, Vl2_ppc_9000_firmware, Vl_bpc_1000_firmware, Vl_bpc_2000_firmware, Vl_bpc_3000_firmware, Vl_ipc_p7000_firmware, Vl_ppc_2000_firmware, Vl_ppc_3000_firmware, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware, Simatic_winac_rtx_\(F\)_2010_firmware, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Diskstation_manager, Router_manager, Skynas, Virtual_machine_manager, Vs360hd_firmware, Vs960hd_firmware, Esxi, Fusion, Workstation
|
5.6
|
|
|
2020-07-29
|
CVE-2020-15707
|
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code...
|
Ubuntu_linux, Debian_linux, Grub2, Windows_10, Windows_8\.1, Windows_rt_8\.1, Windows_server_2012, Windows_server_2016, Windows_server_2019, Active_iq_unified_manager, Leap, Enterprise_linux, Enterprise_linux_atomic_host, Openshift_container_platform, Suse_linux_enterprise_server
|
6.4
|
|
|
2016-05-24
|
CVE-2016-0264
|
Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.
|
Java_sdk, Enterprise_linux_desktop, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server, Enterprise_linux_server_eus, Enterprise_linux_workstation, Satellite, Linux_enterprise_server, Linux_enterprise_software_development_kit, Manager, Manager_proxy, Openstack_cloud, Suse_linux_enterprise_server
|
5.6
|
|
|
2020-01-09
|
CVE-2020-5504
|
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
|
Debian_linux, Phpmyadmin, Suse_linux_enterprise_server
|
8.8
|
|
|
2014-10-13
|
CVE-2014-8086
|
Race condition in the ext4_file_write_iter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service (file unavailability) via a combination of a write action and an F_SETFL fcntl operation for the O_DIRECT flag.
|
Linux_kernel, Suse_linux_enterprise_server
|
N/A
|
|
|
2014-11-10
|
CVE-2014-8559
|
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
|
Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Evergreen, Opensuse, Linux, Linux_enterprise_real_time_extension, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server
|
N/A
|
|
|