Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2875

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-11 Jun, 2007 | 22:00
Updated At-07 Aug, 2024 | 13:57
Rejected At-
Credits

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:11 Jun, 2007 | 22:00
Updated At:07 Aug, 2024 | 13:57
Rejected At:
▼CVE Numbering Authority (CNA)

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
third-party-advisory
x_refsource_IDEFENSE
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
x_refsource_CONFIRM
http://secunia.com/advisories/27227
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2105
vdb-entry
x_refsource_VUPEN
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/24389
vdb-entry
x_refsource_BID
http://www.debian.org/security/2007/dsa-1363
vendor-advisory
x_refsource_DEBIAN
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
x_refsource_CONFIRM
http://osvdb.org/37113
vdb-entry
x_refsource_OSVDB
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
vendor-advisory
x_refsource_MANDRIVA
http://www.ubuntu.com/usn/usn-510-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/26647
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26760
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0705.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/26620
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-489-1
vendor-advisory
x_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
vendor-advisory
x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
vdb-entry
signature
x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
vdb-entry
x_refsource_XF
http://www.securitytracker.com/id?1018211
vdb-entry
x_refsource_SECTRACK
http://www.ubuntu.com/usn/usn-486-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/26139
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/26133
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/27227
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/2105
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/24389
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.debian.org/security/2007/dsa-1363
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
Resource:
x_refsource_CONFIRM
Hyperlink: http://osvdb.org/37113
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.ubuntu.com/usn/usn-510-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/26647
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26760
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0705.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/26620
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securitytracker.com/id?1018211
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ubuntu.com/usn/usn-486-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/26139
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/26133
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/27227
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/2105
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.novell.com/linux/security/advisories/2007_53_kernel.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/24389
vdb-entry
x_refsource_BID
x_transferred
http://www.debian.org/security/2007/dsa-1363
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
x_refsource_CONFIRM
x_transferred
http://osvdb.org/37113
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.ubuntu.com/usn/usn-510-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/26647
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26760
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0705.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/26620
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-489-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
vdb-entry
signature
x_refsource_OVAL
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
vdb-entry
x_refsource_XF
x_transferred
http://www.securitytracker.com/id?1018211
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.ubuntu.com/usn/usn-486-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/26139
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/26133
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/27227
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2105
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/24389
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1363
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://osvdb.org/37113
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-510-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/26647
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26760
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0705.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/26620
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018211
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-486-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/26139
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/26133
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:11 Jun, 2007 | 22:30
Updated At:23 Apr, 2026 | 00:35

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches

Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions before 2.6.20.13(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions from 2.6.21(inclusive) to 2.6.21.4(exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>3.1
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.10
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13secalert@redhat.com
Vendor Advisory
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4secalert@redhat.com
Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541secalert@redhat.com
Broken Link
http://osvdb.org/37113secalert@redhat.com
Broken Link
http://secunia.com/advisories/26133secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/26139secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/26620secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/26647secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/26760secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/27227secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2007/dsa-1363secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196secalert@redhat.com
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_53_kernel.htmlsecalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0705.htmlsecalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/24389secalert@redhat.com
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018211secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-486-1secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-489-1secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-510-1secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2105secalert@redhat.com
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34779secalert@redhat.com
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251secalert@redhat.com
Third Party Advisory
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/37113af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/26133af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26139af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26620af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26647af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26760af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27227af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2007/dsa-1363af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:171af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:196af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_53_kernel.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0705.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/24389af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018211af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-486-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-489-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-510-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/2105af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34779af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://osvdb.org/37113
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/26133
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26139
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26620
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26647
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26760
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/27227
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2007/dsa-1363
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0705.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/24389
Source: secalert@redhat.com
Resource:
Patch
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018211
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-486-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-510-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/2105
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.13
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=541
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://osvdb.org/37113
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/26133
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26139
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26620
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26647
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/26760
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/27227
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2007/dsa-1363
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:171
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.novell.com/linux/security/advisories/2007_53_kernel.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0705.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/24389
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018211
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/usn-486-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-489-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-510-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/2105
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34779
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9251
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

388Records found

CVE-2022-21151
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.34% / 26.29%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Debian GNU/LinuxIntel Corporation
Product-celeron_j3355_firmwareceleron_n2815core_i7-6870hqcore_i3-9100ecore_i7-7700t_firmwarecore_i3-10100core_i7-8850h_firmwarecore_i5-1038ng7core_i3-7300celeron_j4125core_i7-10510yceleron_n3010_firmwarecore_i7-10710u_firmwarecore_i5-7y57_firmwareceleron_n4120core_i9-10900_firmwarecore_i5-6350hqcore_i5-6300u_firmwarecore_i3-6300tceleron_j6412xeon_platinum_8353hcore_i7-9700k_firmwarecore_i5-8500t_firmwarecore_i3-9300t_firmwarecore_i5-9500t_firmwarecore_i7-8709g_firmwarecore_i7-10875h_firmwareceleron_j1900_firmwarecore_i5-7500core_i5-6500tcore_i5-6260uxeon_silver_4314_firmwarecore_i9-9900kf_firmwarecore_i5-7440hqcore_i7-6785r_firmwarecore_i7-8709gcore_i5-10600t_firmwarecore_i5-10300h_firmwarecore_i9-10900tcore_i5-8200ycore_i7-10700tecore_i9-10900kcore_i5-10500t_firmwarecore_i5-10600_firmwarepentium_silver_j5040_firmwarecore_i5-9400t_firmwarecore_i7-8809g_firmwarecore_i5-8260ucore_i5-10400tdebian_linuxcore_i7-6820eq_firmwarecore_i7-9700kfcore_i5-7287u_firmwarexeon_gold_6328hl_firmwareceleron_n3350ecore_i5-7600k_firmwarecore_i5-8305g_firmwareceleron_j4005_firmwarecore_m7-6y75core_i3-8100b_firmwarecore_i9-10900te_firmwarecore_i5-10500hcore_i3-8300t_firmwarecore_i3-7167u_firmwarecore_i5-10600kfxeon_platinum_8380_firmwarecore_i7-10700_firmwareceleron_n2840_firmwarexeon_silver_4314core_i5-1035g1_firmwareceleron_j3060core_i3-1005g1core_i7-1068ng7core_m3-6y30_firmwarecore_i7-7820eq_firmwarecore_i5-8210y_firmwarecore_i5-9400fcore_i3-10100ecore_i7-6650u_firmwarexeon_silver_4316_firmwarecore_i7-10700kf_firmwarecore_i5-9500f_firmwarecore_i7-7560ucore_i7-9700tceleron_j6413xeon_platinum_8368_firmwarecore_i7-8550u_firmwarecore_i5-7600tcore_i5-8365uxeon_platinum_8376hxeon_gold_6312u_firmwarecore_i5-9600kfceleron_j4105_firmwarecore_i5-6267u_firmwarecore_i5-8600_firmwareceleron_n2806_firmwarecore_i5-8269ucore_i3-8100_firmwarexeon_gold_6334_firmwarexeon_gold_6338ncore_i5-7600t_firmwareceleron_j3160_firmwarexeon_gold_6328hlcore_i7-9700t_firmwarecore_i7-8665ue_firmwarexeon_gold_6330core_i7-10810ucore_i3-10300tcore_i7-7820hq_firmwarecore_i3-8100core_i3-8145uecore_i7-6560u_firmwareceleron_j4025_firmwarecore_i5-6585rcore_i5-9600kcore_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqcore_i7-7600u_firmwarecore_i7-9700kf_firmwarecore_i5-6402p_firmwarecore_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kcore_i5-6600t_firmwarecore_i5-8500bcore_i3-7100e_firmwarexeon_gold_6338celeron_n2840xeon_gold_5315yxeon_platinum_8368q_firmwarecore_i5-8250u_firmwarecore_i7-7820hk_firmwarecore_i5-6600core_i3-8100hcore_i5-8400b_firmwarecore_i3-7300t_firmwareceleron_n2810core_i7-8706gcore_i3-6300core_i5-7400t_firmwarecore_i7-9700f_firmwarecore_i5-8365u_firmwareceleron_n3450_firmwareceleron_j1750_firmwarecore_i7-6500u_firmwarecore_i3-8130u_firmwarecore_i9-10885hcore_i5-10310uceleron_n4500core_i7-8557uxeon_gold_6338tceleron_n2910_firmwarecore_i5-9500_firmwarecore_i5-7440eqcore_i3-6320core_i3-9100t_firmwarecore_i3-8350k_firmwarecore_m3-7y32celeron_n5105_firmwarecore_i7-10750h_firmwarexeon_platinum_8360y_firmwarecore_i7-8557u_firmwarecore_i5-6440eqcore_i5-1030g7core_m3-7y32_firmwareceleron_j4025xeon_platinum_8376hl_firmwarexeon_platinum_8360hcore_i9-10980hkcore_i3-1000g1_firmwareceleron_n2808_firmwarecore_i7-10700k_firmwarecore_i9-10900t_firmwarexeon_gold_5320tceleron_n4100core_i3-10305_firmwarecore_i3-7100u_firmwarecore_i3-10325_firmwarecore_i7-10510y_firmwarecore_i5-7267u_firmwarecore_i7-1060g7_firmwarecore_i5-6287ucore_i7-8500yxeon_gold_6330h_firmwarecore_i7-1068ng7_firmwarecore_i5-9600tfas_biospentium_silver_n5030_firmwarepentium_silver_j5040core_i5-7400_firmwareceleron_j3060_firmwarexeon_gold_6336y_firmwareceleron_n6211core_i7-6700te_firmwarecore_i5-9600core_i5-8600tcore_i5-7200u_firmwarecore_i7-7y75_firmwareceleron_n6210_firmwareceleron_j1850_firmwarecore_i3-10320_firmwarexeon_platinum_8360hl_firmwarexeon_gold_6328hcore_i3-6100hcore_i7-7500uxeon_gold_5318s_firmwarecore_i3-10320xeon_gold_6342_firmwarecore_i3-10105fxeon_gold_5320xeon_gold_5320h_firmwarecore_i3-6098pcore_i5-6400core_i7-10875hceleron_n3060_firmwarexeon_platinum_8362_firmwarecore_i5-6300hq_firmwarecore_i3-7101tecore_i7-7700core_i5-10400hcore_i5-6440eq_firmwarecore_i5-9600kf_firmwarecore_i5-7300hqcore_i5-10505_firmwareceleron_n3050_firmwareceleron_n2810_firmwarexeon_gold_6312uceleron_j1800_firmwareceleron_j3455_firmwarecore_i9-9900t_firmwarecore_i5-6600kcore_i5-9600_firmwarecore_i7-9700exeon_platinum_8380hlcore_i7-9700tecore_i7-8500y_firmwarecore_i7-6822eq_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i5-6442eq_firmwarecore_i3-6102e_firmwarexeon_gold_5318ncore_i3-10105tcore_i9-9900k_firmwarecore_i3-8100h_firmwarecore_i7-10510u_firmwarexeon_platinum_8358_firmwarecore_i7-7700_firmwarecore_i7-6820hk_firmwarecore_i5-6500tecore_i5-6260u_firmwarecore_i3-10105t_firmwarepentium_silver_n6000core_i5-10400h_firmwarecore_i3-1000g4xeon_silver_4309ycore_i3-7100t_firmwarecore_i9-10900kfcore_i3-9100hlcore_i5-6500core_i3-10100tcore_i9-9980hk_firmwarecore_i3-9100f_firmwareceleron_n2805_firmwarexeon_gold_6314ucore_i5-8300h_firmwarecore_i9-9980hkceleron_j4125_firmwarecore_i5-8279u_firmwarecore_i5-8500b_firmwarecore_i7-7700hq_firmwarecore_i3-7100tcore_i3-6102ecore_i5-1035g4_firmwarexeon_platinum_8358p_firmwarexeon_platinum_8362core_i7-6770hqcore_i7-10610ucore_i7-9850h_firmwarexeon_platinum_8351n_firmwarecore_m5-6y54_firmwarecore_i7-7y75core_i7-8559ucore_i5-9500exeon_gold_6314u_firmwareceleron_n3010xeon_platinum_8368qcore_i5-9400core_i7-6600ucore_i3-6320_firmwarecore_i3-6100e_firmwarecore_i7-9750h_firmwarecore_i3-10325xeon_platinum_8356h_firmwarecore_i5-8500_firmwarecore_i7-8700core_i3-7130ucore_i5-8400celeron_n5100xeon_platinum_8380hcore_i3-10105f_firmwareceleron_n3000_firmwarecore_i7\+8700xeon_gold_5318sceleron_n2805core_i5-7440hq_firmwarecore_i7-9850hcore_i5-7300hq_firmwarecore_i3-10110u_firmwarecore_i5-7600core_i7-6500uceleron_n4505_firmwarecore_i5-1035g1celeron_n2808core_i5-8310y_firmwareceleron_n3060core_i3-10110ucore_i7-8665u_firmwarecore_i9-10885h_firmwarecore_i7-8086k_firmwareceleron_j6412_firmwareceleron_n4500_firmwarecore_i3-10100y_firmwarecore_i7-7567u_firmwarecore_i3-9100e_firmwareceleron_n6211_firmwarecore_i5-7442eq_firmwarecore_i3-7320_firmwarecore_i7-8569u_firmwarecore_i7-6770hq_firmwarecore_i9-10900core_i7-1065g7_firmwarecore_i5-9400tceleron_n5100_firmwarecore_i5-7360ucore_i5-7300ucore_i3-10300core_i3-8100t_firmwarecore_i5-7600_firmwarecore_i5-6600tceleron_j6413_firmwarecore_i5-6500t_firmwarecore_i5-10310u_firmwarecore_i7-8565ucore_i3-7100h_firmwarecore_i5-8400_firmwarecore_i7-6600u_firmwarecore_i7-6567u_firmwarecore_i7-7700kcore_i7-10870hcore_i7-10510ucore_i3-10100fcore_i3-6300t_firmwarecore_i9-9900_firmwarecore_i7-7920hq_firmwareceleron_n2940core_i5-8310ycore_i5-10500h_firmwarecore_i3-10300_firmwarecore_i5-6440hqcore_i7-9750hf_firmwareceleron_j1750core_i7-6660ucore_i7-6870hq_firmwarecore_i3-6100ecore_i5-7200ucore_i7-9700fcore_i5-8265u_firmwarecore_i7-6970hq_firmwarexeon_platinum_8352s_firmwarexeon_platinum_8380h_firmwareceleron_n3000core_i5-10210ucore_i7-6820hqcore_i3-7300_firmwarecore_i3-9100tcore_i5-10500xeon_platinum_8351nxeon_gold_6354_firmwarecore_i5-8400bcore_i7-8850hcore_i3-7100hcore_i9-8950hk_firmwareceleron_n2930celeron_n2830core_i5-8400h_firmwarecore_i3-6100ucore_i5-10400t_firmwarecore_i9-9900kscore_i5-6350hq_firmwarexeon_platinum_8352vceleron_n4020_firmwarecore_i3-10100_firmwarexeon_platinum_8352y_firmwarecore_i9-10900texeon_platinum_8358core_i9-8950hkcore_i5-1030g4_firmwarecore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_platinum_8360ycore_i5-10600tceleron_n3150_firmwarecore_i5-10600kf_firmwarexeon_gold_5317_firmwarecore_i5-9500te_firmwarecore_i7-7700k_firmwarexeon_gold_6336yceleron_n4505core_i9-10900e_firmwarecore_i5-9400hcore_i7-7660ucore_i3-9320core_i7-7700hqxeon_platinum_8376h_firmwarecore_i7-6820hq_firmwarecore_i7-10700f_firmwarecore_i3-10100t_firmwarecore_i5-6402pcore_m3-7y30core_i5-8269u_firmwarecore_i3-6100t_firmwarecore_i3-10105celeron_n6210xeon_silver_4309y_firmwareceleron_j3455eceleron_n4020core_i9-10900kf_firmwarecore_i7-8550ucore_i7-10810u_firmwarecore_i3-7101e_firmwareceleron_n2920_firmwarecore_i9-9880h_firmwarecore_i7-9700core_i7-6700hqcore_i3-8300core_i5-6500_firmwarecore_i3-7102e_firmwarecore_i7-9850hexeon_platinum_8360hlxeon_gold_6346_firmwareceleron_j4105core_i7-10700kfcore_i7-9850hl_firmwarecore_i5-8260u_firmwarecore_i5-8400txeon_gold_5315y_firmwarecore_i5-7500tcore_i5-6440hq_firmwarexeon_silver_4310tceleron_n4100_firmwarecore_i7-1065g7xeon_gold_5318hcore_i5-6267ucore_i3-1000g1core_i7-6660u_firmwarexeon_gold_5320_firmwarecore_i5-7y54core_i5-8257u_firmwarecore_i5-7400core_i5-1038ng7_firmwarecore_i3-6100te_firmwareceleron_n2815_firmwareceleron_j3355ecore_i5-9400f_firmwarecore_i7-8700b_firmwarecore_i3-10305t_firmwarecore_i7-8706g_firmwarecore_i5-7287ucore_i7-6567ucore_i9-10850k_firmwarecore_i5-8365ue_firmwarecore_i7-7660u_firmwarexeon_platinum_8352score_i3-6167u_firmwareceleron_n2910xeon_gold_6330n_firmwarecore_i7-7920hqcore_i7-10700core_i5-6600_firmwarecore_i5-9600t_firmwareceleron_n2940_firmwarecore_i7-10610u_firmwarecore_i5-10500e_firmwarecore_i3-7020uceleron_j3355core_i5-8600k_firmwarecore_i5-9300hfcore_i3-8145u_firmwarecore_i5-10400core_i3-9300core_i3-8145uceleron_j3355e_firmwarecore_i3-7020u_firmwarecore_i7-7567ucore_i7-8700kcore_i3-7130u_firmwarecore_i7-10870h_firmwarecore_i3-6098p_firmwareceleron_j1800core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kcore_i5-8365uecore_i3-8109uceleron_j3455core_i7-6920hq_firmwarepentium_silver_n6000_firmwarexeon_gold_6346celeron_n3160core_i5-8200y_firmwareceleron_n3160_firmwareceleron_n2830_firmwarecore_i7-10700ecore_i7-10700te_firmwarecore_i5-8350ucore_i3-7320core_i7-8750h_firmwarecore_i3-10100tecore_i5-6200u_firmwareceleron_n4000_firmwarecore_m5-6y57xeon_gold_6348h_firmwareceleron_n2807core_i5-10210u_firmwarecore_i7-9700te_firmwarecore_i3-8140u_firmwarecore_i5-7y57core_i7-6700tecore_i3-9300_firmwarecore_i3-10100te_firmwarexeon_gold_6330hcore_i5-7260ucore_i5-10600k_firmwarecore_i9-10900ecore_i5-8259u_firmwarecore_i3-9100core_i7-9750hcore_i3-6100u_firmwarepentium_silver_n6005core_i3-10110y_firmwarecore_i5-8600core_i5-8250uxeon_platinum_8380core_m3-8100y_firmwarexeon_platinum_8368core_i5-10500tecore_i7-6700_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarecore_i3-6100tecore_i7-8700bcore_i5-10500tcore_i5-10600core_i5-10500_firmwarecore_i5-10310yxeon_platinum_8352mcore_i5-10310y_firmwarecore_i3-9100tecore_i5-9300hf_firmwarecore_m5-6y57_firmwarecore_i5-8259uxeon_gold_6326_firmwarecore_i3-6006u_firmwarecore_i7-10700kcore_i3-8109u_firmwarecore_i9-9880hcore_i7-8705g_firmwarecore_i7-6650ucore_i3-9350k_firmwarecore_i5-7442eqcore_i7-8665uecore_i5-6400_firmwarecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-1035g4xeon_gold_6342core_i7-8650ucore_i5-10200hpentium_silver_n5030core_i9-9900kcore_i7-8705gceleron_n2920xeon_silver_4316celeron_n4000core_i5-10400fcore_i3-6157u_firmwarecore_i7-7600uxeon_gold_6330ncore_i5-1035g7_firmwarecore_i3-7100ecore_i7\+8700_firmwarecore_i5-9400_firmwarecore_i5-9500core_i3-7101ecore_i9-9900core_i3-8145ue_firmwarecore_i3-7350k_firmwarecore_i5-8400t_firmwarepentium_silver_n5000_firmwarecore_i7-9850hlceleron_j4005celeron_n3150xeon_platinum_8354hpentium_silver_n5000xeon_gold_6348hcore_i5-8400hcore_i5-6300ucore_i7-9750hfcore_m3-6y30core_i3-10110yxeon_gold_6334core_i5-1035g7xeon_gold_6326core_i7-7820hkcore_i5-9300h_firmwareceleron_n3350core_i5-8305gcore_i3-6100core_i3-9350kxeon_gold_6328h_firmwareceleron_n2820celeron_n2820_firmwarexeon_gold_5318h_firmwarecore_i5-7400txeon_gold_6348core_i7-8750hcore_i3-6100tceleron_n5105xeon_gold_6354core_i7-8665ucore_i3-10305tcore_i3-10100e_firmwarecore_m7-6y75_firmwareceleron_n2807_firmwarecore_i3-9350kf_firmwarecore_i5-8300hcore_i5-7440eq_firmwarecore_i3-7101te_firmwareceleron_n2806pentium_silver_n6005_firmwarecore_i3-8140uxeon_gold_5320hceleron_n3350_firmwarecore_i7-8086kcore_i5-10600kcore_i3-8350kcore_i5-7360u_firmwarecore_i5-9500e_firmwarecore_i7-9700e_firmwarecore_i7-10850hcore_i3-1005g1_firmwarecore_i5-6360u_firmwarecore_i5-9500texeon_gold_6338n_firmwarecore_i3-9100hl_firmwarecore_i5-10500te_firmwarecore_i3-10300t_firmwarecore_i5-7y54_firmwarecore_i3-8100bcore_i3-6167ucore_i5-8279ucore_i9-10900f_firmwarecore_i3-10100f_firmwarecore_m3-8100yxeon_platinum_8356hxeon_gold_6338t_firmwarecore_i5-8600kcore_i5-7267ucore_i3-7100ucore_i5-6442eqcore_i7-8700tcore_i3-7100_firmwarecore_i3-9320_firmwarecore_i7-6700k_firmwarecore_i5-7260u_firmwarexeon_gold_5320t_firmwarexeon_gold_5318y_firmwarecore_i5-7300u_firmwareceleron_n2930_firmwareceleron_j1900core_i5-6685r_firmwarecore_i7-8700t_firmwarecore_i7-10700e_firmwarecore_i3-9100te_firmwarecore_i5-6500te_firmwarecore_i5-1030g7_firmwarecore_i5-8600t_firmwarexeon_platinum_8352v_firmwarecore_i7-6700kcore_i7-6970hqxeon_gold_5318n_firmwarecore_i7-6822eqcore_i3-7300tcore_i5-8500xeon_silver_4310t_firmwarecore_i5-9400h_firmwarecore_i5-8210ycore_i5-10400f_firmwareceleron_n4120_firmwarecore_i7-6785rpentium_silver_j5005_firmwarecore_i7-6560ucore_i7-1060g7core_i7-8565u_firmwarecore_i5-8257uxeon_gold_5318ycore_i7-8569uxeon_silver_4310core_i7-10700t_firmwarecore_i9-9900txeon_platinum_8352m_firmwarecore_i7-9700_firmwarecore_i7-7700tcore_i5-6685rcore_i3-9350kfceleron_n3350e_firmwarecore_i5-6287u_firmwarecore_i5-8500tcore_i7-8809gcore_i3-10105_firmwarecore_i7-8650u_firmwarecore_i5-6400t_firmwarecore_i3-6300_firmwarecore_i7-10850h_firmwarecore_i5-6400txeon_gold_6348_firmwarecore_i3-10305core_i7-8700_firmwarecore_i7-9850he_firmwarecore_i3-7350kcore_i3-6100h_firmwarecore_i3-8300_firmwarecore_i5-10505core_i3-9100_firmwarecore_i7-6820eqcore_i7-6700xeon_silver_4310_firmwarecore_i7-6920hqxeon_platinum_8360h_firmwarecore_i5-6585r_firmwarecore_i5-7600kcore_i7-7560u_firmwarecore_i7-6820hkcore_m3-7y30_firmwarecore_i3-6006uxeon_platinum_8354h_firmwarecore_i7-10710uceleron_j3160core_i5-10300hxeon_platinum_8358pcore_i5-10210yxeon_gold_6330_firmwarecore_i3-1000g4_firmwarecore_i5-8350u_firmwarexeon_platinum_8380hl_firmwarecore_i9-9900ks_firmwarexeon_gold_6338_firmwarecore_i3-9100fcore_i5-7500t_firmwarecore_i9-10900fceleron_j3455e_firmwareceleron_n3450core_i5-1030g4core_i5-10200h_firmwarecore_i3-8100tcore_i3-6100_firmwarecore_i9-10980hk_firmwarexeon_platinum_8352ycore_i5-9500tcore_i5-10400_firmwarexeon_gold_5317celeron_n3050core_i5-6600k_firmwarecore_i7-6700hq_firmwareceleron_j1850core_i3-7102exeon_platinum_8376hlcore_i5-6200ucore_i7-10700fcore_i5-9600k_firmwarecore_i9-10900k_firmwarexeon_platinum_8353h_firmwarepentium_silver_j5005Intel(R) Processors
CVE-2022-21125
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-6.45% / 92.89%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:01
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21166
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-5.90% / 92.33%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 20:03
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21123
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-6.28% / 92.73%
||
7 Day CHG~0.00%
Published-15 Jun, 2022 | 19:59
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectVMware (Broadcom Inc.)Debian GNU/LinuxIntel CorporationFedora Project
Product-esxidebian_linuxsgx_dcapsgx_pswsgx_sdkfedoraxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2022-21127
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-5.46% / 91.78%
||
7 Day CHG-0.05%
Published-15 Jun, 2022 | 20:02
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aXen ProjectDebian GNU/LinuxIntel Corporation
Product-debian_linuxsgx_dcapsgx_pswsgx_sdkxenIntel(R) Processors
CWE ID-CWE-459
Incomplete Cleanup
CVE-2019-1020014
Matching Score-8
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
ShareView Details
Matching Score-8
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 32.51%
||
7 Day CHG~0.00%
Published-29 Jul, 2019 | 12:20
Updated-05 Aug, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

docker-credential-helpers before 0.6.3 has a double free in the List functions.

Action-Not Available
Vendor-Canonical Ltd.Fedora ProjectDocker, Inc.
Product-credential_helpersfedoraubuntu_linuxdocker-credential-helpers
CWE ID-CWE-415
Double Free
CVE-2003-0501
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.83% / 53.04%
||
7 Day CHG~0.00%
Published-04 Jul, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2019-0127
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-3.9||LOW
EPSS-0.44% / 35.41%
||
7 Day CHG~0.00%
Published-18 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel Corporation
Product-openvinolinux_kerneln/a
CVE-2007-0958
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.39% / 31.33%
||
7 Day CHG~0.00%
Published-15 Feb, 2007 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-7755
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.69% / 48.43%
||
7 Day CHG~0.00%
Published-08 Mar, 2018 | 07:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-7754
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.38% / 29.94%
||
7 Day CHG~0.00%
Published-10 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2002-1571
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.39% / 31.11%
||
7 Day CHG~0.00%
Published-23 Jan, 2006 | 22:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2022-22484
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.16% / 5.23%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 16:00
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-aixspectrum_protectwindowslinux_kernelSpectrum Protect Operations Center
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2022-0854
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.46% / 37.02%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelKernel
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2018-6556
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-3.3||LOW
EPSS-0.35% / 26.66%
||
7 Day CHG~0.00%
Published-10 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The lxc-user-nic component of LXC allows unprivileged users to open arbitrary files

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2.

Action-Not Available
Vendor-linuxcontainersn/aSUSEopenSUSECanonical Ltd.
Product-ubuntu_linuxsuse_linux_enterprise_servercaas_platformopenstack_cloudlxcleapLXC
CWE ID-CWE-417
Not Available
CVE-2006-5174
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.42% / 33.52%
||
7 Day CHG+0.01%
Published-05 Oct, 2006 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file from a bad address," which triggers a fault that prevents the unused memory from being cleared in the kernel buffer.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-6147
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 32.02%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 19:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Apple Inc.Debian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationmac_os_xenterprise_linux_desktopChrome
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2006-4813
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.39% / 31.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2006 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-6559
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-3.3||LOW
EPSS-0.53% / 41.00%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 17:00
Updated-16 Sep, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-6110
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.33% / 24.88%
||
7 Day CHG~0.00%
Published-01 Feb, 2017 | 22:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local user.

Action-Not Available
Vendor-IBM CorporationMicrosoft CorporationLinux Kernel Organization, Inc
Product-tivoli_storage_manager_for_virtual_environments_data_protection_for_vmwarewindowslinux_kerneltivoli_storage_managerTivoli Storage Manager
CVE-2013-0326
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 27.80%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 16:09
Updated-06 Aug, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenStack nova base images permissions are world readable

Action-Not Available
Vendor-Debian GNU/LinuxOpenStack
Product-debian_linuxnovaopenstack-nova
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-5953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 32.11%
||
7 Day CHG~0.00%
Published-07 Aug, 2018 | 18:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-5750
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.50% / 39.10%
||
7 Day CHG~0.00%
Published-26 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationvirtualization_hostenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-3639
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.5||MEDIUM
EPSS-60.63% / 99.03%
||
7 Day CHG~0.00%
Published-22 May, 2018 | 12:00
Updated-29 May, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Action-Not Available
Vendor-Oracle CorporationMicrosoft CorporationSiemens AGCanonical Ltd.Debian GNU/LinuxMitel Networks Corp.NVIDIA CorporationSchneider Electric SEIntel CorporationSonicWall Inc.Arm LimitedRed Hat, Inc.
Product-simatic_field_pg_m4enterprise_linux_desktopxeon_e3_1270_v3xeon_e3_12201_v2open_integration_gatewayxeon_e5_2630l_v2xeon_e3_1258l_v4xeon_e3_1260l_v5simatic_ipc677csimatic_ipc547gxeon_e5_2470xeon_e5_2418l_v3xeon_e5_2603_v3sinumerik_pcu_50.5_firmwaresimatic_ipc647c_firmwarexeon_e5_1630_v3simatic_ipc827dxeon_e3_1220_v3xeon_e3_1125c_v2debian_linuxsimatic_field_pg_m5_firmwareitc1900xeon_e5_2620openstackxeon_e3_1220l_v3surface_studiopentium_silveratom_exeon_e5_2609itc2200_pro_firmwarexeon_e5_2620_v2xeon_e3_1265l_v3core_i3enterprise_linux_server_ausmivoice_5000simatic_ipc477e_pro_firmwarexeon_e3_1240_v6simatic_itp1000_firmwareatom_x7-e3950windows_7simatic_s7-1500_firmwarexeon_e3_1225simatic_ipc847d_firmwarexeon_e3_1220_v5xeon_e5_1428l_v3enterprise_linux_euscortex-axeon_e5_2637_v2micloud_management_portalxeon_e3_1230_v2enterprise_linux_serversimatic_ipc677c_firmwarexeon_e5_2643mrg_realtimejetson_tx2itc1500_firmwarexeon_e3_1240_v5simatic_ipc427cxeon_e3_1230_v6sinumerik_tcu_30.3simatic_ipc547exeon_e3_1240_v2xeon_e3_1275_v5simatic_ipc627cxeon_e3_1105c_v2xeon_e5_2609_v3xeon_e3_1285_v3local_service_management_systementerprise_linux_server_tusxeon_e3_1265l_v2xeon_e5_2630_v2simatic_ipc427exeon_e3_1276_v3xeon_e5_2603_v4itc1900_proxeon_e3_1275_v6xeon_e5_2408l_v3simatic_ipc647dceleron_jxeon_e5_2418lpentium_jxeon_e5_2438l_v3simatic_ipc677d_firmwaresimatic_ipc627druggedcom_ape_firmwaresimatic_ipc427d_firmwaresinumerik_tcu_30.3_firmwarexeon_e5_1680_v3virtualization_managerxeon_e3_1268l_v5xeon_e5_1660_v4xeon_e5_2630l_v4xeon_e5_2640xeon_e3_1268l_v3simotion_p320-4ewindows_server_2016xeon_e5_2403_v2simatic_ipc647d_firmwarexeon_e3_1286_v3itc2200simatic_ipc347eubuntu_linuxxeon_e5_2623_v3xeon_e5_2450xeon_e5_2450lxeon_e5_2603_v2xeon_e5_2650l_v3xeon_e3_1280_v6enterprise_linux_workstationsinumerik_840_d_sl_firmwarexeon_e5_2628l_v2xeon_e5_2643_v4itc1900_pro_firmwarexeon_e3_1246_v3solarismivoic_mx-onemivoice_businessxeon_e3_1230_v3xeon_e3_1285l_v3xeon_e5_2430core_i7core_i5xeon_e5_2618l_v3xeon_e5_2620_v4simatic_et_200_spsimatic_ipc847c_firmwarexeon_e3_1226_v3xeon_e5_2630lsimatic_ipc547e_firmwaresimatic_ipc627c_firmwarecloud_global_management_systemvirtualizationxeon_e3_1225_v6xeon_e5xeon_e5_2430l_v2simatic_ipc477e_firmwarexeon_e5_1428l_v2xeon_e5_1620_v3xeon_e3_1260lxeon_e3_1235windows_10surface_bookxeon_e5_2407xeon_e5_2440xeon_e5_2428l_v2xeon_e5_2640_v4xeon_e3_1505l_v5itc2200_proxeon_e3_1280_v3simatic_ipc647cxeon_e3_1245xeon_e5_2618l_v4xeon_e5_2630l_v3xeon_e3_1265l_v4xeon_e7xeon_e3_1231_v3ruggedcom_apexeon_e5_2630_v4xeon_e3_1285_v6windows_server_2012xeon_e5_2618l_v2xeon_e3_1225_v2xeon_e3_1270_v6xeon_e3_1280_v2core_mxeon_e3_1245_v3simatic_ipc427c_firmwarestruxureware_data_center_expertenterprise_linuxxeon_e-1105cjetson_tx1sinema_remote_connect_firmwarexeon_e3_1290xeon_e5_2470_v2xeon_e5_2623_v4simatic_ipc477cglobal_management_systemxeon_e3_1245_v2xeon_e3_1240l_v5simatic_ipc3000_smartxeon_e5_2643_v3xeon_e5_2640_v3itc1500_prosimotion_p320-4e_firmwarexeon_e3_1280xeon_e5_1650xeon_e5_2648l_v3xeon_e5_2609_v4xeon_e3_1505l_v6xeon_goldxeon_e3_1230xeon_e3_1270_v2xeon_e3_1501l_v6xeon_e5_2648l_v4xeon_e3_1275_v3xeon_e3_1220_v6xeon_e3_1281_v3xeon_e5_1650_v3simatic_ipc627d_firmwarexeon_e3_1505m_v5celeron_nsurface_pro_with_lte_advancedxeon_e3_1275l_v3xeon_e3_1501m_v6itc1500xeon_e5_2609_v2surfacexeon_e3_1275_v2atom_x5-e3940xeon_e3_1240mivoice_connectsimatic_itp1000xeon_e5_2430lxeon_e3_1245_v5xeon_e3_1278l_v4xeon_e5_2418l_v2xeon_e5_1680_v4xeon_silverxeon_e5_1660_v2simatic_ipc3000_smart_firmwarexeon_e3_1270_v5xeon_e5_2650itc1900_firmwarexeon_e3_1286l_v3xeon_e3_1230_v5atom_x5-e3930xeon_e5_2643_v2simatic_ipc827c_firmwareatom_cxeon_e5_2450l_v2xeon_e5_2420simatic_ipc827cxeon_e5_2448l_v2xeon_e5_2608l_v4xeon_e5_1620_v4xeon_e5_2630_v3simatic_ipc847cxeon_e3_1230l_v3email_securityxeon_e5_2407_v2xeon_e5_2403xeon_e5_2637_v4xeon_e5_2430_v2xeon_e5_2637xeon_e5_1660simatic_ipc677ditc2200_firmwareweb_application_firewallxeon_e3_1290_v2xeon_e5_1428lxeon_e3_1285l_v4xeon_e5_2630xeon_e3_1285_v4simatic_ipc427e_firmwarexeon_e3_1225_v3xeon_e5_2650l_v2xeon_e3_1225_v5xeon_e5_1630_v4simatic_s7-1500pentiumxeon_e3_1240_v3xeon_e5_2428lwindows_8.1xeon_e5_1620_v2simatic_et_200_sp_firmwaresimatic_ipc347e_firmwarexeon_e5_1650_v4xeon_e5_2648l_v2simatic_ipc477c_firmwarexeon_e3_1270xeon_e5_2608l_v3simatic_field_pg_m5xeon_e3_1280_v5xeon_e5_1660_v3sinumerik_pcu_50.5atom_zxeon_e3_12201secure_mobile_accessxeon_e3_1241_v3simatic_ipc427dsimatic_ipc847dsimatic_ipc477e_proxeon_e5_2620_v3itc1500_pro_firmwarexeon_e5_1650_v2xeon_e5_2648lxeon_e5_2637_v3xeon_e5_2650_v4xeon_e5_2448lsimatic_ipc827d_firmwarexeon_e5_2650_v3simatic_ipc547g_firmwarexeon_e3_1271_v3xeon_platinumxeon_e5_2628l_v3simatic_ipc477d_firmwaresinumerik_840_d_slsimatic_field_pg_m4_firmwaresurface_prosimatic_ipc477exeon_e3_1235l_v5xeon_e5_2450_v2windows_server_2008sonicosvsinema_remote_connectxeon_e5_2640_v2micollabxeon_e5_2628l_v4mivoice_border_gatewayxeon_e5_1620xeon_e5_2650_v2xeon_e5_2650lxeon_e5_2603xeon_e5_2428l_v3xeon_e3_1240l_v3xeon_e5_2420_v2xeon_e3_1220_v2xeon_e5_2440_v2simatic_ipc477dxeon_e3_1245_v6xeon_e3Multiple
CWE ID-CWE-203
Observable Discrepancy
CVE-2006-1056
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.45% / 35.92%
||
7 Day CHG~0.00%
Published-20 Apr, 2006 | 10:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.

Action-Not Available
Vendor-n/aFreeBSD FoundationLinux Kernel Organization, Inc
Product-freebsdlinux_kerneln/a
CVE-2006-1844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.33% / 25.20%
||
7 Day CHG~0.00%
Published-19 Apr, 2006 | 16:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-base-configshadown/a
CVE-2018-20510
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 32.85%
||
7 Day CHG~0.00%
Published-30 Apr, 2019 | 17:12
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-20449
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 33.85%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:25
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-element_software_management_nodelinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-20509
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.37% / 28.81%
||
7 Day CHG~0.00%
Published-30 Apr, 2019 | 17:06
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-20781
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.48% / 70.83%
||
7 Day CHG-0.01%
Published-12 Feb, 2019 | 17:00
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.

Action-Not Available
Vendor-n/aCanonical Ltd.The GNOME ProjectOracle Corporation
Product-gnome_keyringubuntu_linuxzfs_storage_appliance_kitn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2018-20855
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.46% / 36.89%
||
7 Day CHG~0.00%
Published-26 Jul, 2019 | 04:39
Updated-05 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.openSUSE
Product-linux_kernelactive_iq_unified_managerdata_availability_servicesactive_iq_performance_analytics_serviceselement_softwareleapn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-4605
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-1.05% / 60.03%
||
7 Day CHG~0.00%
Published-03 Jan, 2006 | 16:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-20511
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.45% / 36.02%
||
7 Day CHG~0.00%
Published-27 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2005-3179
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.40% / 31.76%
||
7 Day CHG~0.00%
Published-11 Oct, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-19985
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.96% / 57.23%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 19:48
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-element_software_management_nodeactive_iq_performance_analytics_servicesdebian_linuxlinux_kerneln/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2005-1855
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-2.1||LOW
EPSS-0.36% / 28.45%
||
7 Day CHG~0.00%
Published-29 Aug, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information.

Action-Not Available
Vendor-sukrian/aDebian GNU/Linux
Product-debian_linuxbackup_managern/a
CVE-2020-12392
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.35% / 26.69%
||
7 Day CHG~0.00%
Published-26 May, 2020 | 17:01
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2005-0625
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.42% / 33.82%
||
7 Day CHG~0.00%
Published-02 Mar, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-reportbugn/a
CVE-2018-18710
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.50% / 39.20%
||
7 Day CHG~0.00%
Published-27 Oct, 2018 | 22:00
Updated-05 Aug, 2024 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-0382
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.50%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 00:00
Updated-02 Aug, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelkernel
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2018-16862
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.53% / 40.91%
||
7 Day CHG~0.00%
Published-26 Nov, 2018 | 19:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxdebian_linuxlinux_kernelenterprise_linuxkernel:
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-0487
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 34.15%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinux_kernelenterprise_linuxkernel
CWE ID-CWE-416
Use After Free
CVE-2018-16837
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.41%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 15:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.Debian GNU/LinuxSUSE
Product-debian_linuxlinux_enterprisepackage_hubansible_engineansible_towerAnsible
CWE ID-CWE-214
Invocation of Process Using Visible Sensitive Information
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2018-16866
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.05% / 60.12%
||
7 Day CHG~0.00%
Published-11 Jan, 2019 | 19:00
Updated-09 Jun, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

Action-Not Available
Vendor-systemd_projectThe systemd ProjectNetApp, Inc.Canonical Ltd.Debian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_ausenterprise_linuxsystemdenterprise_linux_for_ibm_z_systems_\(structure_a\)enterprise_linux_desktopactive_iq_performance_analytics_servicesenterprise_linux_compute_node_euselement_softwareenterprise_linux_for_scientific_computingdebian_linuxenterprise_linux_workstationenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_for_power_big_endian_eusenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_power_big_endiansystemd
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2005-0400
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.44% / 35.56%
||
7 Day CHG~0.00%
Published-05 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2004-2607
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.46% / 36.66%
||
7 Day CHG~0.00%
Published-03 Dec, 2005 | 00:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2005-0530
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.47% / 37.55%
||
7 Day CHG~0.00%
Published-24 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-15572
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 39.82%
||
7 Day CHG~0.00%
Published-20 Aug, 2018 | 02:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CVE-2004-2135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-1.22% / 64.90%
||
7 Day CHG~0.00%
Published-01 Jun, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-15594
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.55% / 42.05%
||
7 Day CHG~0.00%
Published-20 Aug, 2018 | 08:00
Updated-05 Aug, 2024 | 10:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found