Filtered by vendor Linux
Subscriptions
Total
15296 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42256 | 5 Citrix, Linux, Nvidia and 2 more | 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow in index validation may lead to denial of service, information disclosure, or data tampering. | ||||
| CVE-2022-42254 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure. | ||||
| CVE-2022-34684 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure. | ||||
| CVE-2024-25699 | 3 Esri, Linux, Microsoft | 4 Arcgis Enterprise, Portal For Arcgis, Linux Kernel and 1 more | 2025-04-10 | 8.5 High |
| There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 11.2 and below on Windows and Linux, and ArcGIS Enterprise 11.1 and below on Kubernetes which, under unique circumstances, could potentially allow a remote, unauthenticated attacker to compromise the confidentiality, integrity, and availability of the software. | ||||
| CVE-2024-25692 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-04-10 | 5.4 Medium |
| There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity. | ||||
| CVE-2023-25841 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2025-04-10 | 6.1 Medium |
| There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 11.0 and below on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. Mitigation: Disable anonymous access to ArcGIS Feature services with edit capabilities. | ||||
| CVE-2023-25840 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2025-04-10 | 3.4 Low |
| There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this attack are high. | ||||
| CVE-2022-34680 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2025-04-10 | 5.5 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service. | ||||
| CVE-2022-34678 | 6 Citrix, Linux, Microsoft and 3 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2025-04-10 | 6.5 Medium |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service. | ||||
| CVE-2024-25707 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-04-10 | 4.8 Medium |
| There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser (Self XSS). A user cannot be phished into clicking a link to execute code. | ||||
| CVE-2024-25698 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-04-10 | 6.1 Medium |
| There is a reflected cross site scripting vulnerability in the home application in Esri Portal for ArcGIS 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. | ||||
| CVE-2024-25690 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-04-10 | 4.7 Medium |
| There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that may allow a remote, unauthenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim’s browser. | ||||
| CVE-2022-45049 | 3 Axiell, Linux, Microsoft | 3 Iguana, Linux Kernel, Windows | 2025-04-10 | 6.1 Medium |
| A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The url parameter on the novelist.php endpoint does not properly neutralise user input, resulting in the vulnerability. | ||||
| CVE-2022-45051 | 3 Axiell, Linux, Microsoft | 3 Iguana, Linux Kernel, Windows | 2025-04-10 | 6.1 Medium |
| A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the vulnerability. | ||||
| CVE-2022-43534 | 2 Arubanetworks, Linux | 2 Clearpass Policy Manager, Linux Kernel | 2025-04-10 | 7.8 High |
| A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. | ||||
| CVE-2022-4378 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux, Rhel Aus and 6 more | 2025-04-10 | 7.8 High |
| A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-34330 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-04-10 | 6.1 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229469. | ||||
| CVE-2022-22371 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-04-10 | 5.5 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 221195. | ||||
| CVE-2022-4662 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | 5.5 Medium |
| A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. | ||||
| CVE-2022-4382 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.4 Medium |
| A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side. | ||||