High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-26	CVE-2023-32629	Incorrect Authorization vulnerability in Canonical Ubuntu Linux 23.04 Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels local low complexity canonical CWE-863	7.8
2023-07-24	CVE-2023-3567	Use After Free vulnerability in multiple products A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. local low complexity linux redhat canonical CWE-416	7.1
2023-07-05	CVE-2023-31248	Use After Free vulnerability in multiple products Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace local low complexity linux fedoraproject debian canonical CWE-416	7.8
2023-06-28	CVE-2023-3389	Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). local low complexity linux canonical debian CWE-416	7.8
2023-06-16	CVE-2023-35788	Out-of-bounds Write vulnerability in multiple products An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. local low complexity linux debian netapp canonical CWE-787	7.8
2023-06-06	CVE-2023-32549	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Canonical Landscape Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. network low complexity canonical CWE-338	7.5
2023-06-06	CVE-2023-32550	Exposure of Resource to Wrong Sphere vulnerability in Canonical Landscape Landscape's server-status page exposed sensitive system information. network low complexity canonical CWE-668	8.2
2023-03-27	CVE-2023-0179	Integer Overflow or Wraparound vulnerability in multiple products A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. local low complexity linux canonical fedoraproject redhat CWE-190	7.8
2023-03-27	CVE-2023-1380	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. local low complexity redhat linux netapp debian canonical CWE-125	7.1
2022-10-31	CVE-2022-40617	Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. network low complexity strongswan canonical debian fedoraproject stormshield CWE-400	7.5