Vulnerabilities > Linux

DATE CVE VULNERABILITY TITLE RISK
2020-01-22 CVE-2018-16267 Improper Privilege Management vulnerability in Linux Tizen
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations.
low complexity
linux CWE-269
8.1
8.1
2020-01-22 CVE-2018-16266 Improper Privilege Management vulnerability in Linux Tizen
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations.
low complexity
linux CWE-269
8.1
8.1
2020-01-22 CVE-2018-16265 Improper Privilege Management vulnerability in Linux Tizen
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations.
low complexity
linux CWE-269
6.5
6.5
2020-01-22 CVE-2018-16264 Information Exposure vulnerability in Linux Tizen
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations.
low complexity
linux CWE-200
6.5
6.5
2020-01-22 CVE-2018-16263 Improper Privilege Management vulnerability in Linux Tizen
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations.
low complexity
linux CWE-269
8.8
8.8
2020-01-22 CVE-2018-16262 Improper Privilege Management vulnerability in Linux Tizen
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations.
low complexity
linux CWE-269
8.8
8.8
2020-01-16 CVE-2019-9500 Out-of-bounds Write vulnerability in multiple products
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow.
high complexity
broadcom linux CWE-787
8.3
8.3
2020-01-16 CVE-2019-18282 Use of Insufficiently Random Values vulnerability in multiple products
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f.
network
low complexity
linux debian netapp CWE-330
5.3
5.3
2020-01-15 CVE-2007-4774 Race Condition vulnerability in Linux Kernel
The Linux kernel before 2.4.36-rc1 has a race condition.
network
high complexity
linux CWE-362
5.9
5.9
2020-01-14 CVE-2020-7053 Use After Free vulnerability in Linux Kernel
In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c.
local
low complexity
linux CWE-416
7.8
7.8