Vulnerabilities > Linuxfoundation

DATE CVE VULNERABILITY TITLE RISK
2022-12-19 CVE-2022-23536 Unspecified vulnerability in Linuxfoundation Cortex 1.13.0/1.13.1/1.14.0
Cortex provides multi-tenant, long term storage for Prometheus.
network
low complexity
linuxfoundation
6.5
2022-12-07 CVE-2022-23471 Memory Leak vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
network
low complexity
linuxfoundation CWE-401
6.5
2022-12-07 CVE-2022-46770 Infinite Loop vulnerability in Linuxfoundation Mirage Firewall
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255).
network
low complexity
linuxfoundation CWE-835
7.5
2022-11-27 CVE-2022-45930 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5
2022-11-27 CVE-2022-45931 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5
2022-11-27 CVE-2022-45932 SQL Injection vulnerability in Linuxfoundation Opendaylight
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5.
network
low complexity
linuxfoundation CWE-89
7.5
2022-11-26 CVE-2022-45907 Code Injection vulnerability in Linuxfoundation Pytorch
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
network
low complexity
linuxfoundation CWE-94
critical
9.8
2022-11-19 CVE-2022-41939 Unspecified vulnerability in Linuxfoundation Knative Func
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions.
network
low complexity
linuxfoundation
7.4
2022-11-16 CVE-2022-39383 Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Kubevela
KubeVela is an open source application delivery platform.
network
low complexity
linuxfoundation CWE-918
6.5
2022-11-14 CVE-2022-0324 Classic Buffer Overflow vulnerability in Linuxfoundation Software for Open Networking in the Cloud 202111
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash.
network
low complexity
linuxfoundation CWE-120
7.5