Vulnerabilities > Linuxfoundation

DATE CVE VULNERABILITY TITLE RISK
2020-09-30 CVE-2020-13794 Missing Authorization vulnerability in Linuxfoundation Harbor
Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.
network
low complexity
linuxfoundation CWE-862
4.3
2020-09-09 CVE-2020-15163 Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation the Update Framework
Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time.
network
high complexity
linuxfoundation CWE-345
8.2
2020-08-31 CVE-2020-15687 Unspecified vulnerability in Linuxfoundation Acrn 1.6.1/2.0
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads.
network
low complexity
linuxfoundation
7.5
2020-07-15 CVE-2020-13788 Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor
Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
network
low complexity
linuxfoundation CWE-918
4.3
2020-07-10 CVE-2020-11081 Unspecified vulnerability in Linuxfoundation Osquery
osquery before version 4.4.0 enables a privilege escalation vulnerability.
local
low complexity
linuxfoundation
8.2
2020-06-26 CVE-2020-10753 Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway).
6.5
2020-06-22 CVE-2020-10736 Unspecified vulnerability in Linuxfoundation Ceph 15.2.0/15.2.1
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources.
low complexity
linuxfoundation
8.0
2020-06-19 CVE-2020-10750 Information Exposure Through Log Files vulnerability in Linuxfoundation Jaeger
Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used.
local
low complexity
linuxfoundation CWE-532
5.5
2020-06-11 CVE-2020-11090 Unspecified vulnerability in Linuxfoundation Indy-Node 1.12.2
In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability.
network
low complexity
linuxfoundation
7.5
2020-06-03 CVE-2020-10749 A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks.
network
high complexity
linuxfoundation redhat fedoraproject
6.0