Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-19 | CVE-2019-1010245 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. | 7.5 |
| 2019-07-18 | CVE-2019-1010252 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. | 5.5 |
| 2019-07-18 | CVE-2019-1010250 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. | 5.5 |
| 2019-07-18 | CVE-2019-1010249 | Integer Overflow or Wraparound vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. | 5.5 |
| 2019-06-03 | CVE-2019-3567 | Link Following vulnerability in Linuxfoundation Osquery In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. | 9.3 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
| 2018-12-31 | CVE-2018-6336 | 7PK - Security Features vulnerability in Linuxfoundation Osquery An issue was discovered in osquery. | 6.8 |
| 2018-04-27 | CVE-2015-1857 | Information Exposure vulnerability in Linuxfoundation Opendaylight The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions. | 5.0 |
| 2017-12-15 | CVE-2017-17697 | Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping. | 5.0 |
| 2016-06-01 | CVE-2016-3697 | Permissions, Privileges, and Access Controls vulnerability in multiple products libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. | 2.1 |