Vulnerabilities > Linuxfoundation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-08 | CVE-2019-16097 | Missing Authorization vulnerability in Linuxfoundation Harbor core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. | 4.0 |
| 2019-07-22 | CVE-2019-1010234 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. | 7.5 |
| 2019-07-19 | CVE-2019-1010245 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. | 7.5 |
| 2019-07-18 | CVE-2019-1010252 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. | 5.5 |
| 2019-07-18 | CVE-2019-1010250 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. | 5.5 |
| 2019-07-18 | CVE-2019-1010249 | Integer Overflow or Wraparound vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. | 5.5 |
| 2019-06-03 | CVE-2019-3567 | Link Following vulnerability in Linuxfoundation Osquery In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. | 9.3 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
| 2018-12-31 | CVE-2018-6336 | 7PK - Security Features vulnerability in Linuxfoundation Osquery An issue was discovered in osquery. | 6.8 |
| 2018-04-27 | CVE-2015-1857 | Information Exposure vulnerability in Linuxfoundation Opendaylight The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions. | 5.0 |