Vulnerabilities > Linuxfoundation > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2023-27584 Use of Hard-coded Credentials vulnerability in Linuxfoundation Dragonfly
Dragonfly is an open source P2P-based file distribution and image acceleration system.
network
low complexity
linuxfoundation CWE-798
critical
 9.8
9.8
2024-01-03 CVE-2023-46740 Unspecified vulnerability in Linuxfoundation Cubefs
CubeFS is an open-source cloud-native file storage system.
network
low complexity
linuxfoundation
critical
 9.8
9.8
2024-01-03 CVE-2023-46741 Unspecified vulnerability in Linuxfoundation Cubefs
CubeFS is an open-source cloud-native file storage system.
network
low complexity
linuxfoundation
critical
 9.8
9.8
2023-09-21 CVE-2023-43632 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Edge Virtualization Engine
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients.
network
low complexity
linuxfoundation CWE-770
critical
 9.9
9.9
2023-09-19 CVE-2022-28357 Path Traversal vulnerability in Linuxfoundation Nats-Server
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account.
network
low complexity
linuxfoundation CWE-22
critical
 9.8
9.8
2023-06-22 CVE-2023-35926 Code Injection vulnerability in Linuxfoundation Backstage
Backstage is an open platform for building developer portals.
network
low complexity
linuxfoundation CWE-94
critical
 9.9
9.9
2023-02-17 CVE-2021-32163 Incorrect Authorization vulnerability in Linuxfoundation Modular Open Smart Network
Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.
network
low complexity
linuxfoundation CWE-863
critical
 9.8
9.8
2022-11-26 CVE-2022-45907 Code Injection vulnerability in Linuxfoundation Pytorch
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
network
low complexity
linuxfoundation CWE-94
critical
 9.8
9.8
2022-09-24 CVE-2022-36025 Incorrect Conversion between Numeric Types vulnerability in Linuxfoundation Besu
Besu is a Java-based Ethereum client.
network
low complexity
linuxfoundation CWE-681
critical
 9.1
9.1
2022-08-12 CVE-2022-35942 Unspecified vulnerability in Linuxfoundation Loopback-Connector-Postgresql
Improper input validation on the `contains` LoopBack filter may allow for arbitrary SQL injection.
network
low complexity
linuxfoundation
critical
 10.0
10