Vulnerabilities > Linuxfoundation > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-03 CVE-2023-46740 Use of Insufficiently Random Values vulnerability in Linuxfoundation Cubefs
CubeFS is an open-source cloud-native file storage system.
network
low complexity
linuxfoundation CWE-330
critical
 9.8
9.8
2024-01-03 CVE-2023-46741 Unspecified vulnerability in Linuxfoundation Cubefs
CubeFS is an open-source cloud-native file storage system.
network
low complexity
linuxfoundation
critical
 9.8
9.8
2023-09-21 CVE-2023-43632 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Edge Virtualization Engine
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients.
network
low complexity
linuxfoundation CWE-770
critical
 9.9
9.9
2023-09-19 CVE-2022-28357 Path Traversal vulnerability in Linuxfoundation Nats-Server
NATS nats-server 2.2.0 through 2.7.4 allows directory traversal because of an unintended path to a management action from a management account.
network
low complexity
linuxfoundation CWE-22
critical
 9.8
9.8
2023-09-07 CVE-2023-40029 Information Exposure Through Log Files vulnerability in Linuxfoundation Argo Continuous Delivery
Argo CD is a declarative continuous deployment for Kubernetes.
network
low complexity
linuxfoundation CWE-532
critical
 9.6
9.6
2023-06-22 CVE-2023-35926 Code Injection vulnerability in Linuxfoundation Backstage
Backstage is an open platform for building developer portals.
network
low complexity
linuxfoundation CWE-94
critical
 9.9
9.9
2023-02-17 CVE-2021-32163 Incorrect Authorization vulnerability in Linuxfoundation Modular Open Smart Network
Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.
network
low complexity
linuxfoundation CWE-863
critical
 9.8
9.8
2022-11-26 CVE-2022-45907 Code Injection vulnerability in Linuxfoundation Pytorch
In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.
network
low complexity
linuxfoundation CWE-94
critical
 9.8
9.8
2022-09-24 CVE-2022-36025 Incorrect Conversion between Numeric Types vulnerability in Linuxfoundation Besu
Besu is a Java-based Ethereum client.
network
low complexity
linuxfoundation CWE-681
critical
 9.1
9.1
2022-07-25 CVE-2022-0670 A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system.
network
low complexity
linuxfoundation redhat fedoraproject
critical
 9.1
9.1