Vulnerabilities > Linuxfoundation > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-28 | CVE-2020-26290 | Unspecified vulnerability in Linuxfoundation DEX Dex is a federated OpenID Connect provider written in Go. | 9.6 |
| 2020-11-06 | CVE-2020-26892 | Use of Hard-coded Credentials vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | 9.8 |
| 2020-03-13 | CVE-2020-1887 | Improper Certificate Validation vulnerability in Linuxfoundation Osquery Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust. | 9.1 |
| 2020-02-05 | CVE-2020-6174 | Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation the Update Framework TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature. | 9.8 |
| 2019-07-22 | CVE-2019-1010234 | Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. | 9.8 |
| 2019-07-19 | CVE-2019-1010245 | OS Command Injection vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is affected by: Improper Input Validation. | 9.8 |
| 2016-04-15 | CVE-2010-5325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a long job title. | 9.8 |