Vulnerabilities > Linuxfoundation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-07 | CVE-2022-46770 | Infinite Loop vulnerability in Linuxfoundation Mirage Firewall qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255). | 7.5 |
| 2022-11-27 | CVE-2022-45930 | SQL Injection vulnerability in Linuxfoundation Opendaylight A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. | 7.5 |
| 2022-11-27 | CVE-2022-45931 | SQL Injection vulnerability in Linuxfoundation Opendaylight A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. | 7.5 |
| 2022-11-27 | CVE-2022-45932 | SQL Injection vulnerability in Linuxfoundation Opendaylight A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. | 7.5 |
| 2022-11-19 | CVE-2022-41939 | Information Exposure vulnerability in Linuxfoundation Knative Func knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. | 7.4 |
| 2022-11-14 | CVE-2022-0324 | Classic Buffer Overflow vulnerability in Linuxfoundation Software for Open Networking in the Cloud 202111 There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. | 7.5 |
| 2022-10-07 | CVE-2022-32589 | Improper Resource Shutdown or Release vulnerability in multiple products In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. | 7.5 |
| 2022-10-03 | CVE-2022-38817 | Missing Authentication for Critical Function vulnerability in Linuxfoundation Dapr Dashboard Dapr Dashboard v0.1.0 through v0.10.0 is vulnerable to Incorrect Access Control that allows attackers to obtain sensitive data. | 7.5 |
| 2022-05-17 | CVE-2022-29162 | Incorrect Default Permissions vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 7.8 |
| 2022-03-25 | CVE-2022-24778 | Incorrect Authorization vulnerability in multiple products The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. | 7.5 |