Vulnerabilities > Linuxfoundation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-15163 | Insufficient Verification of Data Authenticity vulnerability in Linuxfoundation the Update Framework Python TUF (The Update Framework) reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. | 8.2 |
| 2020-08-31 | CVE-2020-15687 | Unspecified vulnerability in Linuxfoundation Acrn 1.6.1/2.0 Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. | 7.5 |
| 2020-07-10 | CVE-2020-11081 | Unspecified vulnerability in Linuxfoundation Osquery osquery before version 4.4.0 enables a privilege escalation vulnerability. | 8.2 |
| 2020-06-22 | CVE-2020-10736 | Unspecified vulnerability in Linuxfoundation Ceph 15.2.0/15.2.1 An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. low complexity linuxfoundation | 8.0 |
| 2020-06-11 | CVE-2020-11090 | Unspecified vulnerability in Linuxfoundation Indy-Node 1.12.2 In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vulnerability. | 7.5 |
| 2020-04-22 | CVE-2020-12059 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Ceph through 13.2.9. | 7.5 |
| 2020-04-21 | CVE-2020-1699 | Path Traversal vulnerability in multiple products A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. | 7.5 |
| 2020-03-20 | CVE-2019-19029 | SQL Injection vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform. | 7.2 |
| 2020-03-20 | CVE-2019-19025 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform. | 8.8 |
| 2020-03-20 | CVE-2019-19023 | Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform. | 8.8 |