Vulnerabilities > Linuxfoundation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-20746 | Improper Locking vulnerability in multiple products In vcu, there is a possible out of bounds write due to improper locking. | 6.7 |
| 2023-06-06 | CVE-2023-20747 | Type Confusion vulnerability in multiple products In vcu, there is a possible memory corruption due to type confusion. | 4.4 |
| 2023-06-06 | CVE-2023-20727 | Out-of-bounds Read vulnerability in multiple products In wlan, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2023-05-26 | CVE-2023-33199 | Reachable Assertion vulnerability in Linuxfoundation Rekor Rekor's goals are to provide an immutable tamper resistant ledger of metadata generated within a software projects supply chain. | 5.3 |
| 2023-05-11 | CVE-2023-29195 | Unspecified vulnerability in Linuxfoundation Vitess Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. | 4.3 |
| 2023-04-26 | CVE-2023-30841 | Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Baremetal Operator Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. | 5.5 |
| 2023-04-24 | CVE-2023-2250 | Unspecified vulnerability in Linuxfoundation Open Cluster Management A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. | 6.7 |
| 2023-04-12 | CVE-2023-30512 | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Cubefs CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. | 6.5 |
| 2023-03-29 | CVE-2023-25809 | Unspecified vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. | 6.3 |
| 2023-03-27 | CVE-2022-41354 | Information Exposure Through Discrepancy vulnerability in Linuxfoundation Argo-Cd An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications. | 4.3 |