| 2023-11-01 | CVE-2023-5178 | Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. | 9.8 |
| 2023-07-24 | CVE-2023-32257 | Improper Locking vulnerability in multiple products
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-18 | CVE-2023-38426 | Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4. | 9.1 |
| 2023-07-18 | CVE-2023-38428 | Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4. | 9.1 |
| 2023-07-18 | CVE-2023-38432 | Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.10. | 9.1 |
| 2022-07-27 | CVE-2022-36946 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 7.5 |
| 2022-07-07 | CVE-2022-2047 | Improper Input Validation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. | 2.7 |
| 2022-07-07 | CVE-2022-2048 | In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. | 7.5 |
| 2022-06-02 | CVE-2022-27774 | Insufficiently Protected Credentials vulnerability in multiple products
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. | 5.7 |
| 2022-06-02 | CVE-2022-27775 | An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | 7.5 |