Vulnerabilities > Oracle > Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-22024 | Unspecified vulnerability in Oracle Linux and VM Server In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant. | 5.5 |
| 2022-08-29 | CVE-2022-21385 | Unspecified vulnerability in Oracle Linux A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. | 6.2 |
| 2022-06-14 | CVE-2022-21504 | Use After Free vulnerability in Oracle Linux 7/8 The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. | 5.5 |
| 2022-06-09 | CVE-2022-21499 | Out-of-bounds Write vulnerability in multiple products KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. | 6.7 |
| 2022-02-16 | CVE-2021-3551 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. | 4.4 |
| 2021-09-24 | CVE-2021-2464 | Unspecified vulnerability in Oracle Engineered Systems Utilities and Linux Vulnerability in Oracle Linux (component: OSwatcher). | 7.8 |
| 2018-10-09 | CVE-2018-17962 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | 5.0 |
| 2017-08-07 | CVE-2015-7852 | Improper Input Validation vulnerability in NTP ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | 4.3 |
| 2017-08-07 | CVE-2015-7702 | Improper Input Validation vulnerability in NTP The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). | 4.0 |
| 2017-08-07 | CVE-2015-7701 | Missing Release of Resource after Effective Lifetime vulnerability in NTP Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). | 5.0 |