Vulnerabilities > Tuxfamily

DATE CVE VULNERABILITY TITLE RISK
2020-08-24 CVE-2020-14367 Link Following vulnerability in multiple products
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder.
local
low complexity
tuxfamily fedoraproject canonical CWE-59
6.0
2019-12-09 CVE-2015-1853 Unspecified vulnerability in Tuxfamily Chrony
chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.
network
low complexity
tuxfamily
6.5
2016-01-26 CVE-2016-1567 7PK - Security Features vulnerability in Tuxfamily Chrony
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
network
tuxfamily CWE-254
6.8