CVE Tools

unknown

4,042

Cumulative CVEs

62

Monthly snapshots

#1

Peak rank

Top products

anti-spam by cleantalk. spam protection1 custom block builder1 really simple security1

Latest CVEs

The 15 most recently published vulnerabilities affecting unknown.

CVE-2020-10773A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a loca...4.4Sep 10, 2020
CVE-2019-19338A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort...5.5Jul 13, 2020
CVE-2019-14894A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into ...8.0Jun 22, 2020
CVE-2019-3865A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. Attackers are able to use the name field of service key to inject scripts an...6.1Jun 22, 2020
CVE-2020-10736An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauth...8.0Jun 22, 2020
CVE-2020-1727A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allow...6.4Jun 22, 2020
CVE-2020-10740A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering ...6.6Jun 22, 2020
CVE-2020-10738A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a wa...7.5May 21, 2020
CVE-2020-10725A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss ...7.7May 20, 2020
CVE-2020-10726A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a res...6.0May 20, 2020
CVE-2020-10722A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowi...5.1May 19, 2020
CVE-2020-10723A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copi...5.1May 19, 2020
CVE-2020-10724A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of...5.1May 19, 2020
CVE-2020-10706A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. This flaw allows an attacker with access to a backup to obtain ...6.3May 12, 2020
CVE-2019-10170A flaw was found in the Keycloak admin console, where the realm management interface permits a script to be set via the policy. This flaw allows an attacker with authenticated user and realm manage...6.6May 8, 2020