CVE-2020-12362
- EPSS 0.36%
- Veröffentlicht 17.02.2021 14:15:15
- Zuletzt bearbeitet 21.11.2024 04:59:34
Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363
- EPSS 0.31%
- Veröffentlicht 17.02.2021 14:15:15
- Zuletzt bearbeitet 21.11.2024 04:59:35
Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364
- EPSS 0.31%
- Veröffentlicht 17.02.2021 14:15:15
- Zuletzt bearbeitet 21.11.2024 04:59:35
Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-27835
- EPSS 0.31%
- Veröffentlicht 07.01.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:21:54
A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-26541
- EPSS 0.53%
- Veröffentlicht 02.10.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:20:02
The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-14304
- EPSS 0.36%
- Veröffentlicht 15.09.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:02:57
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...
CVE-2020-15802
- EPSS 7.14%
- Veröffentlicht 11.09.2020 14:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:12
Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...
CVE-2019-20794
- EPSS 0.51%
- Veröffentlicht 09.05.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:39:22
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...
CVE-2020-11725
- EPSS 0.51%
- Veröffentlicht 12.04.2020 22:15:11
- Zuletzt bearbeitet 29.05.2026 21:16:37
snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, ...
CVE-2019-20429
- EPSS 1.9%
- Veröffentlicht 27.01.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 04:38:27
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between spt...