cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-21505,https://securityvulnerability.io/vulnerability/CVE-2022-21505,Linux Kernel Vulnerability Affecting Secure Boot Mechanisms,"In the Linux kernel, a security flaw exists related to the use of Integrity Measurement Architecture (IMA) appraisal with the boot parameter 'ima_appraise=log'. If this parameter is set and Secure Boot is either disabled or not available, the system's lockdown can potentially be exploited using the kexec command. While IMA provides protection by preventing the setting of 'ima_appraise=log' when Secure Boot is enabled, this safeguard does not extend to scenarios where lockdown is operational without Secure Boot. This situation raises significant concerns regarding the confidentiality, integrity, and availability of the affected systems, as malicious actors may exploit this vulnerability to bypass security mechanisms.",Oracle,Oracle Linux,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-24T18:48:23.588Z,0
CVE-2023-22024,https://securityvulnerability.io/vulnerability/CVE-2023-22024,,"In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant.  A malicious local user with CAP_NET_ADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",Oracle,"Oracle Linux,Oracle Vm",5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2023-09-20T21:15:00.000Z,0
CVE-2022-21385,https://securityvulnerability.io/vulnerability/CVE-2022-21385,,A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H),Oracle,Oracle Linux,6.2,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2022-08-29T20:35:08.000Z,0
CVE-2022-21504,https://securityvulnerability.io/vulnerability/CVE-2022-21504,,"The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",Oracle,Oracle Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-06-14T17:50:10.000Z,0
CVE-2022-21499,https://securityvulnerability.io/vulnerability/CVE-2022-21499,,"KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,"Oracle Linux,Oracle Vm",6.7,MEDIUM,0.00046999999904073775,false,false,false,false,,false,false,2022-06-09T20:15:28.000Z,0
CVE-2021-2464,https://securityvulnerability.io/vulnerability/CVE-2021-2464,,"Vulnerability in Oracle Linux (component: OSwatcher). Supported versions that are affected are 7 and 8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Linux executes to compromise Oracle Linux. Successful attacks of this vulnerability can result in takeover of Oracle Linux. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",Oracle,Oracle Linux,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-09-24T18:55:08.000Z,0
CVE-2020-2732,https://securityvulnerability.io/vulnerability/CVE-2020-2732,,"A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.",Oracle,Oracle Linux,5.8,MEDIUM,0.0004799999878741801,false,false,false,false,,false,false,2020-04-08T21:10:14.000Z,0