cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-21505,https://securityvulnerability.io/vulnerability/CVE-2022-21505,Linux Kernel Vulnerability Affecting Secure Boot Mechanisms,"In the Linux kernel, a security flaw exists related to the use of Integrity Measurement Architecture (IMA) appraisal with the boot parameter 'ima_appraise=log'. If this parameter is set and Secure Boot is either disabled or not available, the system's lockdown can potentially be exploited using the kexec command. While IMA provides protection by preventing the setting of 'ima_appraise=log' when Secure Boot is enabled, this safeguard does not extend to scenarios where lockdown is operational without Secure Boot. This situation raises significant concerns regarding the confidentiality, integrity, and availability of the affected systems, as malicious actors may exploit this vulnerability to bypass security mechanisms.",Oracle,Oracle Linux,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-24T18:48:23.588Z,0
CVE-2023-22024,https://securityvulnerability.io/vulnerability/CVE-2023-22024,Kernel Crash Vulnerability in Oracle's Unbreakable Enterprise Kernel,"The Unbreakable Enterprise Kernel (UEK) contains a vulnerability in its RDS module, where the setsockopt options RDS_CONN_RESET and RDS6_CONN_RESET are not re-entrant. This flaw allows a malicious local user with CAP_NET_ADMIN privileges to exploit the vulnerability, potentially leading to a system crash. As a result, this can disrupt the availability of the kernel, impacting overall system operations.",Oracle,"Oracle Linux,Oracle Vm",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-09-20T21:15:00.000Z,0
CVE-2022-21385,https://securityvulnerability.io/vulnerability/CVE-2022-21385,Local User Vulnerability in Oracle Linux Kernel,A flaw identified in the Oracle Linux kernel's net_rds_alloc_sgs() function permits unprivileged local users to initiate a system crash. This vulnerability poses a significant risk as it can disrupt system availability and cause unplanned downtime. It is essential to apply necessary patches to mitigate this exposure.,Oracle,Oracle Linux,6.2,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2022-08-29T20:35:08.000Z,0
CVE-2022-21504,https://securityvulnerability.io/vulnerability/CVE-2022-21504,Use Count Error in Oracle Linux UEK6 U3 Leads to Denial of Service,"A critical issue has been identified in Oracle Linux UEK6 U3 where an inappropriate file descriptor count management leads to a use count error. This flaw permits a socket's file descriptor to be prematurely closed and freed while it is still in operation. Attackers with local access can exploit this vulnerability to manipulate the socket, potentially triggering a denial of service. This situation arises due to concurrency issues in the kernel's file descriptor management.",Oracle,Oracle Linux,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-06-14T17:50:10.000Z,0
CVE-2022-21499,https://securityvulnerability.io/vulnerability/CVE-2022-21499,Kernel Debugger Vulnerability in Debian,"This vulnerability allows unauthorized read and write access to kernel memory through the KGDB and KDB interfaces. Attackers with access to the system's serial port can exploit this vulnerability by triggering the kernel debugger, which may not adhere to the lockdown restrictions. This poses a significant threat to the confidentiality, integrity, and availability of the system as it enables potential manipulation or exposure of sensitive kernel memory data.",Oracle,"Oracle Linux,Oracle Vm",6.7,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2022-06-09T20:15:28.000Z,0
CVE-2021-2464,https://securityvulnerability.io/vulnerability/CVE-2021-2464,Filesystem Exposure in Oracle Linux OSwatcher by Oracle,"A vulnerability exists within the OSwatcher component of Oracle Linux, impacting versions 7 and 8. This issue allows low-privileged attackers who are logged into the infrastructure to exploit the vulnerability, potentially leading to compromise of the Oracle Linux environment. Successful exploitation could enable unauthorized control over the system, affecting its confidentiality, integrity, and availability. Users of Oracle Linux are encouraged to apply the necessary patches and maintain vigilant security practices to safeguard against potential attacks.",Oracle,Oracle Linux,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-09-24T18:55:08.000Z,0
CVE-2020-2732,https://securityvulnerability.io/vulnerability/CVE-2020-2732,Vulnerability in KVM Hypervisor Affects Nested Virtualization,"A flaw has been identified in the KVM hypervisor regarding its handling of instruction emulation for L2 guests when nested virtualization is enabled. Under specific conditions, an L2 guest can manipulate the L0 guest into accessing sensitive L1 resources that should otherwise remain inaccessible to the L2 guest. This vulnerability poses significant security risks in environments relying on nested virtualization, as it undermines the expected isolation between virtual machines.",Oracle,Oracle Linux,5.8,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2020-04-08T21:10:14.000Z,0