Msrc Cbl Mariner 1.0 Arm vulnerabilities

CVE-2008-3914 [CRITICAL] CVE-2008-3914: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2008-3914 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: clamav

CVE-2020-27619 [CRITICAL] In Python 3 through 3.9.0 the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. In Python 3 through 3.9.0 the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux di

CVE-2009-1241 [HIGH] CVE-2009-1241: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2009-1241 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: clamav

CVE-2020-27194 [MEDIUM] CWE-681 An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values aka CID-5b9fbeb75b6a. An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values aka CID-5b9fbeb75b6a. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore po

CVE-2020-24352 [MEDIUM] CWE-125 An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback.

CVE-2007-2650 [MEDIUM] CVE-2007-2650: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2007-2650 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: clamav

CVE-2020-14867 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior 5.7.31 and prior and 8.0.21 and prior. Difficult to exploi Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via mul

CVE-2008-3912 [MEDIUM] CVE-2008-3912: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2008-3912 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: clamav

CVE-2020-14866 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ

CVE-2020-14868 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ

CVE-2008-3913 [MEDIUM] CVE-2008-3913: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2008-3913 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: clamav

CVE-2020-14861 [MEDIUM] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ

CVE-2020-27675 [MEDIUM] CWE-362 An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race conditio An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference as

CVE-2020-14860 [LOW] Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise M

CVE-2000-0803 [CRITICAL] CVE-2000-0803: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2000-0803 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: groff

CVE-2009-4484 [HIGH] CVE-2009-4484: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2009-4484 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: kernel

CVE-2020-0570 [HIGH] CWE-426 Uncontrolled search path in the QT Library before 5.14.0 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. Uncontrolled search path in the QT Library before 5.14.0 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by thi

CVE-2020-26116 [HIGH] CWE-74 http.client in Python 3.x before 3.5.10 3.6.x before 3.6.12 3.7.x before 3.7.9 and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method as demonstrated by insertin http.client in Python 3.x before 3.5.10 3.6.x before 3.6.12 3.7.x before 3.7.9 and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection

CVE-2015-3717 [HIGH] CVE-2015-3717: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3717 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: sqlite

CVE-2007-0086 [HIGH] CVE-2007-0086: NIST NVD Details: https://nvd NIST NVD Details: https://nvd.nist.gov/vuln/detail/CVE-2007-0086 Mariner: Mariner [email protected]: [email protected] Exploit Status: DOS:N/A Remediation: httpd