Linux Foundation Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Virtualization Software132
Not Defined14

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Linux Foundation Xen122
Linux Foundation ONOS10
Linux Foundation xen6
Linux Foundation libvchan2
Linux Foundation zephyr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix96
Temporary Fix0
Workaround2
Unavailable2
Not Defined46

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High0
Functional0
Proof-of-Concept8
Unproven44
Not Defined94

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local96
Adjacent22
Network28

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High2
Low48
None96

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required2
None144

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤442
≤514
≤638
≤722
≤88
≤914
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤36
≤438
≤520
≤640
≤716
≤814
≤910
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤442
≤516
≤634
≤724
≤810
≤912
≤108

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤54
≤60
≤72
≤82
≤90
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤52
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k0
<2k4
<5k32
<10k60
<25k42
<50k8
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k118
<2k2
<5k14
<10k8
<25k4
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Products (10): ONOS (8), ONOS SDN Controller (1), XEN (1), Xen (122), Xen Elf Parser (1), cups-filters (5), foomatic (1), libvchan (1), xen (5), zephyr (1)

Link to Vendor Website: https://www.linuxfoundation.org/

PublishedBaseTempVulnerabilityProdExpRemEPSSCTICVE
10/06/20214.34.2Linux Foundation zephyr Key Distribution multiple resources with duplicate identifierUnknownNot DefinedOfficial Fix0.001020.00CVE-2021-3436
07/22/20198.58.5Linux Foundation ONOS YangLiveCompilerManager.java runJavaCompiler input validationUnknownNot DefinedNot Defined0.004380.05CVE-2019-1010234
07/19/20198.58.4Linux Foundation ONOS SDN Controller YangLiveCompilerManager.java input validationUnknownNot DefinedOfficial Fix0.002840.02CVE-2019-1010245
07/18/20195.65.6Linux Foundation ONOS FlowRuleManager.java apply input validationUnknownNot DefinedNot Defined0.000740.00CVE-2019-1010252
07/18/20195.65.6Linux Foundation ONOS FlowWebResource.java createFlows input validationUnknownNot DefinedNot Defined0.000690.00CVE-2019-1010250
07/18/20194.84.8Linux Foundation ONOS FlowWebResource.java createFlow integer overflowUnknownNot DefinedNot Defined0.000700.00CVE-2019-1010249
07/17/20178.58.5Linux Foundation ONOS OAR access controlUnknownNot DefinedNot Defined0.015100.00CVE-2017-1000081
07/17/20177.47.4Linux Foundation ONOS WebSocket access controlUnknownNot DefinedNot Defined0.000960.00CVE-2017-1000080
07/17/20176.46.4Linux Foundation ONOS denial of serviceUnknownNot DefinedNot Defined0.001180.00CVE-2017-1000079
07/17/20175.25.2Linux Foundation ONOS Device Registration cross site scriptingUnknownNot DefinedNot Defined0.000890.01CVE-2017-1000078
03/10/20155.14.5Linux Foundation Xen x86 Emulation access controlVirtualization SoftwareUnprovenOfficial Fix0.000860.00CVE-2015-2151
03/05/20154.03.5Linux Foundation Xen Emulation Routine information disclosureVirtualization SoftwareUnprovenOfficial Fix0.000600.00CVE-2015-2044
03/05/20154.03.5Linux Foundation Xen HYPERVISOR_xen_version information disclosureVirtualization SoftwareUnprovenOfficial Fix0.000620.00CVE-2015-2045
02/12/20156.25.4Linux Foundation Xen Register input validationVirtualization SoftwareUnprovenOfficial Fix0.000590.00CVE-2015-0268
01/29/20156.25.4Linux Foundation Xen GIC denial of serviceVirtualization SoftwareUnprovenOfficial Fix0.000000.00
01/29/20154.03.8Linux Foundation Xen GIC Logging Rate Limit resource managementVirtualization SoftwareNot DefinedOfficial Fix0.000620.02CVE-2015-1563
01/06/20154.03.5Linux Foundation Xen use after freeVirtualization SoftwareUnprovenOfficial Fix0.008540.00CVE-2015-0361
12/08/20143.33.2Linux Foundation Xen P2M Lock codeVirtualization SoftwareNot DefinedOfficial Fix0.000620.00CVE-2014-9066
12/08/20143.32.9Linux Foundation Xen P2M Lock codeVirtualization SoftwareUnprovenOfficial Fix0.000620.02CVE-2014-9065
11/27/20144.03.5Linux Foundation Xen REP MOVS Acceleration Support codeVirtualization SoftwareUnprovenOfficial Fix0.000620.00CVE-2014-8867
11/27/20149.08.6Linux Foundation Xen Compatibility Mode codeVirtualization SoftwareNot DefinedOfficial Fix0.000620.00CVE-2014-8866
11/20/20143.73.6Linux Foundation Xen MMU_MACHPHYS_UPDATE Processing input validationVirtualization SoftwareNot DefinedOfficial Fix0.002940.00CVE-2014-9030
11/20/20144.33.8Linux Foundation Xen denial of serviceVirtualization SoftwareUnprovenOfficial Fix0.002940.00CVE-2014-9030
11/18/20149.07.8Linux Foundation Xen x86 Emulation codeVirtualization SoftwareUnprovenOfficial Fix0.000620.00CVE-2014-8595
11/18/20144.03.5Linux Foundation Xen MMU Virtualization do_mmu_update input validationVirtualization SoftwareUnprovenOfficial Fix0.006700.00CVE-2014-8594

121 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 121 results.

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!