This is an old revision of the document!
Statistics are grouped by month of the issue being reported to the private list.
| Month | Reports | Average | Median | Min | Max embargo days |
|---|---|---|---|---|---|
| 2023-03 | 11 | 28.85 | 6.83 | 4.07 | 237.20 |
| 2023-04 | 4 | 7.92 | 6.21 | 4.14 | 15.13 |
| 2023-05 | 12 | 7.51 | 7.68 | 2.57 | 13.99 |
| 2023-06 | 7 | 26.26 | 7.99 | 1.21 | 131.43 |
| 2023-07 | 3 | 3.97 | 3.11 | 1.87 | 6.93 |
| 2023-08 | 1 | 7.31 | 7.31 | 7.31 | 7.31 |
| 2023-09 | 12 | 9.86 | 9.63 | 1.26 | 20.27 |
| 2023-10 | 6 | 8.89 | 7.96 | 7.58 | 14.01 |
| Total | 56 | 14.53 | 7.45 | 1.21 | 237.20 |
| Project | Subjects/titles/links | Time at distros (UTC) … oss-security (UTC) Elsewhere (UTC) | Embargo days | Planned CRD(s) (exact wording) | CVE(s) |
|---|---|---|---|---|---|
| Linux | [vs-plain] A double free vulnerability was found in the hci_conn_cleanup function of the Bluetooth subsystem [oss-security] CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/ | Wed Mar 08 10:06:04 2023 Tue Mar 28 11:18:01 2023 Thu Mar 09 07:49:39 2023 | 20.05 0.91 | March 28 2023-03-28T10:05:42+00:00 | CVE-2023-28464 |
| Linux | [vs-plain] Reporting a USB-accessible slab-out-of-bounds read in brcmfmac [oss-security] A USB-accessible slab-out-of-bounds read in Linux kernel driver https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang@yonsei.ac.kr/ | Thu Mar 09 11:24:15 2023 Mon Mar 13 13:03:07 2023 Thu Mar 09 10:45:59 2023 | 4.07 -0.03 | CVE-2023-1380 | |
| Bluez, Intel wireless devices | [vs-plain] Bluetooth Low Energy stuck in unresponsive state after repeated out of order transmission of packets [oss-security] Bluez, Intel wireless devices: Bluetooth Low Energy stuck in unresponsive state after repeated out of order transmission of packets | Fri Mar 10 18:08:39 2023 Thu Nov 02 22:55:03 2023 | 237.20 | ||
| curl | [vs-plain] curl: CVE-2023-27533: TELNET option IAC injection (1/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27533: TELNET option IAC injection https://github.com/curl/curl/commit/538b1e79a6e7b | Mon Mar 13 11:26:18 2023 Mon Mar 20 07:26:15 2023 Fri Mar 10 16:43:00 2023 | 6.83 -2.78 | March 20 | CVE-2023-27533 |
| curl | [vs-plain] curl: CVE-2023-27534: SFTP path ~ resolving discrepancy (2/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27534: SFTP path ~ resolving discrepancy https://github.com/curl/curl/commit/4e2b52b5f7a3bf50a | Mon Mar 13 11:26:19 2023 Mon Mar 20 07:26:20 2023 Fri Mar 10 22:20:00 2023 | 6.83 -2.55 | March 20 | CVE-2023-27534 |
| curl | [vs-plain] curl: CVE-2023-27535: FTP too eager connection reuse (3/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27535: FTP too eager connection reuse https://github.com/curl/curl/commit/8f4608468b890dc | Mon Mar 13 11:27:21 2023 Mon Mar 20 07:26:22 2023 Mon Mar 13 08:07:00 2023 | 6.83 -0.14 | March 20 | CVE-2023-27535 |
| curl | [vs-plain] curl: CVE-2023-27536: GSS delegation too eager connection re-use (4/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27536: GSS delegation too eager connection re-use https://github.com/curl/curl/commit/cb49e67303dba | Mon Mar 13 11:27:20 2023 Mon Mar 20 07:26:26 2023 Fri Mar 10 22:30:00 2023 | 6.83 -2.54 | March 20 | CVE-2023-27536 |
| curl | [vs-plain] curl: CVE-2023-27537: HSTS double-free (5/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27537: HSTS double-free https://github.com/curl/curl/commit/dca4cdf071be0 | Mon Mar 13 11:28:21 2023 Mon Mar 20 07:26:32 2023 Fri Mar 10 16:45:00 2023 | 6.83 -2.78 | March 20 | CVE-2023-27537 |
| curl | [vs-plain] curl: CVE-2023-27538: SSH connection too eager reuse still (6/6) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still https://github.com/curl/curl/commit/af369db4d3833272b8ed | Mon Mar 13 11:28:23 2023 Mon Mar 20 07:26:36 2023 Fri Mar 10 16:54:00 2023 | 6.83 -2.77 | March 20 | CVE-2023-27538 |
| X.Org Server | [vs-plain] Preview of X.Org Security Advisory for 2023-03-29 [oss-security] Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free https://lists.x.org/archives/xorg-announce/2023-March/003374.html | Mon Mar 20 08:03:14 2023 Wed Mar 29 12:36:06 2023 Wed Mar 29 12:15:05 2023 | 9.19 9.17 | 2023-03-29 at 12:00 UTC | CVE-2023-1393 ZDI-CAN-19866 |
| Open vSwitch | [vs-plain] [ADVISORY] CVE-2023-1668: Open vSwitch: Remote traffic denial of service via crafted packets with IP proto 0 [oss-security] [ADVISORY] CVE-2023-1668: Open vSwitch: Remote traffic denial of service via crafted packets with IP proto 0 | Fri Mar 31 23:06:33 2023 Thu Apr 06 19:18:23 2023 | 5.84 | 06-Apr-2023 | CVE-2023-1668 |
| Linux | [vs-plain] linux-bluetooth: Arbitrary management command execution [oss-security] CVE-2023-2002: Linux Bluetooth: Unauthorized management command execution | Sun Apr 09 10:57:14 2023 Sun Apr 16 11:22:19 2023 | 7.02 | April 16th | CVE-2023-2002 |
| Linux | [vs-plain] OOB access in the Linux kernel's XFS subsystem [oss-security] CVE-2023-2124: OOB access in the Linux kernel's XFS subsystem https://lore.kernel.org/linux-xfs/20230411233159.GH360895@frogsfrogsfrogs/ | Sat Apr 15 03:27:54 2023 Wed Apr 19 06:45:22 2023 Tue Apr 11 23:32:04 2023 | 4.14 -3.16 | CVE-2023-2124 | |
| Git | [vs-plain] Upcoming Git security fix releases [oss-security] [ANNOUNCE] Git v2.40.1 and friends | Thu Apr 20 07:29:59 2023 Tue Apr 25 17:08:44 2023 | 5.40 | 2023-APR-25 at around 10am Pacific Time | CVE-2023-25652 CVE-2023-25815 CVE-2023-29007 |
| distribution/distribution | [vs-plain] Embargoed DoS in distribution/distribution: Catalog Endpoint can lead to OOM by user input [oss-security] CVE-2023-2253: distribution/distribution: Catalog API endpoint can lead to OOM via malicious user input | Mon Apr 24 12:55:13 2023 Tue May 09 16:04:12 2023 | 15.13 | 2023-05-08 13:00 UTC 2023-05-09 15:00 UTC | CVE-2023-2253 |
| Linux | [vs-plain] Linux kernel LPE due to use-after-free in Netfilter nf_tables [oss-security] [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab | Tue May 02 08:28:08 2023 Mon May 08 15:58:45 2023 Wed May 03 06:24:32 2023 | 6.31 0.91 | Once the fix becomes public Monday (May 8th) | CVE-2023-32233 |
| Linux | [vs-plain] linux >= 6.3-rc4: OOB physical memory read/write via io_uring [oss-security] Linux kernel io_uring out-of-bounds access to physical memory https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=776617db78c6d208780e7c69d4d68d1fa82913de | Tue May 02 16:28:39 2023 Mon May 08 14:34:55 2023 Wed May 03 15:00:22 2023 | 5.92 0.94 | 2023-05-08 15:00 UTC 12:00 UTC, Sunday 2023-05-07 | CVE-2023-2598 |
| OpenStack | [vs] Vulnerability in OpenStack cinder, glance_store, nova, os-brick (CVE-2023-2088) [oss-security] [OSSA-2023-003] cinder, glance_store, nova, os-brick: Unauthorized volume access through deleted volume attachments (CVE-2023-2088) | Thu May 04 00:57:23 2023 Wed May 10 17:21:16 2023 | 6.68 | 2023-05-10, 1500UTC | CVE-2023-2088 OSSA-2023-003 |
| libcap | [vs-plain] pre-announcement libcap-2.69 release 2023-05-15 [oss-security] libcap-2.69 addresses 2 CVEs https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe | Mon May 08 01:41:19 2023 Mon May 15 16:00:06 2023 Mon May 15 02:10:04 2023 | 7.60 7.02 | 2023-05-15 | LCAP-CR-23-01 LCAP-CR-23-02 CVE-2023-2602 CVE-2023-2603 |
| curl | [vs-plain] : curl pre-notification: CVE-2023-28319 (1/4) [oss-security] curl: CVE-2023-28319: UAF in SSH sha256 fingerprint check | Tue May 09 12:16:16 2023 Wed May 17 06:41:12 2023 | 7.77 | 06:00 UTC on May 17th | CVE-2023-28319 |
| curl | [vs-plain] : curl pre-notification: CVE-2023-28320 (2/4) [oss-security] curl: CVE-2023-28320: siglongjmp race condition | Tue May 09 12:16:30 2023 Wed May 17 06:41:18 2023 | 7.77 | 06:00 UTC on May 17th | CVE-2023-28320 |
| curl | [vs-plain] : curl pre-notification: CVE-2023-28321 (3/4) [oss-security] curl: CVE-2023-28321: IDN wildcard match | Tue May 09 12:17:16 2023 Wed May 17 06:41:21 2023 | 7.77 | 06:00 UTC on May 17th | CVE-2023-28321 |
| curl | [vs-plain] : curl pre-notification: CVE-2023-28322 (4/4) [oss-security] curl: CVE-2023-28322: more POST-after-PUT confusion | Tue May 09 12:17:29 2023 Wed May 17 06:41:26 2023 | 7.77 | 06:00 UTC on May 17th | CVE-2023-28322 |
| cups-filters | [vs-plain] CVE-2023-24805: RCE in cups-filters, beh CUPS backend [oss-security] CVE-2023-24805: RCE in cups-filters, beh CUPS backend | Wed May 10 12:45:42 2023 Wed May 17 12:14:29 2023 | 6.98 | May 17, 2023 | CVE-2023-24805 GHSA-gpxc-v2m8-fr3x |
| OpenSSL | [vs-plain] Embargoed OpenSSL security issue [oss-security] OpenSSL Security Advisory | Tue May 16 14:13:29 2023 Tue May 30 13:53:09 2023 | 13.99 | 30th May 2023 | CVE-2023-2650 |
| c-ares | [vs-plain] c-ares security vulns [oss-security] c-ares multiple vulnerabilities: CVE-2023-32067, CVE-2023-31147, CVE-2023-31130, CVE-2023-31124 | Fri May 19 23:08:20 2023 Mon May 22 12:53:13 2023 | 2.57 | 5/22/2023 | CVE-2023-32067 CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 |
| CUPS | [vs-plain] EMBARGOED CVE-2023-32324 heap buffer overflow in cupsd [oss-security] [vs] CVE-2023-32324 heap buffer overflow in cupsd | Tue May 23 10:06:35 2023 Thu Jun 01 10:49:58 2023 | 9.03 | June 1st 2023, 12:00 PM CET | CVE-2023-32324 |
| open-vm-tools | [vs] [EMBARGOED] CVE-2023-20867 [oss-security] CVE-2023-20867: open-vm-tools: Authentication Bypass vulnerability in the vgauth module https://www.vmware.com/security/advisories/VMSA-2023-0013.html | Tue Jun 06 15:31:40 2023 Mon Oct 16 01:49:50 2023 Tue Jun 13 15:31:40 2023 | 131.43 7.00 | June 13th, 2023 | CVE-2023-20867 VMSA-2023-0013 |
| cpdb-libs | [vs-plain] CVE-2023-34095: Buffer overflows via scanf [oss-security] CVE-2023-34095: cpdb-libs: Buffer overflows via scanf | Tue Jun 06 17:37:22 2023 Wed Jun 14 17:18:55 2023 | 7.99 | June 14, 2023 | CVE-2023-34095 GHSA-25j7-9gfc-f46x |
| libX11 | [vs-plain] Embargoed X.Org Security Advisory: Buffer overflows in InitExt.c in libX11 prior to 1.8.6 [CVE-2023-3138] [oss-security] Fwd: [ANNOUNCE] X.Org Security Advisory: Sub-object overflows in libX11 | Fri Jun 09 00:16:11 2023 Thu Jun 15 16:40:01 2023 | 6.68 | June 15, 2023 | CVE-2023-3138 |
| CUPS | [vs-plain] EMBARGOED CVE-2023-34241 use-after-free in cupsdAcceptClient() [oss-security] CVE-2023-34241: CUPS: use-after-free in cupsdAcceptClient() | Tue Jun 13 10:28:42 2023 Thu Jun 22 10:57:45 2023 | 9.02 | June 22nd, 12:00 PM CET | CVE-2023-34241 |
| Linux | [vs-plain] DirtyVMA: Privilege escalation via non-RCU-protected VMA traversal [oss-security] StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability | Wed Jun 14 17:36:30 2023 Wed Jul 05 12:18:37 2023 | 20.78 | June 22 or June 23 June 29, 17:30 UTC Wednesday, July 5 | CVE-2023-3269 StackRot |
| Linux | [vs-plain] DECnet vulnerability disclosure [oss-security] CVE-2023-3338: Linux Kernel NULL Pointer Dereference in DECnet | Sat Jun 17 22:58:37 2023 Sat Jun 24 16:24:01 2023 | 6.73 | 7-day embargo | CVE-2023-3338 |
| BIND 9 | [vs] … [oss-security] ISC has disclosed two vulnerabilities in BIND 9 (CVE-2023-2828, CVE-2023-2911) | Tue Jun 20 12:08:48 2023 Wed Jun 21 17:14:40 2023 | 1.21 | 21 June 2023 | CVE-2023-2828 CVE-2023-2911 |
| curl | [vs-plain] : curl: CVE-2023-32001: fopen race condition [oss-security] curl: fopen race condition: CVE-2023-32001 | Wed Jul 12 08:17:32 2023 Wed Jul 19 06:31:07 2023 | 6.93 | July 19 2023 | CVE-2023-32001 |
| AMD Zen2 | [vs-plain] CVE-2023-20593: A use-after-free in AMD Zen2 Processors [oss-security] CVE-2023-20593: A use-after-free in AMD Zen2 Processors https://lore.kernel.org/linux-firmware/20230718231959.3163407-1-john.allen@amd.com/T/#maa00a9e4b26bcdbf0370b24bdb082639ad0b8dd6 | Sat Jul 22 17:42:37 2023 Mon Jul 24 14:28:36 2023 Wed Jul 19 19:18:19 2023 | 1.87 -2.93 | current plan is Monday | CVE-2023-20593 |
| Cargo | [vs-plain] CVE-2023-38497: Cargo does not respect the umask when extracting dependencies [oss-security] CVE-2023-38497: Cargo does not respect umask when extracting packages | Mon Jul 31 09:31:14 2023 Thu Aug 03 12:06:04 2023 | 3.11 | August 3rd, 2023 at 12pm UTC | CVE-2023-38497 |
| open-vm-tools | [vs] [EMBARGOED] CVE-2023-20900 [oss-security] [Security Advisory] open-vm-tools: SAML token signature bypass vulnerability (CVE-2023-20900) | Thu Aug 24 05:43:34 2023 Thu Aug 31 13:13:52 2023 | 7.31 | August 31st, 2023 | CVE-2023-20900 VMSA-2023-0019 |
| curl | [vs-plain] : curl: CVE-2023-38039: HTTP headers eat all memory [oss-security] CVE-2023-38039 curl: HTTP headers eat all memory | Wed Sep 06 06:24:35 2023 Wed Sep 13 06:31:38 2023 | 7.00 | September 13 2023 | CVE-2023-38039 |
| Linux | [vs-plain] integer overflow in Linux kernel leading exploitable memory access [oss-security] [CVE-2023-42752] integer overflow in Linux kernel leading to exploitable memory access | Thu Sep 07 23:24:26 2023 Mon Sep 18 23:10:48 2023 | 10.99 | CVE-2023-42752 | |
| Linux | [vs-plain] slab-out-of-bound access in the Linux kernel [oss-security] [CVE-2023-42753] Array Indexing error in Linux kernel https://lore.kernel.org/netdev/20230906162525.11079-6-fw@strlen.de/raw | Thu Sep 07 23:41:13 2023 Fri Sep 22 20:18:42 2023 Wed Sep 06 16:25:55 2023 | 14.86 -1.30 | Tentatively on Sep 21 | CVE-2023-42753 |
| cups, libppd | [vs-plain] EMBARGOED CVE-2023-4504 cups, libppd: Postscript parsing heap-based buffer overflow [oss-security] CVE-2023-4504 cups, libppd: Postscript parsing heap-based buffer overflow | Tue Sep 12 06:44:19 2023 Wed Sep 20 13:05:26 2023 | 8.26 | September 20th 2023, 14:00 CET | CVE-2023-4504 |
| Linux | [vs-plain] null pointer dereference in Linux kernel ipv4 stack [oss-security] [CVE-2023-42754] null pointer dereference in Linux kernel ipv4 stack | Mon Sep 18 21:47:31 2023 Mon Oct 02 20:07:33 2023 | 13.93 | Oct 2 | CVE-2023-42754 |
| BIND 9 | [vs] … [oss-security] ISC has disclosed two vulnerabilities in BIND 9 (CVE-2023-3341, CVE-2023-4236) | Tue Sep 19 06:29:56 2023 Wed Sep 20 12:40:08 2023 | 1.26 | 20 September 2023 | CVE-2023-3341 CVE-2023-4236 |
| glibc | [vs] CVE-2023-4911 [oss-security] CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so | Tue Sep 19 22:19:39 2023 Tue Oct 03 17:50:56 2023 | 13.81 | October 3, 2023, 17:00 UTC | CVE-2023-4911 |
| Linux | [vs-plain] Linux kernel wild pointer access ⇐ v6.2 [oss-security] [CVE-2023-42755] Linux kernel wild pointer access <= v6.2 https://lore.kernel.org/all/CADW8OBtkAf+nGokhD9zCFcmiebL1SM8bJp_oo=pE02BknG9qnQ@mail.gmail.com/ | Sat Sep 23 02:06:51 2023 Mon Sep 25 21:26:18 2023 Fri Sep 08 00:02:06 2023 | 2.81 -15.09 | Sep 29th right away | CVE-2023-42755 |
| Linux | [vs-plain] Linux kernel race condition in netfilter [oss-security] [CVE-2023-42756] Linux kernel race condition in netfilter | Sat Sep 23 02:29:21 2023 Wed Sep 27 20:50:38 2023 | 4.76 | Sep 27th | CVE-2023-42756 |
| Linux | [vs-plain] NVMe-of/TCP Security Issue Report [oss-security] CVE-2023-5178: Linux NVMe-oF/TCP Driver - UAF in `nvmet_tcp_free_crypto` https://lore.kernel.org/all/20231004173226.5992-1-sj@kernel.org/T/ | Mon Sep 25 09:17:34 2023 Sun Oct 15 15:47:22 2023 Mon Oct 02 10:54:46 2023 | 20.27 7.07 | aware of the 14-day maximum | CVE-2023-5178 |
| libcue | [vs] CVE-2023-43641 (GHSL-2023-197) [oss-security] CVE-2023-43641: out-of-bounds array access in libcue 2.2.1 | Tue Sep 26 08:12:41 2023 Mon Oct 09 17:13:07 2023 | 13.38 | 2023-10-09T17+00:00 | CVE-2023-43641 GHSL-2023-197 |
| libX11 & libXpm | [vs-plain] Embargoed X.Org Security Advisory: Multiple issues in libX11 & libXpm [oss-security] Fwd: X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17 | Tue Sep 26 17:15:59 2023 Tue Oct 03 16:32:00 2023 | 6.97 | October 3, 2023 | CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789 |
| curl | [vs-plain] : CVE-2023-38545 curl SOCKS5 heap buffer overflow (1/2) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-38545: SOCKS5 heap buffer overflow | Tue Oct 03 06:57:43 2023 Wed Oct 11 05:58:55 2023 | 7.96 | October 11, around 06:00 UTC | CVE-2023-38545 |
| curl | [vs-plain] : CVE-2023-38546 curl cookie injection with none file (2/2) [oss-security] [SECURITY ADVISORY] curl: CVE-2023-38546 | Tue Oct 03 06:57:52 2023 Wed Oct 11 05:59:15 2023 | 7.96 | October 11 2023 | CVE-2023-38546 |
| OpenSSL | [vs-plain] Embargoed OpenSSL security issue [oss-security] OpenSSL Security Advisory | Tue Oct 10 14:57:08 2023 Tue Oct 24 15:14:46 2023 | 14.01 | 24th October 2023 | CVE-2023-5363 GHSA-q3f8-53qj-r58x |
| X.Org X server | [vs-plain] Embargoed X.Org Security Advisory: Multiple issues in X.Org X server [oss-security] FW: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.9 and Xwayland prior to 23.2.2 https://lists.x.org/archives/xorg-announce/2023-October/003430.html | Tue Oct 17 05:13:14 2023 Wed Oct 25 11:06:15 2023 Wed Oct 25 01:53:55 2023 | 8.25 7.86 | October 25, 2023 | CVE-2023-5367 CVE-2023-5380 CVE-2023-5574 ZDI-CAN-22153 ZDI-CAN-21608 ZDI-CAN-21213 |
| open-vm-tools | [vs-plain] SAML Bypass in VMware Tools CVE-2023-34058 [oss-security] CVE-2023-34058 - SAML Token Signature Bypass in open-vm-tools | Thu Oct 19 18:43:23 2023 Fri Oct 27 08:36:14 2023 | 7.58 | October 26th, 2023 | CVE-2023-34058 |
| open-vm-tools | [vs-plain] file descriptor hijack in VMware Tools CVE-2023-34059 [oss-security] CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools | Thu Oct 19 18:43:46 2023 Fri Oct 27 08:36:17 2023 | 7.58 | October 26th, 2023 | CVE-2023-34059 |
The data here is unfortunately incomplete and unreliable, resulting from automated processing of input that wasn't meant to be fully machine-readable.
| Project | Subject | Reported | Coordinated Release Date | Time of oss-security posting | CVE(s) | Days embargoed (scheduled) | Days embargoed (oss-security) |
|---|---|---|---|---|---|---|---|
| February | |||||||
| less CVE-2022-46663 | 2023-02-01T06:55:51+00:00 | 2023-02-08T06:55:51+00:00 | 2023-02-07T18:49:47+00:00 | CVE-2022-46663 | 7.00 | 6.46 | |
| January | |||||||
| Preview of X.Org Security Advisory for 2023-02-07 | 2023-01-30T22:33:32+00:00 | 2023-02-06T22:33:32+00:00 | 2023-02-07T01:36:35+00:00 | CVE-2022-0494 CVE-2023-0494 | 7.00 | 7.12 | |
| pesign: Local privilege escalation on pesign systemd service | 2023-01-27T20:44:55+00:00 | 2023-02-03T20:44:55+00:00 | 2023-01-31T15:59:19+00:00 | CVE-2022-3560 | 7.00 | 3.79 | |
| Embargoed OpenSSL security issues | 2023-01-25T12:02:01+00:00 | 2023-02-07T00:00:00+00:00 | 2023-02-07T19:28:51+00:00 | CVE-2022-4203 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0216 CVE-2023-0217 CVE-2023-0286 CVE-2023-0401 | 12.46 | 13.29 | |
| … | 2023-01-24T11:58:47+00:00 | 2023-01-31T11:58:47+00:00 | 2023-01-25T17:05:43+00:00 | CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 | 7.00 | 1.21 | |
| Re: Vulnerability in OpenStack Cinder, Glance, Nova (CVE-2022-47951) | 2023-01-17T21:53:09+00:00 | 2023-01-24T21:53:09+00:00 | 2023-01-24T16:08:18+00:00 | CVE-2022-47951 | 7.00 | 6.75 | |
| null pointer dereference in Linux kernel | 2023-01-15T05:12:43+00:00 | 2023-01-22T05:12:43+00:00 | 2023-01-18T20:26:46+00:00 | CVE-2023-0394 | 7.00 | 3.62 | |
| Re: PowerDNS pre-notification: EMBARGO: PowerDNS Security Advisory 2023-01: PowerDNS Recursor 4.8.0 unbounded recursion results in program termination | 2023-01-13T11:17:46+00:00 | 2023-01-20T11:17:46+00:00 | 2023-01-20T12:19:43+00:00 | CVE-2023-22617 | 7.00 | 7.04 | |
| Re: Embargoed X.Org Security Advisory: Issues handling XPM files in libXpm prior to 3.5.15 | 2023-01-12T23:41:22+00:00 | 2023-01-19T23:41:22+00:00 | 2023-01-17T16:47:45+00:00 | CVE-2022-4883 | 7.00 | 4.71 | |
| … | 2023-01-12T14:17:07+00:00 | 2023-01-19T14:17:07+00:00 | 2023-01-19T00:33:43+00:00 | CVE-2023-22809 | 7.00 | 6.42 | |
| Netfilter vulnerability disclosure | 2023-01-11T01:26:17+00:00 | 2023-01-18T01:26:17+00:00 | 2023-01-13T15:22:47+00:00 | CVE-2022-1015 CVE-2023-0179 | 7.00 | 2.54 | |
| Re: Vulnerability in OpenStack Swift (CVE-2022-47950) | 2023-01-11T00:35:00+00:00 | 2023-01-18T00:35:00+00:00 | 2023-01-17T16:01:11+00:00 | CVE-2022-47950 | 7.00 | 6.62 | |
| Upcoming Git security fix release | 2023-01-10T23:08:02+00:00 | 2023-01-17T23:08:02+00:00 | 2023-01-17T18:06:10+00:00 | CVE-2022-23521 CVE-2022-41903 | 7.00 | 6.75 | |
| Embargoed X.Org Security Advisory: Issues handling XPM files in libXpm prior to 3.5.15 | 2023-01-10T18:12:18+00:00 | 2023-01-17T18:12:18+00:00 | 2023-01-17T16:47:45+00:00 | CVE-2022-44617 CVE-2022-46285 CVE-2022-4883 | 7.00 | 6.92 | |
| Re: CVE-2022-46176: Cargo does not check SSH host keys | 2023-01-05T16:48:13+00:00 | 2023-01-12T16:48:13+00:00 | 2023-01-10T16:45:06+00:00 | CVE-2022-46176 | 7.00 | 4.96 | |