future-architect / vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
https://vuls.io/
GNU General Public License v3.0
11.01k stars 1.16k forks source link

false positive redhat unpatched vulnerability #1906

Closed MaineK00n closed 6 months ago

MaineK00n commented 7 months ago

What did you do? (required. The issue will be closed when not provided.)

Unpatched vulnerabilities are supposed to be detected by gost, but in the gost data source, vulnerabilities are linked to source packages. Therefore, there is a possibility of false positives or missed positives.

What did you expect to happen?

Accurately detect unpatched vulnerabilities.

What happened instead?

I have installed vim-common and others, but an unpatched vulnerability in vim: CVE-2020-20703 is not detected. https://access.redhat.com/security/cve/CVE-2020-20703

Steps to reproduce the behaviour

vuls scan json: vagrant.json

$ vuls report
...
vagrant (redhat8.9)
===================
Total: 382 (Critical:5 High:105 Medium:249 Low:13 ?:10)
72/382 Fixed, 43 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts
522 installed

+----------------+------+--------+-----+-----------+---------+--------------------------------+
|     CVE-ID     | CVSS | ATTACK | POC |   ALERT   |  FIXED  |            PACKAGES            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2163  | 10.0 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-15505 |  9.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-25775 |  9.8 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-37920 |  9.8 |  AV:N  |     |           | unfixed | ca-certificates                |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-45871 |  9.8 |  AV:A  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-33631 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-3545  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-36402 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-38096 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-41858 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-45884 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-45886 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-45919 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1073  |  8.9 |  AV:P  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1192  |  8.9 |  AV:N  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1838  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-20569 |  8.9 |  AV:L  | POC |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2162  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2166  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2176  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3812  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-40283 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-42753 |  8.9 |  AV:L  | POC |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4408  |  8.9 |  AV:N  |     |           |   fixed | bind-libs, bind-libs-lite,     |
|                |      |        |     |           |         | bind-license, bind-utils,      |
|                |      |        |     |           |         | python3-bind                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4622  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4623  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-46813 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4921  |  8.9 |  AV:L  | POC |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-50387 |  8.9 |  AV:N  |     |           |   fixed | bind-libs, bind-libs-lite,     |
|                |      |        |     |           |         | bind-license, bind-utils,      |
|                |      |        |     |           |         | python3-bind, python3-unbound, |
|                |      |        |     |           |         | unbound-libs                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-50868 |  8.9 |  AV:N  |     |           |   fixed | bind-libs, bind-libs-lite,     |
|                |      |        |     |           |         | bind-license, bind-utils,      |
|                |      |        |     |           |         | python3-bind, python3-unbound, |
|                |      |        |     |           |         | unbound-libs                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-51042 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5178  |  8.9 |  AV:N  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52562 |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5633  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel, kernel-headers,  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5717  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6356  |  8.9 |  AV:N  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6535  |  8.9 |  AV:N  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6536  |  8.9 |  AV:N  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6546  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6606  |  8.9 |  AV:L  | POC |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6610  |  8.9 |  AV:L  | POC |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6817  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6931  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0565  |  8.9 |  AV:A  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0646  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-1086  |  8.9 |  AV:L  |     |           |   fixed | kernel, kernel-core,           |
|                |      |        |     |           |         | kernel-devel,                  |
|                |      |        |     |           |         | kernel-modules, kernel-tools,  |
|                |      |        |     |           |         | kernel-tools-libs,             |
|                |      |        |     |           |         | python3-perf                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-1488  |  8.9 |  AV:L  |     |           |   fixed | python3-unbound, unbound-libs  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-28410 |  8.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2961  |  8.8 |  AV:N  |     |           | unfixed | glibc                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-32487 |  8.6 |  AV:L  |     |           | unfixed | less                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1665  |  8.2 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-27635 |  8.2 |  AV:L  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-46329 |  8.2 |  AV:L  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-40153 |  8.1 |  AV:N  | POC |           | unfixed | squashfs-tools                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-41072 |  8.1 |  AV:N  | POC |           | unfixed | squashfs-tools                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-43804 |  8.1 |  AV:N  |     |           |   fixed | python3-urllib3                |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-40964 |  7.9 |  AV:L  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-15778 |  7.8 |  AV:N  | POC |           | unfixed | openssh                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-29657 |  7.8 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3444  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-38166 |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0886  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-20566 |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-3424  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-3565  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-38076 |  7.8 |  AV:L  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-44840 |  7.8 |  AV:L  | POC |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-45934 |  7.8 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-28464 |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3640  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4244  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6040  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6176  |  7.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-33599 |  7.6 |  AV:N  |     |           | unfixed | glibc                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-25645 |  7.5 |  AV:N  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-34981 |  7.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3714  |  7.5 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-43618 |  7.5 |  AV:L  | POC |           | unfixed | gmp                            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-3064  |  7.5 |  AV:N  |     |           | unfixed | rhc                            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48560 |  7.5 |  AV:N  | POC |           |   fixed | platform-python, python3-libs  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-29499 |  7.5 |  AV:L  |     |           | unfixed | glib2                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2953  |  7.5 |  AV:N  |     |           | unfixed | openldap                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39198 |  7.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52425 |  7.5 |  AV:N  |     |           |   fixed | expat                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0553  |  7.5 |  AV:N  |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-1394  |  7.5 |  AV:N  |     |           | unfixed | rhc                            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2398  |  7.5 |  AV:N  |     |           | unfixed | curl                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-25062 |  7.5 |  AV:N  |     |           | unfixed | libxml2                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-3205  |  7.5 |  AV:N  |     |           | unfixed | libyaml                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-7104  |  7.3 |  AV:N  |     |           |   fixed | sqlite-libs                    |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-24806 |  7.3 |  AV:N  |     |           | unfixed | libuv                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-15794 |  7.1 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1380  |  7.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4387  |  7.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52606 |  7.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-25742 |  7.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-25743 |  7.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-40490 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47013 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-45885 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48624 |  7.0 |  AV:L  |     |           |   fixed | less                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1077  |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2248  |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-42465 |  7.0 |  AV:L  |     |           |   fixed | sudo                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-51779 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-51780 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52439 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52581 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26852 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26923 |  7.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-22217 |  6.9 |  AV:N  | POC |           |   fixed | c-ares                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-28241 |  6.9 |  AV:N  | POC |           |   fixed | libmaxminddb                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-35937 |  6.9 |  AV:L  | POC |           |   fixed | python3-rpm, rpm,              |
|                |      |        |     |           |         | rpm-build-libs, rpm-libs,      |
|                |      |        |     |           |         | rpm-plugin-selinux,            |
|                |      |        |     |           |         | rpm-plugin-systemd-inhibit     |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-35938 |  6.9 |  AV:L  | POC |           |   fixed | python3-rpm, rpm,              |
|                |      |        |     |           |         | rpm-build-libs, rpm-libs,      |
|                |      |        |     |           |         | rpm-plugin-selinux,            |
|                |      |        |     |           |         | rpm-plugin-systemd-inhibit     |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-35939 |  6.9 |  AV:L  | POC |           |   fixed | python3-rpm, rpm,              |
|                |      |        |     |           |         | rpm-build-libs, rpm-libs,      |
|                |      |        |     |           |         | rpm-plugin-selinux,            |
|                |      |        |     |           |         | rpm-plugin-systemd-inhibit     |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48564 |  6.9 |  AV:N  | POC |           |   fixed | platform-python, python3-libs  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-27043 |  6.9 |  AV:N  | POC |           |   fixed | platform-python, python3-libs  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-28322 |  6.9 |  AV:N  | POC |           |   fixed | curl, libcurl                  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-28486 |  6.9 |  AV:N  |     |           |   fixed | sudo                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-28487 |  6.9 |  AV:N  |     |           |   fixed | sudo                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-31130 |  6.9 |  AV:L  |     |           |   fixed | c-ares                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-38546 |  6.9 |  AV:N  |     |           |   fixed | curl, libcurl                  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39615 |  6.9 |  AV:N  | POC |           |   fixed | libxml2                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-45803 |  6.9 |  AV:A  |     |           |   fixed | python3-urllib3                |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-46218 |  6.9 |  AV:N  | POC |           |   fixed | curl, libcurl                  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-48795 |  6.9 |  AV:N  |     |           |   fixed | libssh, libssh-config          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5981  |  6.9 |  AV:N  |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-28834 |  6.9 |  AV:N  |     |           |   fixed | gnutls                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-13631 |  6.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-24023 |  6.8 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-28972 |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-4001  |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47198 |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3159  |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39192 |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26586 |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26828 |  6.7 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26883 |  6.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0841  |  6.6 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-3702  |  6.5 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3178  |  6.5 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-31879 |  6.5 |  AV:N  |     |           | unfixed | wget                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-38206 |  6.5 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-36351 |  6.5 |  AV:A  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-20592 |  6.5 |  AV:L  |     |           | unfixed | linux-firmware                 |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-31147 |  6.5 |  AV:N  |     |           | unfixed | c-ares                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-32611 |  6.5 |  AV:N  |     |           | unfixed | glib2                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-32665 |  6.5 |  AV:N  |     |           | unfixed | glib2                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-42755 |  6.5 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4969  |  6.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52340 |  6.5 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6240  |  6.5 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-38198 |  6.4 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-20154 |  6.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2483  |  6.4 |  AV:P  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-45863 |  6.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52610 |  6.4 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-36280 |  6.3 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26689 |  6.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6915  |  6.2 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47213 |  6.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39193 |  6.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52475 |  6.1 |  AV:P  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26610 |  6.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-27171 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47097 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47138 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47144 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47191 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47199 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47219 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39189 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5090  |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52478 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52626 |  6.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-15802 |  5.9 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-28097 |  5.9 |  AV:P  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52434 |  5.9 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-7008  |  5.9 |  AV:N  |     |           | unfixed | systemd                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2236  |  5.9 |  AV:N  |     |           | unfixed | libgcrypt                      |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52530 |  5.8 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-19530 |  5.7 |  AV:P  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47038 |  5.7 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-25744 |  5.6 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-20095 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-12656 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-36311 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-36777 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-34556 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-34693 |  5.5 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-35477 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-4135  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46929 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46939 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47024 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47044 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47143 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47152 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47162 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47163 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47166 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47167 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47168 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47179 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47186 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47194 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0171  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-4543  |  5.5 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-47007 |  5.5 |  AV:L  | POC |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-47008 |  5.5 |  AV:L  | POC |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-47010 |  5.5 |  AV:L  | POC |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-47011 |  5.5 |  AV:L  | POC |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48619 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48631 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48633 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48634 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48635 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48637 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48638 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48639 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48640 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48642 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48646 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48647 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48648 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48650 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48651 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48652 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48653 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48658 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48659 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48662 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-48666 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3006  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-31082 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4133  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4194  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-42754 |  5.5 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52489 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52580 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52587 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52607 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52619 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6622  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0639  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-0641  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-1151  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2193  |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-22365 |  5.5 |  AV:L  |     |           | unfixed | pam                            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2397  |  5.5 |  AV:L  |     |           | unfixed | libpcap                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26584 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26609 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26621 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26686 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26735 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26740 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26742 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26763 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26772 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26801 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26804 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26826 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26851 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26878 |  5.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-10135 |  5.4 |  AV:A  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-26555 |  5.4 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47036 |  5.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1972  |  5.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3446  |  5.3 |  AV:N  |     |           |   fixed | openssl, openssl-devel,        |
|                |      |        |     |           |         | openssl-libs                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3817  |  5.3 |  AV:N  |     |           |   fixed | openssl, openssl-devel,        |
|                |      |        |     |           |         | openssl-libs                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-5678  |  5.3 |  AV:N  |     |           |   fixed | openssl, openssl-devel,        |
|                |      |        |     |           |         | openssl-libs                   |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-7216  |  5.3 |  AV:L  |     |           | unfixed | cpio                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26886 |  5.3 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-33600 |  5.3 |  AV:N  |     |           | unfixed | glibc                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26583 |  5.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26585 |  5.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6004  |  4.8 |  AV:L  |     |           | unfixed | libssh                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-20794 |  4.7 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-27170 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-33624 |  4.7 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3753  |  4.7 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3896  |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-31083 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52435 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52448 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52578 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52639 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2201  |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26643 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26656 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26688 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26691 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26915 |  4.7 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-15213 |  4.6 |  AV:P  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-15219 |  4.6 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-37453 |  4.6 |  AV:P  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-10741 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-4159  |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46961 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46963 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46976 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47120 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47133 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47136 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47140 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47141 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47142 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47164 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47170 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47171 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47173 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47176 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47177 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47178 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47182 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47183 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47184 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47185 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47192 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47196 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47197 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47201 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47203 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47209 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47210 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47211 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47212 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47215 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47217 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47218 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39194 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52477 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52513 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52516 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52574 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52614 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52615 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-25629 |  4.4 |  AV:L  |     |           | unfixed | c-ares                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26593 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26649 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26671 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26703 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26718 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26830 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26845 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26853 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26855 |  4.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6121  |  4.3 |  AV:N  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26700 |  4.3 |  AV:P  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-14416 |  4.2 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-26558 |  4.2 |  AV:A  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52458 |  4.2 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-25656 |  4.1 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47118 |  4.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52568 |  4.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26698 |  4.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26897 |  4.1 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-33601 |  4.0 |  AV:L  |     |           | unfixed | glibc                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-33602 |  4.0 |  AV:L  |     |           | unfixed | glibc                          |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-6918  |  3.7 |  AV:N  |     |           | unfixed | libssh                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-2511  |  3.7 |  AV:N  |     |           | unfixed | openssl                        |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-29374 |  3.6 |  AV:L  | POC |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-35501 |  3.4 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3655  |  3.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-1513  |  3.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52560 |  3.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52565 |  3.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52445 |  3.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52464 |  2.9 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-52620 |  2.5 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46926 |  2.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26603 |  2.3 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-3894  |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46905 |  0.0 |        |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-46975 |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-47055 |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-0047  |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-2222  |  0.0 |  AV:L  |     |           | unfixed | binutils                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-3327  |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-39195 |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2023-4563  |  0.0 |  AV:L  |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2024-26595 |  0.0 |        |     |           | unfixed | kernel                         |
+----------------+------+--------+-----+-----------+---------+--------------------------------+

Configuration (MUST fill this out):

Hash : f3f6671

MaineK00n commented 7 months ago

There is no binary package called vim, but it seems to be a source package name for a binary package such as vim-common.

[vagrant@rhel8 ~]$ rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{MODULARITYLABEL} %{SOURCERPM}\n" | grep vim
vim-minimal 2 8.0.1763 19.el8_6.4 x86_64 (none) vim-8.0.1763-19.el8_6.4.src.rpm
vim-filesystem 2 8.0.1763 19.el8_6.4 noarch (none) vim-8.0.1763-19.el8_6.4.src.rpm
vim-common 2 8.0.1763 19.el8_6.4 x86_64 (none) vim-8.0.1763-19.el8_6.4.src.rpm
vim-enhanced 2 8.0.1763 19.el8_6.4 x86_64 (none) vim-8.0.1763-19.el8_6.4.src.rpm

In gost, it seems that vulnerabilities are tied to source package names. https://github.com/aquasecurity/vuln-list-redhat/blob/8784a9f6a915cead963851da1111342e9e7224a8/api/2020/CVE-2020-20703.json#L5-L10

OVAL includes a binary package and, for some reason, a source package. It seems that only unpatched ones contain the source package? (As far as I verified with vim package) https://access.redhat.com/security/data/oval/v2/RHEL8/rhel-8-including-unpatched.oval.xml.bz2

<definition class="vulnerability" id="oval:com.redhat.cve:def:202020703" version="636">
 <metadata>
  <title>vim: buffer overflow (low)</title>
  <reference ref_id="CVE-2020-20703" ref_url="https://access.redhat.com/security/cve/CVE-2020-20703" source="CVE"/>
  <description>DOCUMENTATION: A use-after-free flaw was found in Vim. This issue allows a heap buffer overflow leading to a write access violation. This flaw allows the attacker to possibly have control over the write address and value, which may lead to an application crash. 
            STATEMENT: Red Hat Product Security has rated this issue as having a Low security impact, because the &quot;victim&quot; has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it.

For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/
            MITIGATION: Untrusted vim scripts with -s [scriptin] are not recommended to run.</description>
  <advisory from="secalert@redhat.com">
   <severity>Low</severity>
   <updated date="2024-02-07"/>
   <cve cvss3="5.5/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" cwe="CWE-416-&gt;CWE-119" href="https://access.redhat.com/security/cve/CVE-2020-20703" impact="low" public="20230620">CVE-2020-20703</cve>
   <affected>
    <resolution state="Affected">
     <component>vim</component>
     <component>vim-X11</component>
     <component>vim-common</component>
     <component>vim-enhanced</component>
     <component>vim-filesystem</component>
     <component>vim-minimal</component>
    </resolution>
   </affected>
   <affected_cpe_list>
    <cpe>cpe:/a:redhat:enterprise_linux:8</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::appstream</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::crb</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::highavailability</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::nfv</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::realtime</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::resilientstorage</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::sap</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::sap_hana</cpe>
    <cpe>cpe:/a:redhat:enterprise_linux:8::supplementary</cpe>
    <cpe>cpe:/o:redhat:enterprise_linux:8</cpe>
    <cpe>cpe:/o:redhat:enterprise_linux:8::baseos</cpe>
   </affected_cpe_list>
  </advisory>
 </metadata>
 <criteria operator="OR">
  <criterion comment="Red Hat Enterprise Linux must be installed" test_ref="oval:com.redhat.cve:tst:20052541004"/>
  <criteria operator="AND">
   <criterion comment="Red Hat Enterprise Linux 8 is installed" test_ref="oval:com.redhat.cve:tst:20052541003"/>
   <criteria operator="OR">
    <criteria operator="AND">
     <criterion comment="vim-minimal is installed" test_ref="oval:com.redhat.cve:tst:201820786009"/>
     <criterion comment="vim-minimal is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786010"/>
    </criteria>
    <criteria operator="AND">
     <criterion comment="vim is installed" test_ref="oval:com.redhat.cve:tst:201820786011"/>
     <criterion comment="vim is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786012"/>
    </criteria>
    <criteria operator="AND">
     <criterion comment="vim-common is installed" test_ref="oval:com.redhat.cve:tst:201820786003"/>
     <criterion comment="vim-common is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786004"/>
    </criteria>
    <criteria operator="AND">
     <criterion comment="vim-X11 is installed" test_ref="oval:com.redhat.cve:tst:201820786013"/>
     <criterion comment="vim-X11 is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786014"/>
    </criteria>
    <criteria operator="AND">
     <criterion comment="vim-enhanced is installed" test_ref="oval:com.redhat.cve:tst:201820786007"/>
     <criterion comment="vim-enhanced is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786008"/>
    </criteria>
    <criteria operator="AND">
     <criterion comment="vim-filesystem is installed" test_ref="oval:com.redhat.cve:tst:201820786005"/>
     <criterion comment="vim-filesystem is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:201820786006"/>
    </criteria>
   </criteria>
  </criteria>
 </criteria>
</definition>

In the case of a modular package, it must be specified as <module name>:<stream>/<source package name> if it is a gost. https://github.com/aquasecurity/vuln-list-redhat/blob/e235751d3cb68756b4c4dd873170b694df8b1417/api/2024/CVE-2024-20984.json#L24-L29

MaineK00n commented 7 months ago

There are two possible corrections.

  1. fix Scanner and use gost
  2. stop the use of gost and use the data containing Unpatched of OVALV2

In case 1, as before, OVAL is in charge of Patched, and gost is in charge of Unpatched, but you must update vuls scanner. In case 2, no scanner update is required, but since unpatched is not provided for OVALs under RHRL 5, the detection of unpatched vulnerabilities is not possible with the cessation of gost use.