Lucene search

K

H500s Security Vulnerabilities

cve
cve

CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result...

7.5CVSS

7.3AI Score

0.001EPSS

2023-10-25 06:17 PM
213
cve
cve

CVE-2023-40791

extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for...

6.3CVSS

6AI Score

0.0004EPSS

2023-10-16 03:15 AM
86
cve
cve

CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18.....

7.5CVSS

7.3AI Score

0.001EPSS

2023-09-20 01:15 PM
138
cve
cve

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address...

6.5CVSS

6.8AI Score

0.001EPSS

2023-09-18 05:15 PM
534
cve
cve

CVE-2023-4813

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue....

5.9CVSS

6.6AI Score

0.001EPSS

2023-09-12 10:15 PM
460
cve
cve

CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file...

6.7CVSS

6.6AI Score

0.0004EPSS

2023-08-09 03:15 PM
195
cve
cve

CVE-2023-4004

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the...

7.8CVSS

7.6AI Score

0.001EPSS

2023-07-31 05:15 PM
331
cve
cve

CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage...

7.5CVSS

7.5AI Score

0.003EPSS

2023-07-24 04:15 PM
37
cve
cve

CVE-2023-32258

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS

8.5AI Score

0.002EPSS

2023-07-24 04:15 PM
35
cve
cve

CVE-2023-32257

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage.....

8.1CVSS

7.7AI Score

0.004EPSS

2023-07-24 04:15 PM
35
cve
cve

CVE-2023-32252

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to...

7.5CVSS

7.2AI Score

0.004EPSS

2023-07-24 04:15 PM
45
cve
cve

CVE-2023-32247

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a...

7.5CVSS

7.1AI Score

0.004EPSS

2023-07-24 04:15 PM
34
cve
cve

CVE-2023-38427

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in...

9.8CVSS

8.8AI Score

0.001EPSS

2023-07-18 12:15 AM
43
cve
cve

CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds...

9.1CVSS

8.8AI Score

0.001EPSS

2023-07-18 12:15 AM
25
cve
cve

CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds...

9.1CVSS

8.8AI Score

0.001EPSS

2023-07-18 12:15 AM
49
cve
cve

CVE-2023-38432

An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds...

9.1CVSS

8.7AI Score

0.001EPSS

2023-07-18 12:15 AM
35
cve
cve

CVE-2023-38426

An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag...

9.1CVSS

8.7AI Score

0.001EPSS

2023-07-18 12:15 AM
38
cve
cve

CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds...

9.1CVSS

8.8AI Score

0.001EPSS

2023-07-18 12:15 AM
28
cve
cve

CVE-2023-32254

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

9.8CVSS

7.7AI Score

0.002EPSS

2023-07-10 04:15 PM
47
cve
cve

CVE-2023-32250

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

9CVSS

7.7AI Score

0.002EPSS

2023-07-10 04:15 PM
52
cve
cve

CVE-2023-35001

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network...

7.8CVSS

8AI Score

0.0005EPSS

2023-07-05 07:15 PM
300
cve
cve

CVE-2023-3390

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-06-28 09:15 PM
274
cve
cve

CVE-2023-1295

A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in...

7.8CVSS

6.5AI Score

0.0004EPSS

2023-06-28 12:15 PM
21
cve
cve

CVE-2023-3212

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a...

4.4CVSS

6.3AI Score

0.0004EPSS

2023-06-23 08:15 PM
72
cve
cve

CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9...

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-21 05:15 PM
95
cve
cve

CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (synth-from-dnssec) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-21 05:15 PM
80
cve
cve

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS

7.8AI Score

0.001EPSS

2023-06-21 05:15 PM
284
cve
cve

CVE-2023-35829

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in...

7CVSS

6.8AI Score

0.0004EPSS

2023-06-18 10:15 PM
45
cve
cve

CVE-2023-35826

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in...

7CVSS

6.5AI Score

0.0004EPSS

2023-06-18 10:15 PM
24
cve
cve

CVE-2023-35828

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in...

7CVSS

7.1AI Score

0.0004EPSS

2023-06-18 10:15 PM
59
cve
cve

CVE-2023-35788

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege...

7.8CVSS

7.7AI Score

0.0004EPSS

2023-06-16 09:15 PM
126
cve
cve

CVE-2023-3111

A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling...

7.8CVSS

7.4AI Score

0.0004EPSS

2023-06-05 09:15 PM
65
cve
cve

CVE-2022-48502

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in...

7.1CVSS

7AI Score

0.001EPSS

2023-05-31 08:15 PM
56
cve
cve

CVE-2023-2953

A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x()...

7.5CVSS

7.3AI Score

0.003EPSS

2023-05-30 10:15 PM
119
cve
cve

CVE-2023-2898

There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service...

4.7CVSS

5.9AI Score

0.0004EPSS

2023-05-26 10:15 PM
49
cve
cve

CVE-2023-28321

An improper certificate validation vulnerability exists in...

5.9CVSS

6.2AI Score

0.002EPSS

2023-05-26 09:15 PM
153
cve
cve

CVE-2023-28322

An information disclosure vulnerability exists in...

3.7CVSS

5.3AI Score

0.001EPSS

2023-05-26 09:15 PM
152
cve
cve

CVE-2023-28320

A denial of service vulnerability exists in...

5.9CVSS

6.3AI Score

0.001EPSS

2023-05-26 09:15 PM
76
cve
cve

CVE-2023-28319

A use after free vulnerability exists in...

7.5CVSS

7.3AI Score

0.002EPSS

2023-05-26 09:15 PM
93
cve
cve

CVE-2023-33250

The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in...

4.4CVSS

4.5AI Score

0.0004EPSS

2023-05-21 09:15 PM
66
cve
cve

CVE-2023-2124

An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-05-15 10:15 PM
138
cve
cve

CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the...

7.5CVSS

7.4AI Score

0.002EPSS

2023-04-25 11:15 PM
148
cve
cve

CVE-2023-2269

A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing...

4.4CVSS

6AI Score

0.0004EPSS

2023-04-25 09:15 PM
97
cve
cve

CVE-2023-2007

The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the.....

7.8CVSS

8AI Score

0.0005EPSS

2023-04-24 11:15 PM
104
cve
cve

CVE-2023-1989

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev...

7CVSS

6.9AI Score

0.0004EPSS

2023-04-11 09:15 PM
106
2
cve
cve

CVE-2023-1838

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak...

7.1CVSS

6.4AI Score

0.0004EPSS

2023-04-05 07:15 PM
76
cve
cve

CVE-2023-28464

hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege...

7.8CVSS

7.3AI Score

0.0004EPSS

2023-03-31 04:15 PM
81
cve
cve

CVE-2023-27535

An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certai...

5.9CVSS

7.3AI Score

0.002EPSS

2023-03-30 08:15 PM
164
cve
cve

CVE-2023-27533

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform.....

8.8CVSS

8.8AI Score

0.002EPSS

2023-03-30 08:15 PM
134
cve
cve

CVE-2023-27534

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers...

8.8CVSS

8.8AI Score

0.002EPSS

2023-03-30 08:15 PM
156
Total number of security vulnerabilities292