The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU...
7.5CVSS
7.5AI Score
0.01EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than...
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in...
7CVSS
8.3AI Score
0.002EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
7.5CVSS
8.5AI Score
0.003EPSS
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not...
7.5CVSS
6.9AI Score
0.011EPSS
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs....
7.5CVSS
7.3AI Score
0.002EPSS
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service,....
7.5CVSS
8.1AI Score
0.01EPSS
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a...
8.1CVSS
7.4AI Score
0.01EPSS
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option...
7.8CVSS
7.6AI Score
0.001EPSS
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive...
7.8CVSS
6.1AI Score
0.002EPSS
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to...
7.5CVSS
7AI Score
0.004EPSS
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by...
5.5CVSS
5.7AI Score
0.002EPSS
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel...
7.5CVSS
7.2AI Score
0.002EPSS