nftables Security Vulnerabilities

nftables is a subsystem of the Linux kernel open-sourced by The Netfilter Project. for filtering and categorizing network packets, messages, and Ethernet frames. A security vulnerability exists in nftables version 0.1.0, which stems from IP addresses being encoded in the wrong byte order, causing...

PT-2024-40743 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: The issue is related to a heap buffer overflow, which occurs when writing data. The crash state indicates the involvement of specific functions, including H5F addr encode, H5O fsinfo encode, a...

The vulnerability of the RGW component of the Ceph storage system allows a attacker to cause a service failure.

The vulnerability of the RGW component of the Ceph storage system is related to encoding errors in URL addresses. Exploiting this vulnerability can allow a malicious actor to cause service failures...

SUSE CVE-2016-4345

Integer overflow in the phpfilterencodeurl function in ext/filter/sanitizingfilters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow...

PT-2022-6955 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the classic access control list ACL compression feature could allow an unauthenticated, remote attacker to bypass the protection offered by a configured ACL...

The vulnerability of the cURL command-line utility, related to errors in URL encoding, allows a hacker to redirect users to another URL address.

The vulnerability of the cURL command-line utility relates to the replacement of the “%” symbol with “/” when encoding URL addresses. Exploiting this vulnerability can allow a remote attacker to redirect users to a different URL address...

PT-2020-16518 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 740 through 754 Description: The issue arises from insufficient URL encoding, allowing an attacker to input malicious JavaScript in the URL. This could result in the execution of the malicious script in the...

GHSA-R2J6-P67H-Q639 Secret disclosure when containing characters that become URI encoded

Impact Secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that become encoded when included in a URL. Patches Fixed in v17.2.3 Workarounds Secrets that do not contain characters that become encoded when included in a URL are already...

PT-2019-3160 · Document Foundation +5 · Libreoffice +5

Name of the Vulnerable Software and Affected Versions: Document Foundation LibreOffice versions prior to 6.2.6 Description: The issue is related to the handling of URLs in LibreOffice, specifically with the LibreLogo module. It allows a remote attacker to execute arbitrary code on the target syst...

CVE-2018-8899

IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations...