Lucene search
K

525 matches found

RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.3 views

kernel: double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c

A double-free flaw was found in the Linux kernel in the emsusbstartxmit function. This flaw allows an attacker to create a memory leak and corrupt the underlying data structure by calling free more than once...

7.8CVSS6.6AI score0.0035EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/11/08 9:46 a.m.3 views

golang: path/filepath: stack exhaustion in Glob

A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability...

7.5CVSS6.6AI score0.01618EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/02 2:37 p.m.67 views

Moderate: Red Hat Security Advisory: lua security update

An update for lua is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS7.1AI score0.025EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/10/03 3:30 p.m.5 views

bind: memory leaks in EdDSA DNSSEC verification code

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS7.2AI score0.02176EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.5 views

mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS6.8AI score0.01024EPSS
Exploits0References4
Fedora
Fedora
added 2022/09/14 12:29 a.m.33 views

[SECURITY] Fedora 37 Update: python3.10-3.10.7-1.fc37

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

7.5CVSS8AI score0.03213EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.4 views

mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc

A flaw was found in the MariaDB Server. It contains a use-after-free in the component, VDec::VDec at /sql/sqltype.cc, affecting availability...

7.5CVSS7.3AI score0.02125EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.3 views

mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...

7.5CVSS7.3AI score0.01766EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/09 12:23 p.m.10 views

mariadb: server crash at Field::set_default via specially crafted SQL statements

A flaw was found in MariaDB. The component, Field::setdefault, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

7.5CVSS7.3AI score0.02159EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/02 10:9 a.m.6 views

mariadb: server crash in component arg_comparator::compare_real_fixed

A flaw was found in MariaDB. The component, Argcomparator::comparerealfixed, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

7.5CVSS7.3AI score0.02264EPSS
Exploits1References4
Fedora
Fedora
added 2022/07/17 1:15 a.m.34 views

[SECURITY] Fedora 35 Update: aquatone-1.7.0-7.fc35

A Tool for Domain Flyovers...

9.3CVSS3.3AI score0.05994EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.2 views

postgresql-jdbc: Arbitrary File Write Vulnerability

A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or serv...

9.8CVSS7.4AI score0.02928EPSS
Exploits0References4
Fedora
Fedora
added 2022/05/07 5:6 a.m.29 views

[SECURITY] Fedora 36 Update: golang-k8s-kube-aggregator-1.22.0-3.fc36

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

7.5CVSS3.2AI score0.03931EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/05/06 5:15 a.m.2 views

CVE-2022-30294

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-30293. Reason: This candidate is a duplicate of CVE-2022-30293. Notes: All CVE users should reference CVE-2022-30293 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.1AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/03/16 4:21 p.m.3 views

expat: Integer overflow in storeAtts in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

8.8CVSS7.5AI score0.02778EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/02/22 5:14 p.m.6 views

kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege

A flaw was found in the Linux kernel’s multi-touch input system. An out-of-bounds write triggered by a use-after-free issue could lead to memory corruption or possible privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.2CVSS7.1AI score0.00268EPSS
Exploits0References4
Fedora
Fedora
added 2022/02/04 1:23 a.m.23 views

[SECURITY] Fedora 34 Update: rust-tokei-12.0.4-11.fc34

Utility that allows you to count code, quickly...

7.3CVSS2.8AI score0.01376EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/01/19 11:23 a.m.56 views

CVE-2022-21296

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS4.7AI score0.02825EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/12/07 3:47 p.m.6 views

nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

A remote code execution flaw was found in the way NSS verifies certificates. This flaw allows an attacker posing as an SSL/TLS server to trigger this issue in a client application compiled with NSS when it tries to initiate an SSL/TLS connection. Similarly, a server application compiled with NSS,...

9.8CVSS7.7AI score0.17563EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2021/12/02 4:17 p.m.3 views

xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

8.5CVSS7.7AI score0.04735EPSS
Exploits1References5
Rows per page
Query Builder