Lucene search
K

611 matches found

OSV
OSV
added 2023/03/28 3:15 p.m.2 views

DEBIAN-CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.2AI score0.01583EPSS
Exploits0References1
OSV
OSV
added 2023/03/28 3:15 p.m.3 views

UBUNTU-CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.6AI score0.01583EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/28 12:0 a.m.12 views

PT-2023-3200

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description The issue is related to the handling of invalid certificate policies in leaf certificates by OpenSSL. When a non-default option is used for verifying certificates, applications may be...

9.1CVSS7.4AI score0.99999EPSS
Exploits22References309
RedHat Linux
RedHat Linux
added 2023/03/07 9:58 a.m.1 views

kernel: use-after-free related to leaf anon_vma double reuse

A memory leak flaw with use-after-free capability was found in the Linux kernel. The VMA mm/rmap.c functionality in the ismergeableanonvma function continuously forks, using memory operations to trigger an incorrect reuse of leaf anonvma. This issue allows a local attacker to crash the system...

5.5CVSS6.6AI score0.00971EPSS
Exploits3References5
F5 Networks
F5 Networks
added 2023/02/21 7:51 p.m.49 views

K16937: OpenSSL vulnerability CVE-2015-1793

Security Advisory Description Description The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints CA values during identification of alternative certificate chains, which allows remote attackers to spoof ...

6.5CVSS6.5AI score0.61798EPSS
Exploits6
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-4336

Buffer underflow in the buildtree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index...

7.5CVSS7.9AI score0.0551EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.4 views

SUSE CVE-2012-4213

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via unspecified vectors...

9.3CVSS9.3AI score0.06155EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.5 views

SUSE CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

6.2CVSS7.3AI score0.02041EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.1 views

SUSE CVE-2021-28710

certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...

8.8CVSS6.7AI score0.00276EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-28906

In function readyinleaf in libyang extr is NULL. In some cases, it can be NULL, which leads to the operation of retval-extr-flags that results in a crash...

7.5CVSS6.8AI score0.01572EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.2 views

SUSE CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse...

7CVSS6.6AI score0.00971EPSS
Exploits3References41
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01364EPSS
Exploits7References2
OSV
OSV
added 2022/12/08 2:25 a.m.12 views

GSD-2022-1007698 arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud

arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...

7.2AI score
Exploits0
Snyk
Snyk
added 2022/11/06 9:57 a.m.1 views

Cross-site Scripting (XSS)

Overview vapor/leaf-kit is an an expressive, performant, and extensible templating language built for Swift. Affected versions of this package are vulnerable to Cross-site Scripting XSS with untrusted user input. If an attacker managed to find a variable that was rendered with their unsanitized...

7.4CVSS5.3AI score0.0071EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2022/10/12 7:0 a.m.3 views

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.

...

5.5CVSS7.2AI score0.00971EPSS
Exploits3
Code423n4
Code423n4
added 2022/10/10 12:0 a.m.7 views

Merkle verifier library verifies intermediate inputs

Lines of code Vulnerability details Vulnerability details Description MerkleVerifier provides a set of functions for verification of a Merkle proof by performing an inclusion check of input against a binary tree. This is implemented as consecutively hashing concatenated sibling nodes until a root...

6.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/10/09 11:15 p.m.1 views

CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse...

5.5CVSS5.8AI score0.00971EPSS
Exploits3References6
OSV
OSV
added 2022/10/09 11:15 p.m.2 views

DEBIAN-CVE-2022-42703

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse...

5.5CVSS6.5AI score0.00971EPSS
Exploits3References1
OSV
OSV
added 2022/10/09 11:15 p.m.6 views

AZL-11094 CVE-2022-42703 affecting package kernel for versions less than 5.15.74.1-3

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse...

5.5CVSS6.7AI score0.00971EPSS
Exploits3References1
Prion
Prion
added 2022/10/09 11:15 p.m.27 views

Design/Logic Flaw

mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse...

1.7CVSS6.1AI score0.00971EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder