Lucene search
K

53 matches found

NVD
NVD
added 2024/07/24 8:15 a.m.43 views

CVE-2024-6874

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS0.00786EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/07/24 12:0 a.m.31 views

CVE-2024-6874

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS6.9AI score0.00786EPSS
Exploits1References2
NVD
NVD
added 2024/05/21 3:15 p.m.15 views

CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

7.1CVSS6.3AI score0.00244EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/21 3:15 p.m.17 views

CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

7.1CVSS6.3AI score0.00244EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.64 views

AlmaLinux 9 : glibc (ALSA-2023:5453)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5453 advisory. - A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via...

7.8CVSS7.3AI score0.81422EPSS
Exploits28References5
NVD
NVD
added 2023/09/18 5:15 p.m.28 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.9AI score0.01508EPSS
Exploits1References12
OSV
OSV
added 2023/09/18 5:15 p.m.34 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.5AI score0.01508EPSS
Exploits1References10
Prion
Prion
added 2023/09/18 5:15 p.m.31 views

Design/Logic Flaw

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

4CVSS6.8AI score0.01508EPSS
Exploits1References10Affected Software22
UbuntuCve
UbuntuCve
added 2023/09/18 5:15 p.m.57 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.6AI score0.01508EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/18 4:32 p.m.46 views

CVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS7.1AI score0.01508EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/09/18 4:32 p.m.10 views

CVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.7AI score0.01508EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/09/12 2:54 p.m.55 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...

6.5CVSS6.8AI score0.01508EPSS
Exploits1References3
OSV
OSV
added 2021/10/22 5:8 p.m.10 views

CLSA-2021-1634922517 Fixed CVE-2021-22925 in curl

telnet stack contents disclosure again CVE-2021-22925...

5.3CVSS6.7AI score0.04929EPSS
Exploits1References1
OSV
OSV
added 2021/10/22 5:8 p.m.5 views

CLSA-2021-1634922501 Fixed CVE-2021-22925 in curl

telnet stack contents disclosure again CVE-2021-22925...

5.3CVSS6.8AI score0.04929EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/07/22 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:2440-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.0627EPSS
Exploits4References7
Hacker One
Hacker One
added 2021/06/11 12:15 p.m.86 views

curl: CVE-2021-22925: TELNET stack contents disclosure again

Summary: CVE-2021-22898: TELNET stack contents disclosure 1176461 issue was recently reported for curl and it was addressed in curl 7.77.0: https://curl.se/docs/CVE-2021-22898.html https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde https://hackerone.com/reports/1176461...

5CVSS6.1AI score0.04929EPSS
Exploits2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2015:0745-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.7AI score0.0057EPSS
Exploits0References8
OSV
OSV
added 2021/05/26 8:0 a.m.10 views

CURL-CVE-2021-22898 TELNET stack contents disclosure

curl supports the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl. This rarely used option is used to send variable=content pairs to TELNET servers. Due to flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on uninitialized data from a stack bas...

3.1CVSS5.1AI score0.04385EPSS
Exploits1
OSV
OSV
added 2021/05/06 4:15 p.m.3 views

UBUNTU-CVE-2021-31829

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can...

5.5CVSS6.7AI score0.00306EPSS
Exploits0References10
OSV
OSV
added 2020/04/02 10:14 p.m.5 views

USN-4316-2 libgd2 vulnerabilities

USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics...

7.5CVSS6.1AI score0.04332EPSS
Exploits1References3
Rows per page
Query Builder