60081 matches found
CVE-2022-24577
GPAC 1.0.1 is affected by a NULL pointer dereference in gfutf8wcslen. gfutf8wcslen is a renamed Unicode utf8wcslen function...
CVE-2022-26496
In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBDOPTINFO or NBDOPTGO message with an large value as the length of the name...
CVE-2021-3715
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. T...
CVE-2022-25636
net/netfilter/nfdupnetdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nftablesoffload...
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based o...
CVE-2021-39144
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...
CVE-2020-14330
An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri...
CVE-2019-10092
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with...
CVE-2019-0211
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...
CVE-2023-26819
cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...
CVE-2024-2193
A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...
CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...
CVE-2023-1829
A use-after-free vulnerability in the Linux Kernel traffic control index filter tcindex can be exploited to achieve local privilege escalation. The tcindexdelete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later...
CVE-2022-42003
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled...
CVE-2022-40468
Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function...
CVE-2022-2320
A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. This flaw allows an attacker...
CVE-2021-3690
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability...
CVE-2022-1872
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...
CVE-2022-1639
Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-1015
A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue...
CVE-2022-0800
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0790
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page...
CVE-2022-28356
In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/afllc.c...
CVE-2022-0751
Removed by vendor...
CVE-2022-23042
Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...
CVE-2022-25315
In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames...
CVE-2021-34798
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...
CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query,...
CVE-2015-9251
Removed by vendor...
CVE-2016-0736
In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle...
CVE-2017-10803
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...
CVE-2016-1583
The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling...
CVE-2015-8215
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service packet loss via a value that is 1 smaller than the minimum compliant value or 2 larger than the MTU of a...
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...
CVE-2010-2938
arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure VMCS implementation in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when an Intel platform without Extended Page Tables EPT functionality is used, accesses VMCS fields without verifying hardware support for these...
CVE-2024-58250
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges...
CVE-2024-3863
The executable file warning was not presented when downloading .xrm-ms files. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
CVE-2023-49088
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...
CVE-2023-3247
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure ...
CVE-2023-0767
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-20861
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service DoS condition...
CVE-2022-0801
Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. Chrome security severity: Medium...
CVE-2022-3523
A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to...
CVE-2021-3735
A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset ahciresetport while handling a host-to-device Register FIS Frame Information Structure packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host...
CVE-2022-30287
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...
CVE-2022-33741
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
CVE-2022-28192
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager nvidia.ko, where it may lead to a use-after-free, which in turn may cause denial of service. This attack is complex to carry out because the attacker needs to have control over freeing some host side resources out of sequenc...
CVE-2022-24903
Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...
CVE-2022-21496
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2022-27377
MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL statements...