22107 matches found
xen: privcmd: Fix possible access to a freed kirqfd instance
...
path-to-regexp outputs backtracking regular expressions
...
bonding: change ipsec_lock from spin lock to mutex
...
usb: gadget: aspeed_udc: validate endpoint index for ast udc
...
serve-static affected by template injection that can lead to XSS
...
Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()
...
CVE-2022-28506
...
erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.
...
The Samba AD DC administration tool when operating against a remote LDAP server will by default send new or reset passwords over a signed-only connection.
...
Power Platform Information Disclosure Vulnerability
Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector...
Imagine Cup site Information Disclosure Vulnerability
Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network...
mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0
...
firmware: qcom: scm: Mark get_wq_ctx() as atomic call
...
HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.
...
mptcp: pm: only mark 'subflow' endp as available
...
tracing: Have format file honor EVENT_FILE_FL_FREED
...
vsock: fix recursive ->recvmsg calls
...
nouveau/firmware: use dma non-coherent allocator
...
rtla/osnoise: Prevent NULL dereference in error handling
...
Email header injection due to unquoted newlines
...
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
...
i2c: tegra: Do not mark ACPI devices as irq safe
...
bpf: Fix a kernel verifier crash in stacksafe()
...
fs/netfs/fscache_cookie: add missing "n_accesses" check
...
drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()
...
net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()
...
smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()
...
net/mlx5e: Take state lock during tx timeout reporter
...
body-parser vulnerable to denial of service when url encoding is enabled
...
igb: cope with large MAX_SKB_FRAGS
...
wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion
...
soc: qcom: pmic_glink: Fix race during initialization
...
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application possibly resulting in a denial of service (DoS) attack.
...
Denial of service in REXML
...
Microsoft Dataverse Elevation of Privilege Vulnerability
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network...
Remote Code Execution in pypa/setuptools
...
DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)
...
The fix in 4.6.16 4.7.9 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.
...
btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()
...
CVE-2022-45141
...
CVE-2017-15275
...
CVE-2021-20251
...
CVE-2022-0336
...
CVE-2021-20316
...
CVE-2022-32745
...
CVE-2021-3671
...
CVE-2020-25719
...
CVE-2021-44141
...
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server which also serves protocols other than dnsserver will be restarted after a short delay but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate but many RPC services will not.
...
CVE-2017-12150
...