921352 matches found
CVE-2024-32020 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...
RLSA-2024:2564 Moderate: mod_http2 security update
The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
ALSA-2024:1644 Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloa...
GHSA-MP76-7W5V-PR75 TurboBoost Commands vulnerable to arbitrary method invocation
Impact TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren't as robust as they should be. It's possible for a sophisticated attacker to invoke more methods than should be permitted dependi...
BIT-NATS-2022-26652
NATS nats-server before 2.7.4 allows Directory Traversal with write access via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected...
BIT-APACHE-2022-28330 read beyond bounds in mod_isapi
Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...
ALSA-2024:0889 Moderate: oniguruma security update
Oniguruma is a regular expressions library that supports a variety of character encodings. Security Fixes: oniguruma: Use-after-free in onignewdeluxe in regext.c CVE-2019-13224 oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c CVE-2019-16163 oniguruma: integer overflow i...
DSA-5514-1 glibc - security update
Bulletin has no description...
ALSA-2023:2167 Moderate: grafana security and enhancement update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after sending GOAWAY...
GHSA-MFVG-QWCW-QVC8 baserCMS allows any file to be uploaded
There is a vulnerability that allows uploading any files to baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible. Target baserCMS 4.7.3 and earli...
GHSA-VV3R-FXQP-VR3F XSS via uploaded gpx file
A malicious content author could upload a GPX file with a Javascript payload. The payload could then be executed by luring a legitimate user to view the file in a browser with support for GPX files. GPX is an XML-based format used to store GPS data. By default, Silverstripe CMS will no longer all...
GHSA-CM59-PR5Q-CW85 Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot
spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. The vulnerable method is used to create a work directory for embedd...
DSA-5128-1 openjdk-17 - security update
Bulletin has no description...
DSA-5111-1 zlib - security update
Bulletin has no description...
UVI-2021-1001147 CWE-89 in Secure Remote Access (SRA) version 8.x, 9.0.0.9-26sv and earlier
SonicWall is aware of improper neutralization of a SQL Command leading to SQL Injection vulnerability, reported by CrowdStrike, impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware or an old version of firmware 9.x 9.0.0.9-26sv or...
GHSA-75PC-QVWC-JF3G Improper Input Validation in HashiCorp Vault
HashiCorp Vault and Vault Enterprise 1.4.x before 1.4.2 in Go package github.com/hashicorp/vault-plugin-secrets-gcp/plugin has Incorrect Access Control...
DLA-2560-1 qemu - security update
Bulletin has no description...
PYSEC-2020-108
DISPUTED svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence standard with a large value in the nsupport...
RUSTSEC-2020-0059 MutexGuard::map can cause a data race in safe code
Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U. This could of led to data races in safe Rust code when a closure used in MutexGuard::map returns U that is unrelated to T. The issue was...
RUSTSEC-2020-0039 `index()` allows out-of-bound read and `remove()` has off-by-one error
Slab::index does not perform the boundary checking, which leads to out-of-bound read access. Slab::remove copies an element from an invalid address due to off-by-one error, resulting in memory leakage and uninitialized memory drop...
GHSA-MM9X-G8PC-W292 Denial of Service in Netty
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder...
DSA-4701-1 intel-microcode - security update
Bulletin has no description...
DLA-1823-1 linux - security update
Bulletin has no description...
DLA-1383-1 xen - security update
Bulletin has no description...
DLA-1373-1 php5 - security update
Bulletin has no description...
UBUNTU-CVE-2018-7567
In the Admin Package Manager in Open Ticket Request System OTRS 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server...
DLA-809-1 tcpdump - security update
Bulletin has no description...
CVE-2016-6515
The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...
DLA-359-1 mysql-5.5 - packages as an option announcement
Bulletin has no description...
DSA-2420-1 openjdk-6 - several
Bulletin has no description...
DSA-2122-2 glibc - privilege escalation
Bulletin has no description...
DSA-1787-1 linux-2.6.24 - several vulnerabilities
Bulletin has no description...
DSA-1621-1 icedove - several vulnerabilities
Bulletin has no description...
RUSTSEC-2026-0173 proc-macro-error2 is unmaintained
The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...
RHSA-2026:18683 Red Hat Security Advisory: libssh security update
Bulletin has no description...
BIT-TOMCAT-2020-1938
When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...
GO-2025-3997 github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks in github.com/MANTRA-Chain/mantrachain
github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks in github.com/MANTRA-Chain/mantrachain...
CVE-2024-38820 CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could potentially result in fields not protected as expected...
RHSA-2023:1043 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7
Bulletin has no description...
GO-2022-1208 gotify/server vulnerable to Cross-site Scripting in the application image file upload in github.com/gotify/server
gotify/server vulnerable to Cross-site Scripting in the application image file upload in github.com/gotify/server...
GO-2022-0298 Command injection in gh-ost in github.com/github/gh-ost
Command injection in gh-ost in github.com/github/gh-ost...
GHSA-7HMH-PFRP-VCX4 Directus GraphQL Field Duplication Denial of Service (DoS)
Summary A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single query. This can cause the server to perform redundant computations and...
CVE-2024-6387 Openssh: regresshion - race condition in ssh allows rce/dos
A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period...
CVE-2023-50230 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...
GHSA-2XP3-57P7-QF4V xml-crypto vulnerable to XML signature verification bypass due improper verification of signature/signature spoofing
Summary Default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/sec-CoreValidation. As such, without additional validation steps, the default configuration allows a...
BIT-2023-43814
Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the /polls/groupedpollresults endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where t...
RSEC-2023-8 Denial of Service (DoS) vulnerabilities
cmark-gfm, GitHub's extended version of the CommonMark library in C, suffers from multiple vulnerabilities affecting versions prior to 0.29.0.gfm.12. Various issues, including polynomial time complexity in multiple components like autolink extension, handleclosebracket, and parsing of certain tex...
GO-2023-2077 Authentication bypass in github.com/sagernet/sing
Authentication bypass in github.com/sagernet/sing...
ALSA-2023:5091 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
RUSTSEC-2023-0053 rustls-webpki: CPU denial of service in certificate path building
When this crate is given a pathological certificate chain to validate, it will spend CPU time exponential with the number of candidate certificates at each step of path building. Both TLS clients and TLS servers that accept client certificate are affected. We now give each path building operation...