907757 matches found
ASB-A-135368228
In i915gemexecbuffer2ioctl of i915gemexecbuffer.c, there is a possible arbitrary kernel memory write due to a missing validation of a userspace pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2020-1938
When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...
DLA-1878-1 php5 - security update
Bulletin has no description...
PYSEC-2019-194
An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...
GHSA-MQ8P-H798-XCRP Exposure of Sensitive Information in Hadoop
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications...
CVE-2016-10187
The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript...
DSA-3696-1 linux - security update
Bulletin has no description...
DLA-486-1 imagemagick - security update
Bulletin has no description...
DSA-1655-1 linux-2.6.24 - several vulnerabilities
Bulletin has no description...
RHSA-2023:6179 Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update
Bulletin has no description...
BIT-TOMCAT-2024-24549 Apache Tomcat: HTTP/2 header handling DoS
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been...
RHSA-2024:0777 Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Bulletin has no description...
RHSA-2024:5102 Red Hat Security Advisory: kernel-rt security update
Bulletin has no description...
GO-2023-2085 Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd
Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server in github.com/argoproj/argo-cd...
GO-2023-1577 Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd
Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd...
GHSA-6JJ6-GM7P-FCVV Remote Code Execution (RCE) vulnerability in geoserver
Summary Multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. Details The GeoTools library API that GeoServer calls evaluates...
MAL-2024-6694 Malicious code in assembla-cli (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
OPENSUSE-SU-2024:11169-1 php8-8.0.11-1.1 on GA media
These are all security issues fixed in the php8-8.0.11-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:12948-1 ungoogled-chromium-113.0.5672.92-1.1 on GA media
These are all security issues fixed in the ungoogled-chromium-113.0.5672.92-1.1 package on the GA media of openSUSE Tumbleweed...
BIT-GITLAB-2020-10086
GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read...
CVE-2023-46218
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a...
DLA-3638-1 h2o - security update
Bulletin has no description...
CVE-2023-46301
iTerm2 before 3.4.20 allow potentially remote code execution because of mishandling of certain escape sequences related to upload...
ALSA-2023:5749 Important: .NET 7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 7.0 to SDK 7.0.112 and Runtime 7.0.12...
GHSA-4374-P667-P6C8 HTTP/2 rapid reset can cause excessive work in net/http
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
GO-2023-2052 IsFromLocal local address check can be circumvented in github.com/gofiber/fiber/v2
The Ctx.IsFromLocal function can incorrectly report a request as being sent from localhost when the request contains an X-Forwarded-For header containing a localhost IP address...
PYSEC-2023-83
Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette...
GHSA-R97Q-GHCH-82J9 Ghost vulnerable to information disclosure of private API fields
Impact Due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack. GhostPro has already been patched. We can find no evidence that the issue was exploited on GhostPro prior to the patch being added. Self-hosters are...
DSA-5358-1 asterisk - security update
Bulletin has no description...
GHSA-J2H2-G882-X9J2 Deserialization of Untrusted Data in thinkphp
thinkphp 6.0.06.0.13 and 6.1.06.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload...
DLA-3295-1 node-moment - security update
Bulletin has no description...
CVE-2022-32221
When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...
ASB-A-242703118
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-6263-X97C-C4GG matrix-js-sdk subject to impersonated messages due to permissive key forwarding
Impact An attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the matrix-js-sdk implementing a too...
PYSEC-2022-288
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...
MAL-2022-6974 Malicious code in vscode-clangd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3e05ac1fabef54ef34176e9d555cb6e63b3dfbc2241cf304ab6a1b8b3cd2cc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
DLA-3085-1 curl - security update
Bulletin has no description...
DSA-5199-1 xorg-server - security update
Bulletin has no description...
GHSA-R58R-74GX-6WX3 Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
GHSA-CRJR-9RC5-GHW8 Nokogiri Inefficient Regular Expression Complexity
Summary Nokogiri = 1.13.4. Severity The Nokogiri maintainers have evaluated this as High Severity 7.5 CVSS3.1. References CWE-1333 Inefficient Regular Expression Complexity Credit This vulnerability was reported by HackerOne user oooooooq ななおく...
DSA-5092-1 linux - security update
Bulletin has no description...
DLA-2919-1 python2.7 - security update
Bulletin has no description...
DLA-2904-1 expat - security update
Bulletin has no description...
GHSA-77RM-9X9H-XJ3G Withdrawn Advisory: NULL Pointer Dereference in Protocol Buffers
Withdrawn Advisory This advisory has been withdrawn because the protobuf vulnerability comes from the compiler rather that the code. This link is maintained to preserve external references. Original Description Nullptr dereference when a null char is present in a proto symbol. The symbol is parse...
DSA-5050-1 linux - security update
Bulletin has no description...
DSA-5018-1 python-babel - security update
Bulletin has no description...
GHSA-WMPV-C2JP-J2XG ERC1155Supply vulnerability in OpenZeppelin Contracts
When ERC1155 tokens are minted, a callback is invoked on the receiver of those tokens, as required by the spec. When including the ERC1155Supply extension, total supply is not updated until after the callback, thus during the callback the reported total supply is lower than the real number of...
DLA-2814-1 openjdk-8 - security update
Bulletin has no description...
DLA-2802-1 elfutils - security update
Bulletin has no description...
CVE-2021-42013
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...