206354 matches found
CVE-2022-4137
A reflected cross-site scripting XSS vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be...
CVE-2022-3515
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...
CVE-2022-21127
A flaw was found in hw. Incomplete cleanup in specific special register read operations for some Intel® Processors may allow an authenticated user to enable information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currently available options don...
CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2021-35564
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Keytool. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2021-3773
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. Mitigation Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security...
CVE-2021-37159
A flaw use-after-free in the Linux kernel USB High Speed Mobile Devices functionality was found in the way user detaches USB device. A local user could use this flaw to crash the system or escalate their privileges on the system. Mitigation To mitigate this issue, prevent the module hso from bein...
CVE-2024-38472
A flaw was found in httpd on Windows systems. This issue potentially allows NTLM hashes to be leaked to a malicious server via Server-side request forgery SSRF and malicious requests or content...
CVE-2024-36472
A vulnerability was found in GNOME Shell. A portal helper can be launched automatically without user confirmation based on the network responses provided by an adversary...
CVE-2024-24795
A flaw was found in httpd. An HTTP response splitting in multiple httpd modules may allow an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2023-22102
A vulnerability was found in the MySQL Connectors product of Oracle MySQL component: Connector/J. This issue may allow unauthenticated attackers with network access via multiple protocols to compromise MySQL Connectors. Successful attacks can result in a takeover of MySQL Connectors...
CVE-2023-30547
A flaw was found in the vm2 sandbox. When exception handling is triggered, an unsanitized host is not managed properly. This issue may allow an attacker to bypass the sandbox protections, which can lead to remote code execution on the hypervisor host or the host that is running the sandbox...
CVE-2023-0465
A flaw was found in OpenSSL. Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. OpenSSL and other certificate policy checks silently ignore invalid certificate policies in leaf certificates that a...
CVE-2022-3266
The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash...
CVE-2022-23539
A flaw was found in the jsonwebtoken package. The affected versions of the jsonwebtoken library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm...
CVE-2022-46908
A flaw was found in the SQLite package. SQLite could allow a local attacker to bypass security restrictions caused by an issue when relying on --safe for the execution of an untrusted CLI script, potentially leading to arbitrary file read/write...
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
CVE-2022-3650
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information. This issue can lead to loss of confidentiality, integrity, and availability...
CVE-2022-2961
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rosebind function. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2022-2816
An out-of-bounds read vulnerability was found in Vim in the checkvim9unlet function in the vim9cmds.c file. This issue occurs because of invalid memory access when compiling the unlet command when a specially crafted input is processed. This flaw allows an attacker who can trick a user into openi...
CVE-2022-36123
A memory access flaw was found in the Linux kernel’s XEN hypervisor for the virtual machine. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...
CVE-2022-31045
A flaw was found in Istio. Memory access violation of ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access, resulting in undefined behavior or crashing...
CVE-2022-1015
A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. Mitigation In order to trigger the issue, it requires the ability to create user/net namespaces. On non-containerized...
CVE-2022-0359
A flaw was found in vim. The vulnerability occurs due to Illegal memory access with large 'tabstop' in Ex mode, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s...
CVE-2021-33193
A NULL pointer dereference was found in Apache httpd modh2. The highest threat from this flaw is to system integrity. Mitigation This flaw can be mitigated by disabling HTTP/2. More information available at:...
CVE-2021-3623
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to...
CVE-2020-36385
An issue was discovered in the Linux kernels Userspace Connection Manager Access for RDMA. This could allow a local attacker to crash the system, corrupt memory or escalate privileges. Mitigation Mitigation for this issue is either not available or the currently available options does not meet th...
CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in ReadSVGImage in coders/svg.c . This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...
CVE-2021-33194
A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability...
CVE-2016-2108
A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...
CVE-2024-1635
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and...
CVE-2024-23898
A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint...
CVE-2023-45230
A security flaw was identified in EDK2, the open-source reference implementation of the UEFI specification, involving a buffer overflow vulnerability. This particular weakness enables an unauthorized attacker within the vicinity of the network to transmit a specifically crafted DHCPv6 message...
CVE-2023-46673
A flaw was found in Elasticsearch. A malicious script used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Mitigation No mitigation is yet available for this flaw...
CVE-2023-6134
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting XSS or further attacks. This flaw is the result of an incomple...
CVE-2023-31582
A flaw was found in Jose4J which allows a malicious user or internal person to erroneously set a low iteration count of 1000 or less to secure the Json Web Token. This could apply to lack of entropy and leave the system less secure. Mitigation No mitigation is currently available for this flaw...
CVE-2022-48554
A flaw was found in file, a program used to identify a particular file according to the type of data contained by the file. This issue occurs when processing a specially crafted file, causing a stack-based buffer over-read, resulting in an application crash. Mitigation Do not process untrusted...
CVE-2023-3006
A known cache speculation vulnerability, the Branch History Injection BHI or Spectre-BHB, was found in new hw that are cores Cortex: A57, A72, A76, A77, A78, A78AE, A78C, A710, X1, X2; Neoverse: N1, N2, V1; Ampere1. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared...
CVE-2023-0466
A flaw was found in OpenSSL. The X509VERIFYPARAMadd0policy function is documented to enable the certificate policy check when doing certificate verification implicitly. However, implementing the function does not enable the check, allowing certificates with invalid or incorrect policies to pass t...
CVE-2023-0464
A security vulnerability has been identified in all supported OpenSSL versions related to verifying X.509 certificate chains that include policy constraints. This flaw allows attackers to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of...
CVE-2022-39377
An arithmetic overflow issue was discovered in Sysstat on 32-bit systems. The allocatestructures function in sacommon.c insufficiently checks bounds before arithmetic multiplication, allowing an overflow in the size allocated for the buffer representing system activities. The vulnerability can be...
CVE-2022-32888
A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-42928
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of certain types of allocations that were missing annotations that, if the Garbage Collector was in a specific state, could lead to memory corruption and a potentially exploitable crash...
CVE-2022-42968
A flaw was found in Gitea. The self-hosted Git service does not sanitize and escape refs in the git backend. This issue could allow an attacker to craft arguments for the git commands, which will be mishandled...
CVE-2022-34903
A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the writestatustextandbuffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control...
CVE-2022-23712
A flaw was found in Elasticsearch. This flaw allows an unauthenticated attacker to forcibly shut down an Elasticsearch node with a specifically formatted network request, affecting system availability...
CVE-2022-1552
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pgamcheck commands activated relevant protections too late or no...
CVE-2020-25717
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. Mitigation Setting "gensec:requirepac=true" in the smb.conf makes, due to a cache prime in winbind, the DOMAIN\user lookup succeed, provided...
CVE-2022-0582
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
CVE-2022-0492
A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly. Mitigation...