206382 matches found
CVE-2022-42920
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
CVE-2022-29165
A flaw was found in the ArgoCD component of Red Hat GitOps, where an unauthenticated attacker can craft a malicious JWT token while ArgoCD's anonymous access is enabled and gains full access to the ArgoCD instance. This flaw allows the attacker to impersonate any ArgoCD user or role, fully...
CVE-2022-1319
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...
CVE-2021-46355
OCS Inventory 2.9.1 is affected by Cross Site Scripting XSS. To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting XSS...
CVE-2022-21986
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
CVE-2021-38204
A flaw was found in the Linux kernel. A denial of service attack use-after-free and panic can be caused by a physically proximate attack by removing a MAX-3421 USB device in certain situations. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2021-30483
A flaw was found in isomorphic-git. An attacker could cause a Directory Traversal via a crafted filepath in a repository being cloned...
CVE-2020-28097
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles. When a local attacker attempts to scroll the console, calling an ioctl TIOCLSCROLLCONSOLE, an out-of-bounds memory access issue occurs. This flaw allows a local user with access to the VGA console to...
CVE-2021-3610
A heap-based buffer overflow vulnerability was found in ImageMagick in ReadTIFFImage in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault...
CVE-2021-31440
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged use...
CVE-2021-3493
A flaw was found in the Linux kernel. The overlayfs stacking file system does not properly validate the application of file capabilities against user namespaces. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2017-1000407
Linux kernel Virtualization Module CONFIGKVM for the Intel processor family CONFIGKVMINTEL is vulnerable to a DoS issue. It could occur if a guest was to flood the I/O port 0x80 with write requests. A guest user could use this flaw to crash the host kernel resulting in DoS...
CVE-2024-26946
An unsafe read function was found in arch/x86/kernel/kprobes/core.c in the Linux kernel...
CVE-2024-29943
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination...
CVE-2023-3117
A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...
CVE-2022-34302
A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...
CVE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
CVE-2020-36254
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685...
CVE-2021-35561
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Utility. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2021-3711
A flaw was found in openssl. A miscalculation of a buffer size was found in openssl's SM2 decryption function, allowing up to 62 arbitrary bytes to be written outside of the buffer. A remote attacker could use this flaw to crash an application supporting SM2 signature or encryption algorithm, or,...
CVE-2021-0512
A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system. Mitigation...
CVE-2021-34693
The canbus filesystem in the Linux kernel contains an information leak of kernel memory to devices on the CAN bus network link layer. An attacker with the ability to dump messages on the CAN bus is able to learn of uninitialized stack values by dumbing messages on the can bus. Mitigation Mitigati...
CVE-2021-25122
A flaw was found in Apache Tomcat. When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. The highest threat from this...
CVE-2017-17855
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...
CVE-2024-32114
A flaw was found in Apache ActiveMQ. This vulnerability contains an insecure default configuration in Jolokia and REST API, allowing any user to bypass security restrictions. The vulnerability exists due to missing authorization in the application's REST API. The default configuration doesn't...
CVE-2024-2757
An infinite loop vulnerability was found in PHP. Certain inputs provided to mbencodemimeheader trigger an endless loop. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and...
CVE-2024-21508
A flaw was found in the MySQL2 npm package. Affected versions of this package are vulnerable to remote code execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. Mitigation Mitigation for this issue is either not available or t...
CVE-2023-3824
A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phardirread function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing...
CVE-2023-3247
A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak...
CVE-2023-1664
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...
CVE-2023-22490
A vulnerability was found in Git. Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GITDIR/objects directory contains symbolic links CVE-2022-39253, the objects...
CVE-2022-23521
A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, or declared attribute names. These...
CVE-2022-32296
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 "Double-Hash Port Selection Algorithm" of RFC 6056...
CVE-2021-33197
A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity...
CVE-2022-1198
A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space...
CVE-2021-26401
A flaw was found in hw. The speculative execution window of AMD LFENCE/JMP mitigation MITIGATION V2-2 may be large enough to be exploited on AMD CPUs. Mitigation AMD recommends mitigation that uses generic retpoline...
CVE-2022-0002
A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 BTI where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently...
CVE-2022-0686
An authorization bypass flaw was found in url-parse. While submitting a URL, a local unauthenticated attacker can add a trailing colon :, but omit the port number. This issue enables an open redirect that allows the exposure of sensitive information or spamming of infrastructure outside the...
CVE-2022-20616
A missing permissions validation vulnerability was found in the Jenkins Credentials Binding plugin. The form validation method does not perform a permission check which allows attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it’s a z...
CVE-2021-35588
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...
CVE-2021-2369
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Library. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows...
CVE-2021-0129
A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. Mitigation Mitigation for this issue is...
CVE-2021-22141
An open redirect flaw was found in Kibana. An attacker is able to redirect a logged Kibana user to an arbitrary website by specially crafted URL...
CVE-2021-3557
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest...
CVE-2020-26141
A vulnerability was found in Linux kernel's WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check authenticity of fragmented TKIP frames. Mitigation Mitigation for this issue is either not available...
CVE-2020-25638
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...
CVE-2016-5387
It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could...
CVE-2025-32074
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...
CVE-2025-3248
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code...
CVE-2023-3976
A flaw was found in /etc/sudoers in Red Hat OpenStack. As a result of this misconfiguration in the sudoers file, the application is allowed to run restricted commands with root privileges. This issue could allow a local authenticated attacker to gain elevated privileges on the system. This flaw i...