206363 matches found
CVE-2023-31122
A flaw was found in the modmacro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash. Mitigation Disabling modmacro and restarting httpd or making sure the macros used are smaller than the required...
CVE-2023-41993
A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution...
CVE-2023-1387
A flaw was found in Grafana. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by an issue when enabling the "urllogin" configuration option. By sending a specially crafted request, an attacker can obtain JWT information and use this to launch further attack...
CVE-2023-0614
A vulnerability was found in Samba. Confidential attribute disclosure via LDAP filters is insufficient, which may allow an attacker to obtain confidential BitLocker recovery keys from a Samba AD DC...
CVE-2023-28772
A buffer overflow write flaw was identified in seqbufputmemhex in lib/seqbuf.c in seqbuf in the Linux Kernel. This issue may allow a user with special debug privileges such as ftrace or root to cause an overflow in the destination buffer due to a missing sanity check. Mitigation Mitigation for th...
CVE-2022-25881
A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server...
CVE-2022-4087
A vulnerability was found in ipxe. This issue affects the tlsnewciphertext function in the src/net/tls.c file of the TLS component. The manipulation of the padlen argument leads to information exposure due to discrepancy...
CVE-2022-31105
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious or otherwise untrustworthy OpenID Connect OIDC...
CVE-2022-2208
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2018-7711
HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...
CVE-2022-22978
A flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can bypass some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
CVE-2021-25745
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules.http.paths.path field of an Ingress object in the networking.k8s.io or extensions API group to obtain the credentials of the ingress-nginx controller. In the default...
CVE-2022-1204
A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system...
CVE-2022-24052
A flaw was found in MariaDB. Lack of input validation leads to a heap buffer overflow. This flaw allows an authenticated, local attacker with at least a low level of privileges to submit a crafted SQL query to MariaDB and escalate their privileges to the level of the MariaDB service user, running...
CVE-2022-21277
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
CVE-2021-29985
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
CVE-2021-29976
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbi...
CVE-2021-30129
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0...
CVE-2021-3632
A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow...
CVE-2021-34427
A flaw was found in eclipse-birt. An attacker can use query parameters to create a JSP file which is accessible from remote current BIRT viewer dir to inject JSP code into the running instance. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2021-33034
A use-after-free flaw was found in hcisendacl in the bluetooth host controller interface HCI in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hcidisconnloglinkcompleteevt, yet stil...
CVE-2020-28469
A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent...
CVE-2021-27568
A flaw was found in json-smart. When an exception is thrown from a function, but is not caught, the program using the library may crash or expose sensitive information. The highest threat from this vulnerability is to data confidentiality and system availability. In OpenShift Container Platform...
CVE-2020-0543
A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...
CVE-2019-0217
A race condition was found in modauthdigest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. Mitigation This flaw only affects a threaded server...
CVE-2024-32498
An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...
CVE-2024-27980
A command injection flaw was found in Node.js exclusive to Windows environments. This flaw allows an attacker to perform command injection via the args parameter of childprocess.spawn without the shell option enabled on Windows. This behavior is caused by cmd.exe when executing batch files, which...
CVE-2024-24784
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using...
CVE-2023-4822
A flaw was found in the Grafana enterprise package. Grafana is incorrectly assessing permissions to update global roles and role assignments, therefore, users with administrator permissions in one organization can change global role permissions and global role assignments. After successful...
CVE-2023-31422
A flaw was found by Elastic, where sensitive information is recorded in Kibana logs. This issue occurs in the event of an error when logging in to the JSON layout or when the pattern layout is configured to log the %meta pattern...
CVE-2023-46233
A vulnerability was found in crypto-js in how PBKDF2 is 1,000 times weaker than originally specified in 1993 and at least 1,300,000 times weaker than the current industry standard. This issue is because both default to SHA1, a cryptographic hash algorithm considered insecure since at least 2005,...
CVE-2023-4580
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
CVE-2023-22045
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...
CVE-2023-29405
A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "cgo LDFLAGS"...
CVE-2023-28322
A use-after-free flaw was found in the Curl package. This issue may lead to unintended information disclosure by the application...
CVE-2023-2269
A flaw was found in the Linux Kernel, leading to a denial of service. This issue occurs due to a possible recursive locking scenario, resulting in a deadlock in tableclear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. Mitigation Mitigation for this issue i...
CVE-2023-28427
The Mozilla Foundation Security Advisory describes this flaw as: Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service attack...
CVE-2023-0049
A flaw was found in vim, which is vulnerable to an out-of-bounds read in the buildstlstrhl function. This flaw allows a specially crafted file to cause information disclosure, data integrity corruption, or crash the software. Mitigation Do not run vim with -s scriptin on untrusted scripts...
CVE-2022-42823
A vulnerability was found in webkitgtk, where a logic issue was addressed with improved state management. Processing maliciously crafted web content may disclose sensitive user information...
CVE-2022-2048
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests...
CVE-2022-29117
A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...
CVE-2022-25647
A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes. This issue may lead to availability attacks...
CVE-2022-24407
A flaw was found in the SQL plugin shipped with Cyrus SASL. The vulnerability occurs due to failure to properly escape SQL input and leads to an improper input validation vulnerability. This flaw allows an attacker to execute arbitrary SQL commands and the ability to change the passwords for othe...
CVE-2022-25235
A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor. Mitigation There i...
CVE-2022-21698
A denial of service attack was found in prometheus/clientgolang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability...
CVE-2021-44733
A use-after-free flaw in the Linux kernel TEE Trusted Execution Environment subsystem was found in the way user calls ioctl TEEIOCOPENSESSION or TEEIOCINVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with t...
CVE-2021-35550
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...
CVE-2021-22947
A flaw was found in curl. The flaw lies in how curl handles cached or pipelined responses that it receives from either a IMAP, POP3, SMTP or FTP server before the TLS upgrade using STARTTLS. In such a scenario curl even after upgrading to TLS would trust these cached responses treating them as...
CVE-2021-37136
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...
CVE-2021-37576
A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtasargs.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation Mitigation for thi...