206363 matches found
CVE-2022-0318
A flaw was found in vim. The vulnerability occurs due to reading beyond the end of a line in the utfheadoff function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts wi...
CVE-2022-22817
A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. This flaw allows an attacker to externally-influenced input commands that modify the intended command...
CVE-2022-23305
A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain...
CVE-2021-22569
A flaw was found in protobuf-java. Google Protocol Buffer protobuf-java allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of...
CVE-2021-4204
An out-of-bounds OOB memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. Mitigation The default Red Hat Enterprise Linux kernel prevents unprivileg...
CVE-2021-43877
ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability...
CVE-2021-38500
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 78.15,...
CVE-2021-3772
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. Mitigation As the SCTP module will be...
CVE-2021-39257
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability...
CVE-2019-16335
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. Mitigation This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the...
CVE-2021-32804
The npm package "tar" aka node-tar has an arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the preservePaths flag is not set to true. This i...
CVE-2021-3679
A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service. Mitigation Mitigation for...
CVE-2021-22930
A flaw was found in Node.js, where it is vulnerable to a use-after-free attack. This flaw allows an attacker to exploit the memory corruption, which causes a change in the process behavior. The highest threat from this vulnerability is to confidentiality and integrity...
CVE-2021-0144
A flaw was found in the Linux kernel. The Intel BIOS Shared SW Architecture BSSA Design for Test DFT feature may allow escalation of privilege in the customer build time configuration. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabili...
CVE-2021-30666
A flaw was found in the webkitgtk package. Affected versions of this package are vulnerable to a buffer overflow caused by improper bounds checking by the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrar...
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives...
CVE-2021-29970
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered when accessibility was enabled.. This vulnerability affects Thunderbird 78.12, Firefox ESR 78.12, and Firefox 90...
CVE-2021-3624
There is a flaw in dcraw. An attacker who is able to convince a victim to open a crafted file with dcraw could trigger an unsigned integer wraparound, leading to out-of-bounds write. The greatest impact from this flaw is to system availability, data integrity, and data confidentiality...
CVE-2021-3609
A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. Mitigation As the CAN module will be auto-loaded when required, its use can be disabled by preventing t...
CVE-2021-30468
A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior ...
CVE-2021-28213
Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks...
CVE-2020-24512
Observable timing discrepancy in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2020-13950
A flaw was found In Apache httpd. The modproxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-3587
A flaw was found in the Linux kernel. A null pointer dereference in llcpsockgetname in net/nfc/llcpsock.c can lead to an unprivileged user triggering this bug, causing denial of service...
CVE-2020-26557
A flaw was found in the Linux kernel’s Bluetooth Mesh Profile implementation. The Mesh Provisioning procedure has a vulnerability that allows an attacker observing or taking part in the provisioning to brute force the AuthValue if it has a fixed value or is selected predictably or with low entrop...
CVE-2020-9484
A deserialization flaw was discovered in Apache Tomcat's use of a FileStore. Under specific circumstances, an attacker can use a specially crafted request to trigger Remote Code Execution through deserialization of the file under their control. The highest threat from the vulnerability is to data...
CVE-2020-12770
A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...
CVE-2019-10092
A cross-site scripting vulnerability was found in Apache httpd, affecting the modproxy error page. Under certain circumstances, a crafted link could inject content into the HTML displayed in the error page, potentially leading to client-side exploitation. Mitigation This flaw is only exploitable ...
CVE-2016-0736
It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack...
CVE-2019-3834
It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 JON. This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader properties that are exposed such as those in JON 3...
CVE-2016-4607
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Mitigation Users are advised to use other FTP and HTTP based file servers for transferring blob messages. Fileserver...
CVE-2025-55278
Improper authentication in the API authentication middleware of HCL DevOps Loop allows authentication tokens to be accepted without proper validation of their expiration and cryptographic signature. As a result, an attacker could potentially use expired or tampered tokens to gain unauthorized...
CVE-2019-14221
1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation...
CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...
CVE-2024-3044
A flaw was found in LibreOffice. Unchecked script execution in graphic on-click binding allows an attacker to create a document, which, without a prompt, will execute scripts built into LibreOffice when clicking a graphic. These scripts were previously deemed trusted but are now deemed untrusted...
CVE-2024-26911
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix allocrange error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever allocrange couldn't find the requir...
CVE-2024-2419
A flaw was found in Keycloak's redirecturi validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291...
CVE-2024-24806
A server-side request forgery SSRF flaw was found in the libuv package due to how the hostnameascii variable is handled in uvgetaddrinfo and uvidnatoascii. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result, attackers may be able to access...
CVE-2024-0553
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange,...
CVE-2023-4039
A vulnerability was found in GCC. The GCC's stack protection feature, enabled with the flag -fstack-protector, aims to detect buffer overflows in C/C++ function local variables that might allow an attacker to overwrite saved registers on the stack. If an attacker can modify saved register values,...
CVE-2023-4206
There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...
CVE-2023-40267
An improper input validation vulnerability was found in GitPython. This flaw allows an attacker to inject a maliciously crafted remote URL into the clone command, possibly leading to remote code execution...
CVE-2023-29499
A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...
CVE-2023-2319
It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 for PCS package, which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. Th...
CVE-2023-1077
A memory corruption flaw was found in the Linux kernel's scheduler subsystem. This could allow a local user to crash the system or potentially escalate their privileges on the system...
CVE-2023-0056
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability...
CVE-2022-39190
A flaw was found in net/netfilter/nftablesapi.c in the Linux kernel. A denial of service can occur upon binding to an already bound chain. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat Product Security criteria comprising eas...
CVE-2022-38177
A flaw was found in the Bind package. By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak, resulting in crashing the program...
CVE-2022-31107
A flaw was found in Grafana. This flaw allows a malicious user with the authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under certain conditions. Mitigation As a workaround, it is possible to disable any OAuth login or ensure that a...