206363 matches found
CVE-2022-3566
A vulnerability was found in the tcp subsystem in the Linux Kernel, due to a data race around icsk-icskafops. This issue could allow an attacker to leak internal kernel information. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red H...
CVE-2022-3715
A flaw was found in the bash package, where a heap-buffer overflow can occur in validparametertransform. This issue may lead to memory problems...
CVE-2022-43401
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
CVE-2022-35951
An Integer Overflow attack vulnerability was found in Redis, an in-memory database that persists on disk. Executing a XAUTOCLAIM command on a stream key in a specific state with a specially crafted COUNT argument may cause an integer overflow, and a subsequent heap overflow, potentially leading t...
CVE-2022-31197
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow implementation from PGSQL...
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...
CVE-2022-32148
A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality...
CVE-2022-23816
A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...
CVE-2022-2256
A Stored Cross-site scripting XSS vulnerability was found in keycloak. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality...
CVE-2022-30065
A flaw was found in BusyBox. It did not properly sanitize while processing a crafted awk pattern, leading to possible code execution...
CVE-2022-24823
CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled. Mitigation As a workaround, speci...
CVE-2021-33117
A flaw was found in hw. Improper access control for some third-generation IntelR XeonR Scalable processors before BIOS version MR7 may potentially allow a local attacker to enable information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currentl...
CVE-2022-1662
A flaw was found in convert2rhel, where an Ansible playbook named ansible/run-convert2rhel.yml passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This flaw allows unauthorized local users to view the password via the process list while convert2rhel is running...
CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. Mitigation Ensure the following global smb.conf parameters are set to their default values as show...
CVE-2021-45417
A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL...
CVE-2022-27380
A flaw was found in MariaDB. The component, mydecimal::operator=, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...
CVE-2022-26490
A buffer overflow flaw was found in the Linux kernel’s NFC protocol functionality. This flaw allows a local user to crash or escalate their privileges on the system...
CVE-2022-0696
A NULL pointer dereference flaw was found in vim's finducmd function of usercmd.c file. This flaw allows an attacker to trick a user into opening a crafted file, triggering a NULL pointer dereference. This issue leads to an application crash, causing a denial of service. Mitigation Untrusted vim...
CVE-2021-44575
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this candidate. Al...
CVE-2022-0629
A stack-based buffer overflow flaw was found in vim's gaconcatshortenesc function of src/testing.c file. This flaw allows an attacker to trick a user into opening a crafted file, triggering a stack-overflow. This issue can lead to an application crash, causing a denial of service. Mitigation...
CVE-2021-42550
A flaw was found in the logback package. When using a specially-crafted configuration, this issue could allow a remote authenticated attacker to execute arbitrary code loaded from LDAP servers...
CVE-2021-4002
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data...
CVE-2021-22926
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command line tool.When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificat...
CVE-2021-3764
A memory leak flaw was found in the Linux kernel's ccprunaesgcmcmd function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this issue is...
CVE-2021-29980
Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
CVE-2020-36427
There's a flaw in gThumb. An attacker who is able to trick a victim into opening a specially crafted file with gThumb could trigger a crash via assertion failure or memory leak. The greatest impact of this flaw is to application availability...
CVE-2021-21806
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability...
CVE-2021-27021
A flaw was discovered in puppet. An escalation of privileges which allows the user to delete tables via an SQL query is possible in Puppet DB. The highest threat from this vulnerability is to system availability and integrity...
CVE-2017-12621
An XML External Entity XXE Injection vulnerability was found in Commons Jelly library. If a custom doctype entity is declared with a SYSTEM entity with a URL and that entity is used in the body of the Jelly file, the parser will attempt to connect to provided URL...
CVE-2021-23961
Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...
CVE-2021-28964
A race condition flaw was found in getoldroot in fs/btrfs/ctree.c in the Linux kernel in btrfs file-system. This flaw allows a local attacker with a special user privilege to cause a denial of service due to not locking an extent buffer before a cloning operation. The highest threat from this...
CVE-2019-8783
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary...
CVE-2019-19054
A flaw was found in the Linux kernel. The CX23888 Integrated Consumer Infrared Controller probe code handles resource cleanup low memory conditions. A local attacker able to induce low memory conditions could use this flaw to crash the system. The highest threat from this vulnerability is to syst...
CVE-2018-20676
A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...
CVE-2020-8832
An information disclosure flaw was found in the Linux kernel. The original fix for CVE-2019-14615 was deemed to be incomplete. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an...
CVE-2018-1108
A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated...
CVE-2019-18683
A flaw was found in the Linux kernel. Multiple race conditions were found in the vivid driver leading to privilege escalation and in at least one case a use-after-free condition. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2019-18348
A CRLF injection flaw was discovered in python in the way URLs are handled when doing an HTTP/HTTPS connection e.g. through urlopen or HTTPConnection. An attacker who can control the url parameter passed to urlopen method in the urllib/urllib2 modules can inject CRLF sequences and HTTP headers by...
CVE-2019-16233
A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the QLOGIC drivers for HBA. A call to allocworkqueue return was not validated and can cause a denial of service. The highest threat from this vulnerability is to system availability. Mitigation Mitigation for this...
CVE-2018-17189
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections...
CVE-2017-10661
A race condition was found in the Linux kernel before version 4.11-rc1 in 'fs/timerfd.c' file which allows a local user to cause a kernel list corruption or use-after-free via simultaneous operations with a file descriptor which leverage improper 'mightcancel' queuing. An unprivileged local user...
CVE-2016-5164
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
CVE-2024-58136
Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025...
CVE-2024-8928
A flaw was found in PHP. Erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed, violating data integrity...
CVE-2023-6291
A flaw was found in the redirecturi validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users. Mitigation Mitigation for this issue...
CVE-2023-6209
The Mozilla Foundation Security Advisory describes this flaw as: Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites...
CVE-2023-5345
A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3fscontextparseparam, ctx-password was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their...
CVE-2023-34034
A flaw was found in Spring Security's WebFlux framework pattern matching, where it does not properly evaluate certain patterns. A server using path-based pattern matching in WebFlux could allow an attacker to bypass security settings for some request paths, potentially leading to information...
CVE-2023-34454
A flaw was found in Snappy-java's shuffle function, which does not check input sizes before beginning operations. This issue could allow an attacker to send malicious input to trigger an overflow error that crashes the program, resulting in a denial of service...
CVE-2023-4004
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nftpipaporemove function with the element, without a NFTSETEXTKEYEND. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. Mitigation This flaw...