206360 matches found
CVE-2019-10173
It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of...
CVE-2017-12611
It was found that Freemarker in Struts would permit using read-only properties in value assignment of tag expressions. An attacker could use this to execute arbitrary code...
CVE-2017-3159
It was found that the camel-snakeyaml component is exploitable for code execution. An attacker could use this vulnerability to send specially crafted payload to a camel-snakeyaml endpoint and causing a remote code execution attack...
CVE-2017-5897
An issue was found in the Linux kernel ipv6 implementation of GRE tunnels which allows a remote attacker to trigger an out-of-bounds access. At this time we understand no trust barrier has been crossed and there is no security implications in this flaw...
CVE-2016-5696
It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the chang...
CVE-2016-4998
An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt. The function call is normally restricted to root, however some processes with capsysadmin may also be able to trigger this flaw in privileged container environments...
CVE-2025-29928
authentik is an open-source identity provider. Prior to versions 2024.12.4 and 2025.2.3, when authentik was configured to use the database for session storage which is a non-default setting, deleting sessions via the Web Interface or the API would not revoke the session and the session holder wou...
CVE-2024-34144
A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including...
CVE-2024-33664
python-jose through 3.3.0 allows attackers to cause a denial of service resource consumption during a decode via a crafted JSON Web Encryption JWE token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319...
CVE-2024-2955
A flaw was found in the T.38 dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a use-after-free problem, resulting in a denial of service...
CVE-2024-26629
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is nonsense and harmful. Revert to using checkforlocks, changing that to not sleep. First: harmful. As is documented in the kdoc comment for...
CVE-2023-4639
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized da...
CVE-2023-6004
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. Mitigation Mitigation for...
CVE-2023-46218
A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible...
CVE-2022-41678
Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...
CVE-2023-39913
An input validation flaw was found in Apache UIMA. This issue may allow a remote attacker to execute arbitrary code, compromising the confidentiality, integrity, and availability of affected systems...
CVE-2020-22219
A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder. Mitigation Mitigation for this issue is either not available or the current...
CVE-2023-32559
A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsync' to run arbitrary code outside of the limits defined in a...
CVE-2023-32435
A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution. Mitigation This vulnerability can be mitigated by setting the environment variable JSCuseWebAssembly=0, which will disable support for WebAssembly. It's not necessary...
CVE-2023-3338
A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system...
CVE-2023-25194
A flaw was found in Apache Kafka Connect's REST API that permits configuration of SASL property by an authenticated operator, which could allow connection to a malicious LDAP server and subsequent deserialization of malicious content. This issue could allow an authenticated attacker to cause a...
CVE-2023-32697
A flaw was found in SQLite-JDBC. A vulnerability found JDBC URL allowed a malicious user to cause Remote Code Execution RCE...
CVE-2023-2430
A vulnerability was found due to a missing lock for the IOPOLL in iocqringeventoverflow in iouring.c in the Linux kernel. This flaw allows a local attacker with user privileges to trigger a denial of service. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2023-25652
A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to git apply --reject; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch...
CVE-2023-0225
A vulnerability was found in Samba. This security issue occurs as an incomplete access check on the dnsHostName allows authenticated but otherwise, unprivileged users to delete this attribute from any object in the directory...
CVE-2021-3923
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdmacm device node. While this access is unlikely to leak sensitive user information, it can be...
CVE-2023-27534
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...
CVE-2023-0215
A use-after-free vulnerability was found in OpenSSL's BIOnewNDEF function. The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be...
CVE-2023-0590
A use-after-free flaw was found in qdiscgraft in net/sched/schapi.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 "net: sched: fix race condition in qdiscgraft" not applied yet, then kernel could be affected. Mitigation Mitigation f...
CVE-2023-24021
A vulnerability was found in ModSecurity. This issue occurs when FILESTMPCONTENT lacks complete content, which can lead to a Web Application Firewall bypass...
CVE-2022-41765
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. HTMLUserTextField exposes the existence of hidden users...
CVE-2022-45141
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...
CVE-2022-42896
A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...
CVE-2022-42252
A flaw was found in Apache Tomcat. If the server is configured to ignore invalid HTTP headers, the server does not reject a request containing an invalid content-length header, making it vulnerable to a request smuggling attack...
CVE-2022-3705
A use-after-free flaw was found in the qfupdatebuffer function in vim. This issue allows a specially crafted file to crash a program, use unexpected values, or execute code...
CVE-2022-41218
A use-after-free flaw was found in the Linux kernelās dvb-core subsystem DVB API used by Digital TV devices in how a user physically removed a USB device such as a DVB demultiplexer device while running malicious code. This flaw allows a local user to crash or potentially escalate their privilege...
CVE-2022-34917
A flaw was found in Apache Kafka that allows malicious unauthenticated clients to allocate large amounts of memory on brokers, which could lead to an Out Of Memory Exception, causing a denial of service. Various authentication methods were affected in different degrees. In Kafka clusters without...
CVE-2021-3782
An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer objects, or if it...
CVE-2022-36885
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature...
CVE-2022-34170
In Jenkins 2.320 through 2.355 both inclusive and LTS 2.332.1 through LTS 2.332.3 both inclusive the help icon does not escape the feature name that is part of its tooltip, effectively undoing the fix for SECURITY-1955, resulting in a cross-site scripting XSS vulnerability exploitable by attacker...
CVE-2022-30952
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins...
CVE-2022-35737
An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application...
CVE-2022-32088
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...
CVE-2022-21125
A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some IntelĀ® Processors may allow an authenticated user to enable information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the...
CVE-2022-1854
No description is available for this CVE...
CVE-2022-1632
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of...
CVE-2022-23648
An information leak was discovered in containerd. This issue could allow a remote attacker access to read-only copies of arbitrary files and directories on the host, which can be exploited with a specially-crafted image configuration...
CVE-2022-0891
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
CVE-2021-44879
In gcdatasegment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a movedatapage NULL pointer dereference...
CVE-2022-22746
The Mozilla Foundation Security Advisory describes this flaw as: A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed. This bug only affects Thunderbird for Windows. Other operating systems are unaffected...