206363 matches found
CVE-2022-23267
A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...
CVE-2022-21418
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
CVE-2022-21417
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2022-21460
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2022-1587
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers...
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...
CVE-2022-28739
A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. This flaw may cause an illegal memory read...
CVE-2022-24731
A path traversal flaw was found in ArgoCD. This flaw allows an attacker who has been granted create or update access to applications to leak the contents of any text file on the repo-server by crafting a malicious Helm chart. Such text files could include sensitive information that the attacker...
CVE-2022-0854
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMAFROMDEVICE. This flaw allows a local user to read random memory from the kernel space. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat...
CVE-2022-0924
A heap buffer overflow flaw was found in Libtiffs' cpContigBufToSeparateBuf function of the tiffcp.c file. This flaw allows an attacker with a crafted TIFF file to trigger a heap out-of-bounds read access issue, causing a crash that leads to a denial of service...
CVE-2022-24615
zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...
CVE-2022-0581
Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...
CVE-2022-219862
A vulnerability was found in dotnet’s ASP.NET Core Krestel when pooling HTTP/2 and HTTP/3 headers. This flaw allows a remote, unauthenticated attacker to cause a denial of service...
CVE-2022-24448
A flaw was found in the Linux kernel. When an application tries to open a directory using the ODIRECTORY flag in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor inste...
CVE-2022-21363
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...
CVE-2022-22824
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2022-20612
A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...
CVE-2022-22741
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup and requesting fullscreen access, the popup would have become unable to leave fullscreen mode...
CVE-2022-22737
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Constructing audio sinks could have led to a race condition when playing audio files and closing windows. This could have lead to a use-after-free issue, causing a potentially exploitable crash...
CVE-2020-17049
It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user...
CVE-2021-41190
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manifest or an index. ...
CVE-2021-25219
A flaw was found in the way bind processes broken responses from authoritative servers. This caching mechanism could be abused by an attacker to significantly degrade resolver performance. Mitigation The vulnerability has been mitigated by changing the default value of lame-ttl to 0...
CVE-2021-20319
An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image...
CVE-2021-23440
A type confusion vulnerability in nodejs-set-value can lead to a bypass of CVE-2019-10747. If the user-provided keys used in the path parameter are arrays, the function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or...
CVE-2021-39256
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-37701
A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on...
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...
CVE-2021-38207
A flaw was found in the Linux kernel. A buffer overflow and lockup, leading to a denial of service, can occur when a remote attacker sends heavy network traffic for approximately ten minutes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2021-38206
A flaw was found on the Linux kernel. A NULL pointer dereference in the radiotap parser, leading to a denial of service, can occur in the mac80211 subsystem when a device supports only 5 GHz is used and frames with 802.11a rates are injected. The highest threat from this vulnerability is to syste...
CVE-2021-29989
Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 78.13,...
CVE-2021-2412
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2019-25051
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
CVE-2021-32066
Ruby's Net::IMAP module did not raise an exception when receiving an unexpected response to the STARTTLS command and the connection was not upgraded to use TLS. A man-in-the-middle attacker could use this flaw to prevent Ruby applications using Net::IMAP to enable TLS encryption for a connection ...
CVE-2021-34824
A flaw was found in istio. Any client authorized to access Istio XDS API can retrieve any cached gateway TLS certificate and private keys. The highest threat from this vulnerability is to data confidentiality. Mitigation This vulnerability can be mitigated by disabling istiod caching. This is...
CVE-2021-25321
A UNIX Symbolic Link Symlink Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon th...
CVE-2019-11091
Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access...
CVE-2020-14040
A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific...
CVE-2021-25945
A flaw has been identified in js-extend. A prototype pollution vulnerability allows attackers to cause a denial of service and may lead to remote code execution. The highest threat from this vulnerability is to system availability...
CVE-2020-26146
A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP...
CVE-2021-29477
A flaw was found in redis. An integer overflow bug could be exploited to corrupt the heap and potentially result with remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The flaw can be mitigated by...
CVE-2021-25215
A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability. Mitigation Red Hat has investigated whether a possible...
CVE-2021-29155
A vulnerability was discovered in retrieveptrlimit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads Spectre mitigation. In this flaw a local, special user privileged CAPSYSADMIN BPF program running on affected systems may bypass the protection,...
CVE-2021-29425
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus "limited" path...
CVE-2020-24503
Insufficient access control in some IntelR Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2021-3177
A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...
CVE-2020-15969
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-29661
A locking vulnerability was found in the tty subsystem of the Linux kernel in drivers/tty/ttyjobctrl.c. This flaw allows a local attacker to possibly corrupt memory or escalate privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2020-24606
A flaw was found in squid. A denial of service attack is possible due to an improper input validation. The highest threat from this vulnerability is to system availability. Mitigation Add the no-digest option to all cachepeer lines in squid.conf...
CVE-2020-15104
An improper certificate validation vulnerability was found in envoyproxy/envoy, when externally created certificates with wildcards in the DNS Subject Alternative Name are used. This flaw allows an attacker to subvert the envoy filter or destination rules to access restricted resources. The highe...
CVE-2020-15358
A heap buffer overflow was found in SQLite in the query flattening optimization technique. This flaw allows an attacker to execute SQL statements to crash the application, resulting in a denial of service...