206304 matches found
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
CVE-2018-3620
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2020-25660
A flaw was found in the Cephx authentication protocol, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform...
CVE-2020-12352
An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...
CVE-2020-26116
A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers. The highest threat fr...
CVE-2020-25643
A flaw was found in the HDLCPPP module of the Linux kernel. Memory corruption and a read overflow is caused by improper input validation in the pppcpparsecr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data...
CVE-2019-20907
A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation. Mitigation This flaw can be mitigated by not opening untrusted files with tarfile...
CVE-2020-11668
A NULL pointer dereference flaw was found in the Xirlink camera USB driver 'xirlink-cit' in the Linux kernel. The driver mishandles invalid descriptors leading to a denial-of-service DoS. This could allow a local attacker with user privilege to crash the system or leak kernel internal information...
CVE-2020-2754
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-9947
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the path component of a URL that...
CVE-2019-2988
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-15118
A flaw was found in the sound mixer handling of the Linux kernel. An attacker with physical access able to insert a specially crafted USB device can cause a recursive loop which continues to consume the reserved stack space leading to a system panic. The highest threat from this vulnerability is ...
CVE-2019-15219
A NULL pointer dereference flaw was found in the way the USB2VGA dongles driver in the Linux kernel handled failed initialization. This flaw allows an attacker able to insert USB2VGA dongles into the system to crash the system. Mitigation To mitigate this issue, prevent module sisusbvga from bein...
CVE-2020-1935
A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...
CVE-2019-15031
A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes during a hardware interrupt. An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupted with...
CVE-2018-20783
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...
CVE-2018-15664
A flaw was discovered in the API endpoint behind the 'docker cp' command. The endpoint is vulnerable to a Time Of Check to Time Of Use TOCTOU vulnerability in the way it handles symbolic links inside a container. An attacker who has compromised an existing container can cause arbitrary files on t...
CVE-2017-15710
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...
CVE-2018-1283
It has been discovered that the modsession module of Apache HTTP Server httpd, through version 2.4.29, has an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a "Session" header...
CVE-2017-17712
A flaw was found in the Linux kernel's implementation of rawsendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of creating raw sockets, can abuse a possible race condition when setting the socket option to allow the kernel...
CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
CVE-2017-3143
A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request. Mitigation Th...
CVE-2016-10011
It was found that the host private key material could possibly leak to the privilege-separated child processes via re-allocated memory. An attacker able to compromise the privilege-separated process could therefore obtain the leaked key information...
CVE-2016-6663
A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user...
CVE-2016-4997
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...
CVE-2016-1583
It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to...
CVE-2016-4486
The rtnlfilllinkifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...
CVE-2023-29425
Cross-Site Request Forgery CSRF vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
CVE-2025-55207
Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the...
CVE-2024-22029
A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of the Tomcat RPM package, resulting in local privilege escalation when the Tomcat package is re-installed...
CVE-2024-26642
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFTSETEVAL to ensure legacy meters still work...
CVE-2023-6780
An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...
CVE-2024-20919
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
CVE-2023-45285
A flaw was found in the Golang package cmd/go. This issue permits the fallback to insecure "git://" if trying to fetch a .git module that has no "https://" or "git+ssh://" available. Mitigation This issue only affects users who are not using the module proxy and are fetching modules directly i.e...
CVE-2023-48236
A flaw was found in Vim, an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. The impact is low because user interaction is required and a crash may not happen in all situations. Mitigation Mitigation for this issue is...
CVE-2023-39189
A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnlosfaddcallback function did not validate the user mode controlled optnum field. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, leading to a crash or information disclosure...
CVE-2023-3171
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...
CVE-2022-33065
Libsndfile is vulnerable to integer overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c allows an attacker to cause Denial of Service...
CVE-2023-38802
A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...
CVE-2023-29400
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr=." executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into...
CVE-2022-4254
A vulnerability was found in SSSD, in the libssscertmap functionality. PKINIT enables a client to authenticate to the KDC using an X.509 certificate and the corresponding private key, rather than a passphrase or keytab. FreeIPA uses mapping rules to map a certificate presented during a PKINIT...
CVE-2022-46877
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
CVE-2022-3543
A flaw was found in unixsockdestructor/unixreleasesock in net/unix/afunix.c in the BPF component in the Linux Kernel. This issue may lead to a memory leak problem. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat Product Securit...
CVE-2022-46364
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type...
CVE-2021-33640
After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer t: freelonglinklongnamet-thbuf . As a result, the released memory is used use-after-free...
CVE-2022-45047
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server. Mitigation From the maintainer: For Apache MINA SSHD =...
CVE-2022-21608
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2022-3786
A stack-based buffer overflow was found in the way OpenSSL processes X.509 certificates with a specially crafted email address field. This issue could cause a server or a client application compiled with OpenSSL to crash or possibly execute remote code when trying to process the malicious...
CVE-2022-3647
A flaw was found in Redis when calling the sigsegvHandler function of the debug component crash report. This issue causes a crash, ignoring the report information and kills the processes, which leads to a denial of service...