206360 matches found
CVE-2021-32625
A flaw was found in Redis. An integer overflow could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The highest threat from this vulnerability is to data confidentiality and...
CVE-2021-23358
A flaw was found in nodejs-underscore. Arbitrary code execution via the template function is possible, particularly when a variable property is passed as an argument as it is not sanitized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
CVE-2018-3620
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2021-23840
Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...
CVE-2021-26708
A flaw was found in the Linux kernel. Wrong locking in the AFVSOCK socket can cause a local privilege escalation, bypassing SMEP and SMAP. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-25660
A flaw was found in the Cephx authentication protocol, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform...
CVE-2020-12352
An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...
CVE-2020-25643
A flaw was found in the HDLCPPP module of the Linux kernel. Memory corruption and a read overflow is caused by improper input validation in the pppcpparsecr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data...
CVE-2020-14338
A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...
CVE-2019-20907
A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation. Mitigation This flaw can be mitigated by not opening untrusted files with tarfile...
CVE-2020-10690
There is a use-after-free problem seen due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high privileged process allocates a ptp device file like /dev/ptpX and voluntarily goes to sleep. During this time if the underlying device is removed, it ca...
CVE-2020-11668
A NULL pointer dereference flaw was found in the Xirlink camera USB driver 'xirlink-cit' in the Linux kernel. The driver mishandles invalid descriptors leading to a denial-of-service DoS. This could allow a local attacker with user privilege to crash the system or leak kernel internal information...
CVE-2019-15118
A flaw was found in the sound mixer handling of the Linux kernel. An attacker with physical access able to insert a specially crafted USB device can cause a recursive loop which continues to consume the reserved stack space leading to a system panic. The highest threat from this vulnerability is ...
CVE-2019-9946
Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...
CVE-2020-1935
A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the...
CVE-2019-15031
A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes during a hardware interrupt. An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupted with...
CVE-2018-20783
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...
CVE-2017-15710
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...
CVE-2018-1283
It has been discovered that the modsession module of Apache HTTP Server httpd, through version 2.4.29, has an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a "Session" header...
CVE-2017-15906
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...
CVE-2017-3143
A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request. Mitigation Th...
CVE-2016-10011
It was found that the host private key material could possibly leak to the privilege-separated child processes via re-allocated memory. An attacker able to compromise the privilege-separated process could therefore obtain the leaked key information...
CVE-2016-4997
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled wit...
CVE-2016-1583
It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to...
CVE-2023-29425
Cross-Site Request Forgery CSRF vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
CVE-2025-55207
Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the...
CVE-2020-14008
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution...
CVE-2023-6780
An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...
CVE-2024-20919
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
CVE-2021-23445
An improper neutralization of input vulnerability was found in datatables.net. If an array is passed to the HTML escape entities function, it does not have its contents escaped, possibly leading to cross site scripting XSS. Mitigation Mitigation for this issue is either not available or the...
CVE-2023-6610
An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. Mitigation To mitigate this issue, prevent module cifs from being loaded. Please see...
CVE-2023-48236
A flaw was found in Vim, an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. The impact is low because user interaction is required and a crash may not happen in all situations. Mitigation Mitigation for this issue is...
CVE-2023-43787
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...
CVE-2023-42114
An out-of-bounds read vulnerability was found in Exim within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to...
CVE-2023-38802
A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2023-2953
A vulnerability was found in OpenLDAP, in bermemallocx function, leading to a null pointer dereference. This flaw can result in reduced system memory and cause LDAP authentication failures. The impact is primarily a disruption in authentication processes, which may hinder user access or service...
CVE-2023-29400
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr=." executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into...
CVE-2022-40664
A flaw was found in Apache Shiro. An authentication bypass vulnerability occurs when forwarding or including via the RequestDispatcher...
CVE-2023-26554
An out-of-bounds write flaw was found in the ntp package. A remote attacker may trigger this vulnerability by sending malicious data packets to the ntp server. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...
CVE-2023-28879
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...
CVE-2023-24534
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...
CVE-2023-0461
A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context struct tlscontext on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To mitigate this issue,...
CVE-2023-23915
A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity...
CVE-2022-46877
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
CVE-2022-21608
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...
CVE-2022-43548
A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code...
CVE-2022-3647
A flaw was found in Redis when calling the sigsegvHandler function of the debug component crash report. This issue causes a crash, ignoring the report information and kills the processes, which leads to a denial of service...