206391 matches found
CVE-2024-27281
A flaw was found in Rubygem RDoc. When parsing .rdocoptions used for configuration in RDoc as a YAML file there are no restrictions on the classes that can be restored. This issue may lead to object injection, resulting in remote code execution. Mitigation Mitigation for this issue is either not...
CVE-2024-20919
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...
CVE-2023-6610
An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. Mitigation To mitigate this issue, prevent module cifs from being loaded. Please see...
CVE-2023-48236
A flaw was found in Vim, an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAXINT. The impact is low because user interaction is required and a crash may not happen in all situations. Mitigation Mitigation for this issue is...
CVE-2023-44483
All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclosed in log files when generating an XML Signature and logging with debug level is enabled. Users are recommended to...
CVE-2023-43787
A vulnerability was found in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...
CVE-2023-42114
An out-of-bounds read vulnerability was found in Exim within the handling of NTLM challenge requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to...
CVE-2023-38802
A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2023-35947
A flaw was found in Gradle. When unpacking Tar archives, Gradle did not check that files could be written outside the unpack location. This issue could lead to important files being overwritten anywhere the Gradle process has write permissions. This flaw allows an attacker with control of an...
CVE-2023-2953
A vulnerability was found in OpenLDAP, in bermemallocx function, leading to a null pointer dereference. This flaw can result in reduced system memory and cause LDAP authentication failures. The impact is primarily a disruption in authentication processes, which may hinder user access or service...
CVE-2023-29400
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr=." executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into...
CVE-2022-40664
A flaw was found in Apache Shiro. An authentication bypass vulnerability occurs when forwarding or including via the RequestDispatcher...
CVE-2023-26554
An out-of-bounds write flaw was found in the ntp package. A remote attacker may trigger this vulnerability by sending malicious data packets to the ntp server. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...
CVE-2023-24534
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...
CVE-2023-0461
A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context struct tlscontext on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To mitigate this issue,...
CVE-2023-23915
A flaw was found in the Curl package, where the HSTS mechanism could fail when multiple transfers are done in parallel, as the HSTS cache file gets overwritten by the most recently completed transfer. This issue may result in limited confidentiality and integrity...
CVE-2022-23813
The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment. Mitigation Please contact AMD for more updates on this flaw...
CVE-2022-46877
The Mozilla Foundation Security Advisory describes this flaw as: By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks...
CVE-2022-46692
A logic issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process unexpected cross-origin attacks...
CVE-2022-21608
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...
CVE-2022-43548
A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code...
CVE-2022-3647
A flaw was found in Redis when calling the sigsegvHandler function of the debug component crash report. This issue causes a crash, ignoring the report information and kills the processes, which leads to a denial of service...
CVE-2022-32891
A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing...
CVE-2022-37703
An information leak vulnerability was found in Amanda in the calcsize SUID binary. This flaw allows an attacker to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an arbitrary path...
CVE-2022-32086
MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Itemfield::fixouterfield...
CVE-2022-28734
A flaw was found in grub2 when handling split HTTP headers. While processing a split HTTP header, grub2 wrongly advances its control pointer to the internal buffer by one position, which can lead to an out-of-bounds write. This flaw allows an attacker to leverage this issue by crafting a maliciou...
CVE-2022-30783
A vulnerability was found in NTFS-3G. An invalid return code in fusekernmount allows libfuse-lite protocol traffic between NTFS-3G and the kernel to be intercepted...
CVE-2022-30126
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standa...
CVE-2022-1865
No description is available for this CVE...
CVE-2022-0096
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-21204
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-15618
Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location...
CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection...
CVE-2022-1116
Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions...
CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. Mitigation The following conditions are needed for an exploit, we recommend avoiding all if possible: Deserialization from sources you do not control enableDefaultTyping @JsonTypeInfo using id.CLASS or...
CVE-2022-29155
A vulnerability was found in the openldap-servers package. A SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This issue occurs during an LDAP search operation when the search filter is processed due to a lack of proper...
CVE-2022-1516
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system...
CVE-2022-0852
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the...
CVE-2021-33061
A denial of service flaw was found in the Linux kernel due to insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters. This flaw allows a locally authenticated user to potentially cause a denial of service. The highest threat from this vulnerability is to syste...
CVE-2022-25517
A flaw was found in MyBatis Plus. The issue contains a SQL Injection vulnerability...
CVE-2021-45095
A memory leak flaw in the Linux kernel's PhoNet Phone Network protocol functionality was found in the way user gets memory allocation fail inside function pepsockaccept for the failure branch. A local user could use this flaw to starve the resources causing a denial of service...
CVE-2018-25020
A buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or escalate their...
CVE-2015-5236
A flaw was discovered that IcedTea-Web did not properly determine an applet's origin when performing same-origin checks. A malicious page could use this flaw to bypass the Same Origin Policy SOP and access data on unrelated sites using a spoofed value for the applet's codebase attribute...
CVE-2021-42782
A stack buffer overflow issue was found in the OpenSC package. This flaw can potentially crash programs using the library. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...
CVE-2021-32626
A heap buffer overflow was found in redis. Specially crafted Lua scripts executing in Redis cause the heap-based Lua stack to overflow due to incomplete checks for this condition. This flaw allows a remote attacker to corrupt the heap and potentially trigger remote code execution. The highest...
CVE-2020-21531
In transfig's fig2dev 3.2.7b it is possible for an attacker to create a specially crafted file that causes a buffer overflow due to an off by one error during range checking. This leads to a denial of service, impacting availability of the program...
CVE-2020-21532
In transfig's fig2dev 3.2.7b it is possible for an attacker to create a specially crafted file that causes a buffer overflow due to accepting an invalid value. This leads to a denial of service, impacting availability of the program...
CVE-2021-3781
A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...