206304 matches found
CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...
CVE-2022-43403
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
CVE-2022-41852
A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack...
CVE-2022-34174
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...
CVE-2022-30946
A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...
CVE-2022-2867
A flaw was found in libtiff's tiffcrop utility that has a uint32t underflow that can lead to an out-of-bounds read and write. This flaw allows an attacker who supplies a crafted file to tiffcrop likely via tricking a user to run tiffcrop on it with certain parametersto cause a crash or, in some...
CVE-2022-37416
Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2mcfullxfully8x8...
CVE-2022-29154
A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker wh...
CVE-2022-2466
It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior...
CVE-2022-2255
A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...
CVE-2022-30631
A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion...
CVE-2021-39715
In showregs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...
CVE-2022-32081
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc...
CVE-2022-34265
A flaw was found in Django. The Trunc and Extract database functions are subject to SQL injection if untrusted data is used as a kind/lookupname value...
CVE-2022-1665
A flaw was found in the Linux kernel, where a set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This issue allows kernel versions targeted for testing to eventually boot in PowerPC environments with...
CVE-2022-29224
A flaw was found in Envoy. This flaw allows an attacker who controls an upstream host and also controls service discovery of that host via DNS, the EDS API, etc. to crash Envoy by forcing the removal of the host from service discovery and then failing the gRPC health check request. This issue...
CVE-2022-31212
A stack-based buffer over-read flaw was found in the dbus-broker package. Dbus-Broker depends on c-uitl/c-shquote to parse the DBus service's Exec line, and if a malicious Exec line is supplied, this can lead to a crash or other undefined behaviors...
CVE-2022-30785
A vulnerability was found in NTFS-3G. A file handle created in fuselibopendir and later used in fuselibreaddir allows out-of-bounds read/write operations...
CVE-2022-26717
A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution...
CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...
CVE-2022-1382
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...
CVE-2022-22935
An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. A minion authentication denial of service can cause a MiTM attacker to force a minion process to stop by impersonating a master...
CVE-2019-6799
An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...
CVE-2022-27780
A vulnerability was found in curl. This issue occurs because the curl URL parser wrongly accepts percent-encoded URL separators like '/' when decoding the hostname part of a URL, making it a different URL using the wrong hostname when it is later retrieved. This flaw allows a malicious actor to...
CVE-2022-27455
A flaw was found in the MariaDB Server. It contains a use-after-free in the component, mywildcmp8bitimpl at /strings/ctype-simple.c, affecting availability...
CVE-2022-28048
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...
CVE-2022-0908
A flaw was found in LibTIFF where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchNormalTag in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service...
CVE-2022-0886
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Mitigation The given exploit needs...
CVE-2022-0639
An authorization bypass flaw was found in url-parse. This flaw allows a local unauthenticated attacker to add an at symbol @ while submitting a URL. This issue enables the bypass of validation or block-listing restrictions...
CVE-2022-25183
A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries plugin uses the names of Pipeline libraries to create cache directories without any sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller JVM,...
CVE-2022-25176
A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file typically Jenkinsfile for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on...
CVE-2022-0485
A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS. Mitigation...
CVE-2021-45095
A memory leak flaw in the Linux kernel's PhoNet Phone Network protocol functionality was found in the way user gets memory allocation fail inside function pepsockaccept for the failure branch. A local user could use this flaw to starve the resources causing a denial of service...
CVE-2021-23177
An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw...
CVE-2021-42771
A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...
CVE-2021-39259
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-23434
Prototype pollution has been discovered in object-path NodeJS library. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'...
CVE-2021-3698
A flaw was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the certificate status. The...
CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
CVE-2021-38209
A flaw was found in the Linux kernel. Observation of changes in any net namespace is possible due to these changes being leaked into all other net namespaces. The highest threat from this vulnerability is to data confidentiality...
CVE-2021-34485
.NET Core and Visual Studio Information Disclosure Vulnerability...
CVE-2021-38199
A flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another during trunking detection. This flaw allows a remote NFS4 server if the client is connected to starve the resource...
CVE-2021-20298
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability...
CVE-2021-31810
Ruby's Net::FTP module trusted the IP address included in the FTP server's response to the PASV command. A malicious FTP server could use this to make Ruby applications using the Net::FTP module to connect to arbitrary hosts and use this to perform port scanning or information extraction from...
CVE-2021-3570
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiali...
CVE-2021-0606
A flaw was found in the Linux kernel. The function drmsyncobjhandletofd first calls drmsyncobjfind which increments the refcount of the object on success. In all of the drmsyncobjhandletofd error paths, the refcount is decremented, but in the success path the refcount should remain at +1 as the...
CVE-2021-3593
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6input function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...
CVE-2021-3585
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager...