206360 matches found
CVE-2024-41009
An out-of-bounds memory access flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to crash the system. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of...
CVE-2024-35325
A vulnerability was found in libyaml in versions up to 0.2.5. This issue affects the yamleventdelete function in the /src/libyaml/src/api.c. file, leading to a double-free problem. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red H...
CVE-2024-25743
A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...
CVE-2024-21742
Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages...
CVE-2024-23653
A vulnerability was found in the Moby Builder Toolkit, specifically in the Interactive Containers API, where entitlement checks are not adequately validated, caused by a missing privilege check in a GRPC endpoint when called using a custom syntax format. This flaw allows the currently running...
CVE-2024-23651
A race condition issue was found in the Moby Builder Toolkit, stemming from a time-of-check/time-of-use TOCTOU vulnerability during cache volume mounting at container build time. Concurrent execution of two malicious build steps, sharing the same cache mounts with subpaths, may result in files fr...
CVE-2024-20932
Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modificati...
CVE-2023-45232
A security loophole involving an infinite loop was identified in EDK2, the open-source reference implementation of the UEFI specification. This weakness enables an unauthorized attacker to exploit system availability by sending a specifically crafted Destination Options IPv6 header. Mitigation...
CVE-2023-47039
A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell cmd.exe. When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system...
CVE-2023-5870
A flaw was found in PostgreSQL involving the pgcancelbackend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would...
CVE-2023-46728
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid. This issue may lead to a remote denial ...
CVE-2023-47233
A use-after-free issue was found in the brcm80211 component in the Linux kernel, which may be triggered by a physical attacker while disconnecting a device. Mitigation To mitigate this issue, prevent module brcmfmac from being loaded. Please see https://access.redhat.com/solutions/41278 for how t...
CVE-2023-4527
A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...
CVE-2020-19726
A heap-based buffer overflow was found in binutils in the bfdgetl32 function, relating to the auxiliary symbol data. This flaw allows an attacker to read or write to system memory or cause a denial of service...
CVE-2023-20588
A division-by-zero error was found in hw on some AMD processors. This flaw can potentially return speculative data, resulting in loss of confidentiality. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteri...
CVE-2023-26965
A heap use-after-free vulnerability was found in LibTIFF's tiffcrop utility in the loadImage function. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcrop utility, which causes an out-of-bounds write access, resulting in an application crash, eventually leading to a...
CVE-2023-2829
A vulnerability was found in BIND. This security flaw occurs when a named instance is configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled; remote termination can occur using a zone with a malformed...
CVE-2023-32030
A vulnerability was found in dotnet that can cause a denial of service...
CVE-2023-23004
A NULL pointer dereference flaw was found in the Linux kernel's Mali-DP Device Driver. This flaw allows a local user to crash the system...
CVE-2022-37865
A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access...
CVE-2023-23913
A flaw was found in Rails. rails-ujs may allow an attacker to perform Cross-Site Scripting XSS, which could lead to stolen information, phishing attacks, and other types of attacks...
CVE-2022-23713
A Cross-site-scripting XSS vulnerability was found in the Vega Charts Kibana integration. This issue could allow arbitrary JavaScript to be executed in a victim’s browser...
CVE-2022-39324
A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the "Open original dashboard" button...
CVE-2022-47024
A NULL pointer dereference issue was found in Vim's guix11createblankmouse function in guix11.c. This flaw allows attackers to cause a denial of service and other unspecified impacts...
CVE-2022-41717
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache...
CVE-2022-47940
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2write...
CVE-2022-3633
A memory leak flaw was found in the Linux kernel’s j1939 socket functionality. This flaw allows a local user to crash the system...
CVE-2022-3628
A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. Mitigation To mitigate this issue, prevent the brcmfmac module from...
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
CVE-2022-43403
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and...
CVE-2022-35957
A flaw was found in the grafana package. Auth proxy allows authentication of a user by only providing the username or email in an X-WEBAUTH-USER HTTP header. The trust assumption is that a front proxy will take care of authentication and that the Grafana server is only publicly reachable with thi...
CVE-2022-2466
It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior...
CVE-2022-30631
A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion...
CVE-2021-39715
In showregs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-32091
MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...
CVE-2022-34494
A double free flaw was found in the Linux kernel Remote Processor Messaging rpmsg framework. This flaw could allow a local user to crash the system...
CVE-2022-1665
A flaw was found in the Linux kernel, where a set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This issue allows kernel versions targeted for testing to eventually boot in PowerPC environments with...
CVE-2022-31212
A stack-based buffer over-read flaw was found in the dbus-broker package. Dbus-Broker depends on c-uitl/c-shquote to parse the DBus service's Exec line, and if a malicious Exec line is supplied, this can lead to a crash or other undefined behaviors...
CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...
CVE-2022-30126
In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standa...
CVE-2022-26691
An authorization vulnerability was found in the CUPS printing system. This security vulnerability occurs when local authorization happens. This flaw allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key and perform arbitrary code execution. Mitigation Red Hat has...
CVE-2022-1382
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...
CVE-2021-37961
Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-27292
A regular expression denial of service ReDoS vulnerability was found in the npm library ua-parser-js. If a supplied user agent matches the Noble string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces...
CVE-2022-27455
A flaw was found in the MariaDB Server. It contains a use-after-free in the component, mywildcmp8bitimpl at /strings/ctype-simple.c, affecting availability...
CVE-2022-1420
A vulnerability was found in Vim. The issue occurs when using a number in a string for the lambda name, triggering an out-of-range pointer offset vulnerability. This flaw allows an attacker to trick a user into opening a crafted script containing an argument as a number and then using it as a...
CVE-2022-28048
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...
CVE-2022-27456
A flaw was found in the MariaDB Server. It contains a use-after-free in the component, VDec::VDec at /sql/sqltype.cc, affecting availability...
CVE-2022-0908
A flaw was found in LibTIFF where a NULL source pointer passed as an argument to the memcpy function within the TIFFFetchNormalTag in tifdirread.c. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service...
CVE-2022-0886
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Mitigation The given exploit needs...