206514 matches found
CVE-2017-14106
A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...
CVE-2017-10684
In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution attack...
CVE-2017-7541
Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...
CVE-2017-1000366
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...
CVE-2016-5425
It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges...
CVE-2025-50361
Buffer Overflow was found in SmallBASIC community SmallBASIC with SDL Before v1228, and commit sha:298a1d495355959db36451e90a0ac74bcc5593fe in the function main.cpp, which can lead to potential information leakage and crash...
CVE-2025-3102
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
CVE-2025-2078
The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissio...
CVE-2024-42257
In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock, svolumename is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 "ext4: add nonstring annotations to ext4.h". Using...
CVE-2024-42005
A flaw was found in Django. The QuerySet.values and QuerySet.valueslist methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed arg. Mitigation Mitigation for this issue is either not available or the currently available options...
CVE-2024-24790
A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...
CVE-2024-4947
A type confusion vulnerability was found in the Chromium web browser. This flaw allows an unauthenticated, remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Mitigation Until updated packages are released for Fedora and EPEL, consider temporarily swapping to an...
CVE-2024-26945
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix nrcpus nriaa case If nrcpus nriaa, the calculated cpusperiaa will be 0, which causes a divide-by-0 in rebalancewqtable. Make sure cpusperiaa is 1 in that case, and also in the nriaa == 0 case, even though...
CVE-2024-27099
A double free vulnerability was found in python-uamqp-azure affecting the embedded azure-uamqp-c library at the link.c file. If some uncommon conditions are met, an authenticated user may cause remote code execution...
CVE-2024-21392
A vulnerability was found in dotnet. The YARP HTTP/2 WebSocket support in .NET Core can cause a denial of service DoS. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and...
CVE-2024-26607
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: sii902x: Fix probing race issue A null pointer dereference crash has been observed rarely on TI platforms using sii9022 bridge: 53.271356 sii902xgetedid+0x34/0x70 sii902x 53.276066 sii902xbridgegetedid+0x14/0x20 sii90...
CVE-2024-1481
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service. Mitigation Mitigation for this issue is either not available or the...
CVE-2024-0562
A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdiunregister is called to stop further write-back and waits for associated delayed work to complete. However, wbinodewritebackend may schedule bandwidth estimation work after this has completed, which can result in the...
CVE-2023-6856
The Mozilla Foundation Security Advisory describes this flaw as: The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape...
CVE-2023-6394
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access information and...
CVE-2023-6176
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their...
CVE-2023-39194
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged CAPNETADMIN attacker to trigger an out-of-bounds read, potentially leadi...
CVE-2023-42756
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSETCMDADD and IPSETCMDSWAP can lead to a kernel panic due to the invocation of ipsetput on a wrong set. This issue may allow a local user to crash the system. Mitigation Mitigation for this issue is either...
CVE-2023-39978
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service memory consumption in Magick::Draw...
CVE-2023-35946
A flaw was found in Gradle that permits directory traversal in its evaluation of repository paths. This issue could allow a local attacker to overwrite a file in the dependency cache with malicious code. Mitigation Users unable to upgrade should use dependency verification to make this...
CVE-2023-35141
A flaw was found in Jenkins and Jenkins Long-Term Support LTS, where it could allow a remote, authenticated attacker to bypass security restrictions caused by the inclusion of insufficiently escaped user-provided values in part of the URL. An attacker can send a POST request to an unexpected...
CVE-2023-3164
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...
CVE-2023-2680
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750...
CVE-2022-4744
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To...
CVE-2022-48423
In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...
CVE-2023-26607
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfsattrfind in fs/ntfs/attrib.c...
CVE-2022-41723
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests...
CVE-2023-27530
A flaw was found in rubygem-rack. This issue occurs in the Multipart MIME parsing code in Rack, which limits the number of file parts but does not limit the total number of parts that can be uploaded. Carefully crafted requests can abuse this and cause multipart parsing to take longer than...
CVE-2023-22995
A memory overflow flaw was found in the Linux kernel’s Dual Role SuperSpeed USB controller driver in how a user registers a new USB device, which fails. This flaw allows a local user to crash the system...
CVE-2022-33891
A flaw was found in Apache Spark. This flaw allows a malicious user to impersonate another user and jeopardize the environment by executing shell commands...
CVE-2023-0568
A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...
CVE-2023-23518
A vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption, and execute arbitrary code on the target system...
CVE-2023-22795
A flaw was found in the rubygem-actionpack. RubyGem's actionpack gem is vulnerable to a denial of service caused by a regular expression denial of service ReDoS flaw in Action Dispatch related to the If-None-Match header. By sending a specially-crafted HTTP If-None-Match header, a remote attacker...
CVE-2023-0288
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189...
CVE-2023-23598
The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...
CVE-2022-4742
A flaw was found in the json-pointer package. The affected versions of this package are vulnerable to prototype pollution vulnerability...
CVE-2021-35065
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
CVE-2022-43552
A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols,...
CVE-2022-38398
Server-Side Request Forgery SSRF vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14...
CVE-2022-46875
The Mozilla Foundation Security Advisory describes this flaw as: The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected...
CVE-2022-41089
.NET Framework Remote Code Execution Vulnerability...
CVE-2022-3854
A flaw was found in Ceph, relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW, causing a denial of service...
CVE-2022-3697
A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...
CVE-2022-2832
A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/glbackend.cc that may lead to loss of confidentiality and integrity...