206360 matches found
CVE-2022-24795
A flaw was found in the YAJL library in the way it reallocates a memory buffer to store more data. A very large input causes the value used to calculate the buffer size to overflow, resulting in a heap-based buffer overflow. Mitigation Avoid passing large inputs to the YAJL library...
CVE-2021-33096
A denial-of-service flaw was found due to improper isolation of shared resources in the network on chip for the IntelR 82599 Ethernet Controllers and Adapters. This may allow an authenticated user to potentially create a denial of service via local access. Mitigation Mitigation for this issue is...
CVE-2022-24730
A flaw was found in ArgoCD. This flaw allows an attacker with read-only repository access to leak files from the repo server that the attacker should not have access to. An attacker can send a crafted request to retrieve file contents. This issue results in the disclosure of sensitive information...
CVE-2022-0907
A NULL pointer dereference flaw was found in Libtiff. This flaw allows an attacker with a crafted TIFF file to cause a crash that leads to a denial of service...
CVE-2022-26125
frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable...
CVE-2022-0554
A flaw was found in vim that causes an out-of-range pointer offset vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-21655
A flaw was found in envoy. Due to incorrect handling of the common router, a segfault is possible when internal redirects are routes with a direct response entry...
CVE-2022-25174
A flaw was found in Jenkins. The JenkinsPipeline: Shared Groovy Libraries uses the same checkout directories for distinct SCMs for Pipeline libraries. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. This...
CVE-2021-45346
A memory leak flaw was found in the SQLite Project via maliciously crafted SQL Queries made via editing the Database File. This flaw allows a malicious user to obtain sensitive information due to a possible query to a record and leaking subsequent bytes of memory that extend beyond the record...
CVE-2022-0480
A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface POSIX file locks. Mitigation Mitigation for this issue is either not available or the currentl...
CVE-2022-0392
A flaw was found in vim. The vulnerability occurs due to illegal memory access with bracketed paste in Ex mode and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s script...
CVE-2022-0261
A heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. Mitigation Untrusted vim scripts...
CVE-2021-34403
NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, which allows any user with a local account to exploit a use-after-free condition, leading to code privilege escalation, loss of confidentiality and integrity, or denial of service...
CVE-2022-22822
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...
CVE-2022-21341
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...
CVE-2022-23219
A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clntcreate in the sunrpc's clntgen.c module of the GNU C Library aka glibc through 2.34. This vulnerability copies its hostname argument onto the stack without validating its length, which may result in...
CVE-2021-33430
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArrayNewFromDescrint function of ctors.c when specifying arrays of large dimensions over 32 from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In very...
CVE-2021-4157
An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system...
CVE-2021-43536
The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...
CVE-2021-3982
Linux distributions using CAPSYSNICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAPSYSNICE is currently implemented and eventually load code to increase its process scheduler priority leading to possib...
CVE-2021-42779
A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid...
CVE-2021-20322
A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...
CVE-2021-20317
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while runnin...
CVE-2021-32280
The transfig package is susceptible to a NULL pointer dereference on crafted input. While translating fig code, patterns which include incomplete closed splines lead to this software flaw. The highest threat from this vulnerability is availability...
CVE-2020-21535
In transfig's fig2dev 3.2.7b it is possible for an attacker to create a specially crafted file that causes a buffer overflow due to the usage of fgets. This leads to a denial of service, impacting availability of the program...
CVE-2021-3796
A use-after-free vulnerability in vim could allow an attacker to input a specially crafted file leading to memory corruption and a potentially exploitable crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-19144
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in TIFFmemcpy' funtion in the component 'tifunix.c'...
CVE-2021-33938
A flaw was found in libsolv. A buffer overflow vulnerability in the prunetorecommend function allows attackers to cause a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2020-2162
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability...
CVE-2021-23425
A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing. The highest threat from this vulnerability is to system availability...
CVE-2021-0003
A flaw was found in the Linux kernel. This flaw allows a local, authenticated user to enable information disclosure due to an improper conditions check in some IntelR Ethernet Controllers 800 series Linux drivers. The highest threat from this vulnerability is to confidentiality...
CVE-2021-3701
A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate use...
CVE-2021-3702
A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's privatedatadir the next time ansible-runner made use of the privatedatadir...
CVE-2021-3700
A use-after-free vulnerability was found in usbredir in the usbredirparserserialize function in usbredirparser/usbredirparser.c . This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination...
CVE-2020-21675
A stack-based buffer overflow in the genptktext component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ptk format...
CVE-2021-38205
A flaw was found in the Linux kernel that allows attackers to defeat an ASLR protection mechanism because it prints a kernel pointer i.e., the real IOMEM pointer. The highest threat from this vulnerability is to confidentiality. Mitigation Mitigation for this issue is either not available or the...
CVE-2020-14297
A flaw was found in Wildfly's EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
CVE-2021-30795
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2021-30761
A flaw was found in the webkitgtk package. Affected versions of this package could allow a remote attacker to execute arbitrary code on the system caused by memory corruption in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this...
CVE-2019-12086
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...
CVE-2021-35197
An improper authorization vulnerability was found in mediawiki. Mediawiki bots may have unintended API access even when a sitewide block has been applied. An attacker can use this vulnerability to potentially utilize a bot to access the mediawiki API and conduct actions like purge pages...
CVE-2021-32399
A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to...
CVE-2021-28091
An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from this vulnerability...
CVE-2020-15254
Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that Vec::fromiter has allocated capacity that same as the number of iterator elements. Vec::fromiter does not actually guarantee that and may allocate extra...
CVE-2021-22904
A flaw was found in RubyGem Actionpack which is framework for handling and responding to web requests in Rails. A possible DoS vulnerability was found in the Token Authentication logic in Action Controller...
CVE-2021-31879
A flaw was found in wget. If wget sends an Authorization header as part of a query and receives an HTTP REDIRECT to a third party in return, the Authorization header will be forwarded as part of the redirected request. This issue creates a password leak, as the second server receives the password...
CVE-2020-28502
An arbitrary code injection vulnerability was found in nodejs-xmlhttprequest. For this vulnerability to occur, the connection must be initialized during the function call XMLHttpRequest.open to send requests synchronously using the parameter async=False. If the subsequent calls to xhr.send...
CVE-2021-27364
A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability. Mitigation The LIBISCSI module will be...
CVE-2021-23336
The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...