Lucene search
K
RedhatcveMost viewed

206363 matches found

RedhatCVE
RedhatCVE
•added 2021/03/05 7:4 p.m.•53 views

CVE-2021-27364

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability. Mitigation The LIBISCSI module will be...

7.1CVSS7.1AI score0.00957EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2021/02/15 8:5 p.m.•53 views

CVE-2021-23336

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS2.8AI score0.35963EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2021/02/12 3:29 p.m.•53 views

CVE-2021-20235

There's a flaw in the zeromq server in src/decoderallocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server could trigger a buffer...

8.1CVSS3.7AI score0.43862EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/02/09 1:5 p.m.•53 views

CVE-2020-28476

A flaw was found in python-tornado. All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the...

2.7AI score
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/02/04 12:51 a.m.•53 views

CVE-2021-20220

A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS...

6.5CVSS3.5AI score0.02712EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2021/01/19 12:18 p.m.•53 views

CVE-2020-25685

A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in forward.c:replyquery, which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is...

4.3CVSS0.4AI score0.04041EPSS
Exploits2References4
RedhatCVE
RedhatCVE
•added 2021/01/05 2:33 p.m.•53 views

CVE-2020-28052

A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data...

8.1CVSS2.4AI score0.0714EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2020/12/09 5:44 p.m.•53 views

CVE-2020-8284

A malicious server can use the PASV response to trick curl into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. If cu...

4.3CVSS6.4AI score0.03851EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2020/11/05 9:59 a.m.•53 views

CVE-2020-25688

A flaw was found in rhacm. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository which resulted in all installations using the same certificates. If an attacker could observe network traffic internal to a cluster, they could use the private key...

3.5CVSS1.6AI score0.00248EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2020/09/07 4:49 p.m.•53 views

CVE-2019-8823

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary...

8.8CVSS2.4AI score0.0192EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2020/07/29 5:6 p.m.•53 views

CVE-2020-14310

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

3.6CVSS3AI score0.00478EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2020/07/14 6:14 p.m.•53 views

CVE-2020-1147

It was discovered that .NET Core did not properly check the source markup of XML files. A remote, unauthenticated attacker could possibly exploit this flaw to execute arbitrary code by sending specially crafted requests to an application parsing certain kinds of XML files or an ASP.NET Core...

6.8CVSS5.8AI score0.94243EPSS
Exploits10References3
RedhatCVE
RedhatCVE
•added 2020/06/06 1:56 a.m.•53 views

CVE-2020-10878

Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. Mitigation To mitigate this flaw, developers should not allow untrusted regular...

7.5CVSS4.3AI score0.04879EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2020/04/24 8:33 a.m.•53 views

CVE-2019-12520

A flaw was found in squid. The absolute URL of a request can include the decoded UserInfo username and password for certain protocols. This decoded info may contain special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a...

5CVSS1.8AI score0.03935EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2020/04/08 8:56 p.m.•53 views

CVE-2019-7222

An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object hold...

5.5CVSS1.3AI score0.00678EPSS
Exploits1References3
RedhatCVE
RedhatCVE
•added 2020/04/07 5:3 p.m.•53 views

CVE-2019-10747

A flaw was found in nodejs-set-value. The function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or proto payloads. The highest threat from this vulnerability is to data confidentiality and integrity...

9.8CVSS3.1AI score0.05006EPSS
Exploits3References3
RedhatCVE
RedhatCVE
•added 2020/04/07 5:3 p.m.•53 views

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

9.8CVSS1.9AI score0.13197EPSS
Exploits5References3
RedhatCVE
RedhatCVE
•added 2020/04/04 5:27 p.m.•53 views

CVE-2019-13224

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS5.5AI score0.04047EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2020/03/31 2:6 p.m.•53 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981...

7.5CVSS3.7AI score0.05719EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2020/03/29 7:56 a.m.•53 views

CVE-2019-14835

A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this fla...

7.8CVSS1.8AI score0.00627EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2020/01/10 2:8 p.m.•53 views

CVE-2019-16789

An HTTP-interpretation flaw was found in waitress, through version 1.4.0. If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially...

8.2CVSS1.2AI score0.02587EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2020/01/02 3:28 p.m.•53 views

CVE-2018-1305

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that...

6.5CVSS3AI score0.14737EPSS
Exploits2References2
RedhatCVE
RedhatCVE
•added 2019/12/13 9:38 p.m.•53 views

CVE-2019-19534

An information-leak flaw was found in the Linux kernel's pcan USB driver. When a device using this driver connects to the system, the stack information is leaked to the CAN bus, a controller area network for automobiles. The highest threat with this vulnerability is breach of data confidentiality...

4.6CVSS0.1AI score0.00512EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2019/10/11 12:11 a.m.•53 views

CVE-2017-12190

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

6.5CVSS3.3AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2019/10/08 10:36 p.m.•53 views

CVE-2018-2633

It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data...

8.3CVSS1.3AI score0.0565EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2019/09/30 7:52 p.m.•53 views

CVE-2019-10212

A flaw was found in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user’s credentials from the log files. Mitigation Use Elytron instead of legacy Security subsystem...

9.8CVSS2.6AI score0.019EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2019/09/10 2:21 p.m.•53 views

CVE-2019-15926

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6klwmipstreamtimeouteventrx and ath6klwmicaceventrx in the file drivers/net/wireless/ath/ath6kl/wmi.c...

9.4CVSS2.7AI score0.05189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2019/01/08 9:20 p.m.•53 views

CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing CORS configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .N...

7.5CVSS1.4AI score0.09611EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2018/10/30 4:49 p.m.•53 views

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...

5.9CVSS3.9AI score0.12154EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2018/08/03 7:18 p.m.•53 views

CVE-2018-14883

An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exifthumbnailextract of exif.c...

7.5CVSS3.1AI score0.08975EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2018/06/07 5:50 a.m.•53 views

CVE-2016-1000338

In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...

7.5CVSS4.5AI score0.01845EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2018/01/12 4:49 a.m.•53 views

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from...

7.5CVSS3.3AI score0.08885EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2017/12/12 4:20 p.m.•53 views

CVE-2017-15896

Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSLread due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption...

9.1CVSS2.4AI score0.78675EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2017/11/22 12:19 p.m.•53 views

CVE-2017-16644

The hdpvrprobe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service improper error handling and system crash or possibly have unspecified other impact via a crafted USB device...

7.2CVSS6.3AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2017/10/16 9:50 a.m.•53 views

CVE-2017-13078

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a 4-way...

8.1CVSS1.9AI score0.0207EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2017/07/20 8:49 a.m.•53 views

CVE-2017-7541

Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...

7.8CVSS3.4AI score0.00547EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2017/07/18 8:21 p.m.•53 views

CVE-2017-10087

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS1.8AI score0.02555EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2017/04/11 8:48 a.m.•53 views

CVE-2017-7616

Incorrect error handling in the setmempolicy and mbind compat syscalls in 'mm/mempolicy.c' in the Linux kernel allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation...

5.5CVSS3AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2016/08/18 9:3 p.m.•53 views

CVE-2016-6828

A use-after-free vulnerability was found in tcpxmitretransmitqueue and other tcp functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection...

5.5CVSS3.1AI score0.01181EPSS
Exploits5References1
RedhatCVE
RedhatCVE
•added 2016/07/20 7:48 a.m.•53 views

CVE-2016-3610

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598...

9.6CVSS7.4AI score0.0669EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2015/10/30 9:25 a.m.•53 views

CVE-2007-1888

Buffer overflow in the sqlitedecodebinary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite...

7.5CVSS8.4AI score0.03486EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/02/03 3:18 p.m.•52 views

CVE-2025-10279

In mlflow version 2.20.3, the temporary directory used for creating Python virtual environments is assigned insecure world-writable permissions 0o777. This vulnerability allows an attacker with write access to the /tmp directory to exploit a race condition and overwrite .py files in the virtual...

7CVSS5.9AI score0.00215EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/05/22 7:37 p.m.•52 views

CVE-2021-29934

An issue was discovered in PartialReader in the uuod crate before 0.0.4 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation...

7.5CVSS6.7AI score0.009EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/05/11 4:10 p.m.•52 views

CVE-2024-13961

Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU...

7.8CVSS7.8AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2025/05/03 11:8 a.m.•52 views

CVE-2025-27007

Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privilege Escalation.This issue affects OttoKit: from n/a through = 1.0.82...

9.8CVSS7.4AI score0.5088EPSS
Exploits3References1
RedhatCVE
RedhatCVE
•added 2024/08/07 4:17 p.m.•52 views

CVE-2024-42005

A flaw was found in Django. The QuerySet.values and QuerySet.valueslist methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed arg. Mitigation Mitigation for this issue is either not available or the currently available options...

7.3CVSS9.4AI score0.01227EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2024/06/17 10:51 p.m.•52 views

CVE-2024-24790

A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...

6.7CVSS9.6AI score0.01952EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2024/06/05 5:34 p.m.•52 views

CVE-2024-5629

A flaw was found in the bson module contained in the python-pymongo package. A malformed BSON file may trigger an exception, leading to a denial of service and eventually sensitive memory data exposure...

4.7CVSS4.5AI score0.00663EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2024/03/04 5:26 p.m.•52 views

CVE-2024-23307

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow...

4.4CVSS7.2AI score0.0059EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2024/02/06 12:0 a.m.•52 views

CVE-2023-52426

A flaw was found in Expat libexpat. If XMLDTD is undefined at compile time, a recursive XML Entity Expansion condition can be triggered. This issue may lead to a condition where data is expanded exponentially, which will quickly consume system resources and cause a denial of service. Mitigation...

5.5CVSS5.3AI score0.00373EPSS
Exploits0References3
Total number of security vulnerabilities5000