206309 matches found
CVE-2021-31457
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2025-67722
FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to versions 16.0.45 and 17.0.24 of the FreePBX framework, an authenticated local privilege escalation exists in the deprecated FreePBX startup script amportal. In the deprecated amportal utility, the...
CVE-2025-31650
A flaw was found in Apache Tomcat. This vulnerability allows an application-level denial of service DoS, causing it to become unresponsive or slow via maliciously crafted HTTP/2 prioritization headers. It performs an incomplete cleanup of failed requests, which triggers a memory leak. Mitigation...
CVE-2024-45491
An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...
CVE-2024-7592
A flaw was found in the http.cookies module in the Python package. When parsing cookies that contain backslashes, under certain circumstances, the module uses an algorithm with quadratic complexity, leading to excessive CPU consumption...
CVE-2024-38473
A flaw was found in the modproxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication. Mitigation Mitigation for this issue is either not available or the currently available optio...
CVE-2024-39331
A flaw was found in Emacs. Arbitrary shell commands can be executed without prompting when an Org mode file is opened or when the Org mode is enabled, when Emacs is used as an email client, this issue can be triggered when previewing email attachments. Mitigation Do not open Org mode files or...
CVE-2023-44431
A flaw was found within the handling of the AVRCP protocol in BlueZ. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...
CVE-2024-26720
A vulnerability was found in the wbdirtylimits function in the Linux kernel memory management mm subsystem which can lead to a divide-by-zero error. This issue could lead to a potential kernel crash...
CVE-2023-42843
A flaw was found in WebKit that may allow a remote attacker to conduct spoofing attacks by exploiting an inconsistent user interface issue. By tricking a victim into visiting a specially crafted website, the attacker could perform address bar spoofing...
CVE-2024-23206
A vulnerability was found in WebKitGTK. This flaw allows a remote attacker to bypass the security restriction by using a specially crafted malicious website to fingerprint the victim...
CVE-2024-28849
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, follow-redirects clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a...
CVE-2024-20926
Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or...
CVE-2024-0607
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nftbyteordereval function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That...
CVE-2024-21647
A flaw was found in Puma rubygem. Versions prior 6.4.2 are susceptible to a HTTP smuggling attack when parsing chunked transfer encoding bodies on HTTP messages, which don't limit the size of the message chunk extensions. This issue may lead to uncontrolled resource consumption, possibly resultin...
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...
CVE-2023-7008
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records. Mitigation Mitigation for this issue is either not...
CVE-2023-6918
A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...
CVE-2023-6563
An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens 500,000 users with each having at least 2 saved sessions. If an attacker creates two or more user sessions and then open the "consents" tab of th...
CVE-2023-5752
A flaw was found in the Python pip package. The pip could allow a local authenticated attacker to bypass security restrictions due to a flaw when installing a package from a Mercurial VCS URL. By sending a specially crafted request, an attacker can inject arbitrary configuration options to the "h...
CVE-2023-26364
A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment. Mitigation No mitigation is yet available for this...
CVE-2023-22084
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...
CVE-2023-45863
An out-of-bounds memory write flaw was found in the load/unload module in the Linux kernel's kobject functionality, potentially triggering a race condition in the kobjectgetpath function. This issue may allow a local user to crash the system or potentially escalate their privileges on the system...
CVE-2023-43646
A vulnerability was found in the get-func-name package in the chai module. Affected versions of this package are vulnerable to Regular expression denial of service ReDoS attacks, affecting system availability...
CVE-2023-42756
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSETCMDADD and IPSETCMDSWAP can lead to a kernel panic due to the invocation of ipsetput on a wrong set. This issue may allow a local user to crash the system. Mitigation Mitigation for this issue is either...
CVE-2022-44729
A flaw was found in Apache Batik 1.0 - 1.16. This issue occurs due to a malicious SVG triggering external resources loading by default, causing resource consumption or in some cases information disclosure...
CVE-2022-48064
An excessive memory consumption vulnerability was identified in GNU Binutils, specifically in the function bfddwarf2findnearestlinewithalt at dwarf2.c. An attacker could exploit this by providing a crafted ELF file, potentially leading to a denial of service attack through excessive memory usage...
CVE-2023-32004
A vulnerability was found in NodeJS. This security issue occurs as improper handling of buffers in file system APIs, causing a traversal path to bypass when verifying file permissions. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the R...
CVE-2023-4237
A flaw was found in the Ansible Automation Platform. When creating a new keypair, the ec2key module prints out the private key directly to the standard output. This flaw allows an attacker to fetch those keys from the log files, compromising the system's confidentiality, integrity, and availabili...
CVE-2023-37450
A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution. Mitigation This vulnerability can be mitigated by setting the environment variable JSCuseWebAssembly=0, which will disable support for WebAssembly. It's not necessary...
CVE-2023-2828
A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...
CVE-2023-28319
A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed...
CVE-2023-21968
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploi...
CVE-2023-24537
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service...
CVE-2023-1584
A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provide...
CVE-2023-26606
In the Linux kernel 6.0.8, there is a use-after-free in ntfstrimfs in fs/ntfs3/bitmap.c...
CVE-2022-45787
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions...
CVE-2023-1108
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...
CVE-2022-40959
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that certain pages did not have their FeaturePolicy fully initialized during iframe navigation, leading to a bypass that leaked device permissions into untrusted subdocuments...
CVE-2023-1194
An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...
CVE-2023-23919
A cryptographic vulnerability exists in Node.js 19.2.0, 18.14.1, 16.19.1, 14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread...
CVE-2022-2879
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory,...
CVE-2023-25165
A flaw was found in the helm package. The 'getHostByName' is a Helm template function introduced in Helm v3 and can accept a hostname and return an IP address for that hostname. To get the IP address, the function performs a DNS lookup. The DNS lookup happens when used with 'helm...
CVE-2023-0512
A divide-by-zero flaw was found in Vim's adjustskipcol function in the move.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a floating point exception error and causing an application to crash, eventually leading to a denial of service...
CVE-2022-23552
A flaw was found in The GeoMap and Canvas plugins of Grafana. The GeoMap and Canvas plugins are core plugins in Grafana, which means that all Grafana instances have GeoMap and Canvas installed. These two plugins are vulnerable to Cross-site scripting, where an attacker with an Editor role can add...
CVE-2022-38096
A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...
CVE-2022-3176
A use-after-free flaw was found in iouring in the Linux kernel. This flaw allows a local user to trigger the issue if a signalfd or binder fd is polled with the iouring poll due to a lack of iouring POLLFREE handling...
CVE-2022-2990
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...
CVE-2022-35948
A flaw was found in the undici package. When requesting unsanitized input on content-type headers, it is possible to inject additional requests via Carriage Return/Line Feed CRLF. Mitigation A possible mitigation is to sanitize user input when sending content-type headers...
CVE-2022-32745
A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault...