Lucene search
K
RedhatcveMost viewed

206304 matches found

RedhatCVE
RedhatCVE
•added 2022/02/23 7:34 a.m.•135 views

CVE-2022-23635

A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash...

7.5CVSS3.3AI score0.01625EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/01/14 8:45 p.m.•135 views

CVE-2022-21824

Due to the formatting logic of the "console.table" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "proto". The prototype pollution has...

8.2CVSS2.7AI score0.21514EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2019/12/06 7:47 p.m.•135 views

CVE-2019-5544

A heap overflow vulnerability was found in OpenSLP. An attacker could use this flaw to gain remote code execution. Mitigation There is no known mitigation...

9.8CVSS3AI score0.96823EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2023/05/09 1:22 p.m.•134 views

CVE-2023-2426

An out-of-range pointer offset vulnerability was found in Vim's mbcharlen function of the src/mbyte.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering the vulnerability that causes an application to crash, leading to a denial of service...

5.5CVSS5.2AI score0.00409EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/11/03 4:56 a.m.•134 views

CVE-2022-20421

A vulnerability was found in the binderincreffornode function in drivers/android/binder.c due to memory corruption, causing a use-after-free issue in the Linux kernel. This flaw could lead to local privilege escalation...

7.8CVSS3.3AI score0.00645EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/08/23 2:40 p.m.•134 views

CVE-2022-2964

A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. Mitigation Mitigation for this issue is either not available or the currently available...

7.8CVSS1.3AI score0.00294EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/05/14 11:32 a.m.•134 views

CVE-2019-20445

A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a...

9.1CVSS0.9AI score0.13474EPSS
Exploits2References3
RedhatCVE
RedhatCVE
•added 2022/03/31 6:32 p.m.•134 views

CVE-2022-22965

A flaw was found in Spring Framework, specifically within two modules called Spring MVC and Spring WebFlux, transitively affected from Spring Beans, using parameter data binding. This flaw allows an attacker to pass specially-constructed malicious requests to certain parameters and possibly gain...

9.8CVSS8.4AI score0.99677EPSS
Exploits100References8
RedhatCVE
RedhatCVE
•added 2022/03/14 9:42 p.m.•134 views

CVE-2022-26520

A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or serv...

9.8CVSS3.3AI score0.02928EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/02/23 6:31 a.m.•134 views

CVE-2022-21656

A flaw was found in envoy. The defaultvalidator.cc implementation used to implement the default certificate validation routines has a "type confusion" bug when processing subjectAltNames...

7.4CVSS2.4AI score0.00768EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2023/09/30 6:24 p.m.•133 views

CVE-2023-42118

An integer underflow flaw was discovered in libspf2 library which exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. This vulnerability allows...

7.5CVSS6.7AI score0.51474EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/12/26 5:5 a.m.•133 views

CVE-2022-46175

A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse...

8.8CVSS5.8AI score0.09304EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2022/08/09 6:37 p.m.•133 views

CVE-2022-2585

A use-after-free flaw was found in the Linux kernel’s POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation Mitigation f...

7.8CVSS1AI score0.01284EPSS
Exploits3References4
RedhatCVE
RedhatCVE
•added 2022/04/12 9:20 a.m.•133 views

CVE-2022-28356

In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/afllc.c...

5.5CVSS6AI score0.00582EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2021/07/20 12:55 p.m.•133 views

CVE-2021-33909

An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...

7.8CVSS1.9AI score0.09808EPSS
Exploits6References6
RedhatCVE
RedhatCVE
•added 2021/07/03 11:30 p.m.•133 views

CVE-2017-12617

A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. Mitigation Ensure that readonly is set to true the default for the...

8.1CVSS1.8AI score0.99988EPSS
Exploits37References2
RedhatCVE
RedhatCVE
•added 2024/01/17 11:8 a.m.•132 views

CVE-2024-0193

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...

7.8CVSS7.3AI score0.12966EPSS
Exploits7References3
RedhatCVE
RedhatCVE
•added 2022/08/26 5:27 p.m.•132 views

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data. Mitigation Mitigation for this issue is either not...

5.5CVSS0.7AI score0.00338EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2020/04/06 4:58 a.m.•132 views

CVE-2019-17267

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Mitigation The following conditions are needed for an exploit, we recommend avoiding all if possible Deserialization from sources yo...

9.8CVSS2.6AI score0.0459EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2024/07/18 7:29 p.m.•131 views

CVE-2024-40725

A flaw was found in httpd. The fix for CVE-2024-39884 ignores some uses of the legacy content-type based configuration of handlers. "AddType" and similar configurations, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...

7.5CVSS8.8AI score0.04134EPSS
Exploits3References4
RedhatCVE
RedhatCVE
•added 2023/02/28 12:29 p.m.•131 views

CVE-2023-24329

A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity...

7.5CVSS7.3AI score0.20459EPSS
Exploits3References4
RedhatCVE
RedhatCVE
•added 2022/07/07 6:14 p.m.•131 views

CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

5.3CVSS2AI score0.04425EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/06/08 8:1 p.m.•131 views

CVE-2022-28615

An out-of-bounds read vulnerability was found in httpd. A very large input to the apstrcmpmatch function can lead to an integer overflow and result in an out-of-bounds read...

9.1CVSS1.4AI score0.05729EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/05/14 11:43 a.m.•131 views

CVE-2020-11612

A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...

7.5CVSS1.4AI score0.09438EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/11/09 4:56 a.m.•130 views

CVE-2022-39328

A race condition was found in Grafana in the middleware logic that could allow bypassing authentication. This flaw allows an unauthenticated user to successfully query an administration endpoint under a heavy load by using a load testing script hitting specific endpoints...

9.8CVSS2.2AI score0.00922EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/09/16 8:45 p.m.•130 views

CVE-2021-39275

An out-of-bounds write in function apescapequotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function. Mitigation Mitigation for this issue is either no...

9.8CVSS2AI score0.36339EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2020/08/11 8:13 p.m.•130 views

CVE-2020-11993

A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by modhttp2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability...

4.3CVSS8.3AI score0.58716EPSS
Exploits2References4
RedhatCVE
RedhatCVE
•added 2024/07/15 3:34 a.m.•129 views

CVE-2024-6345

A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...

8.8CVSS9.1AI score0.01939EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2024/02/15 2:22 a.m.•129 views

CVE-2023-20577

A vulnerability was found in AMD hardware due to a heap overflow in the SMM module. This issue could allow a local unauthenticated attacker to enable writing to SPI flash to execute arbitrary code. Mitigation Mitigation for this issue is either not available or the currently available options do...

7.4CVSS7.3AI score
Exploits0References4
RedhatCVE
RedhatCVE
•added 2023/09/30 5:54 p.m.•129 views

CVE-2023-42115

An out-of-bounds write flaw exists in Exim within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute cod...

9.8CVSS6.6AI score0.10042EPSS
Exploits5References3
RedhatCVE
RedhatCVE
•added 2023/04/27 8:51 a.m.•129 views

CVE-2023-30841

A flaw was found in the baremetal-operator, where the ironic and ironic-inspector deployed within the baremetal operator using the included deploy.sh store .htpasswd files as ConfigMaps instead of Secrets. This issue causes the plain-text username and hashed password to be readable by anyone havi...

6CVSS5.6AI score0.00191EPSS
Exploits1References5
RedhatCVE
RedhatCVE
•added 2023/01/18 4:36 p.m.•129 views

CVE-2023-22809

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.7AI score0.55367EPSS
Exploits20References5
RedhatCVE
RedhatCVE
•added 2022/11/15 6:43 p.m.•129 views

CVE-2022-3775

A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...

7.1CVSS1.8AI score0.00872EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/10/05 2:57 p.m.•129 views

CVE-2022-2928

An integer overflow vulnerability was found in the DHCP server. When the "optioncodehashlookup" function is called from "addoption", it increases the option's "refcount" field. However, there is not a corresponding call to "optiondereference" to decrement the "refcount" field. The "addoption"...

6.5CVSS6.8AI score0.00664EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/05/18 5:34 p.m.•129 views

CVE-2022-22971

A flaw was found in Spring Framework Applications. Applications that use STOMP over the WebSocket endpoint are vulnerable to a denial of service attack caused by an authenticated user...

6.5CVSS2.9AI score0.02931EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/04/20 8:28 a.m.•129 views

CVE-2022-21434

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

5.3CVSS2.3AI score0.02401EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2022/03/15 2:43 p.m.•129 views

CVE-2022-22720

A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling. Mitigation There are currently no known mitigations for this issue...

9.8CVSS9.6AI score0.28189EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2022/01/31 3:7 p.m.•129 views

CVE-2022-0336

A logic flaw in the Samba Active Directory Domain Controller leads to a denial of service and service impersonation. This flaw allows an attacker with the ability to write to an account to perform a denial of service attack or service impersonation by adding an SPN that matches an existing servic...

8.8CVSS4.9AI score0.01301EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/07/19 3:50 p.m.•129 views

CVE-2021-36222

A flaw was found in krb5. This flaw allows an unauthenticated attacker to cause a NULL dereference in the KDC by sending a request containing a PA-ENCRYPTED-CHALLENGE padata element without using FAST. The highest threat from this vulnerability is to system availability...

7.5CVSS2.5AI score0.10276EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2021/07/01 5:51 p.m.•129 views

CVE-2021-35939

It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threa...

7.8CVSS6.9AI score0.00481EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2020/03/21 8:11 a.m.•129 views

CVE-2019-16201

WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network...

7.8CVSS2.9AI score0.05128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2017/05/17 3:10 p.m.•129 views

CVE-2017-8923

An integer overflow vulnerability in PHP can lead to a buffer overflow when constructing extremely long strings with the ".=" operator. In unusual circumstances, this could be used by an attacker to cause an application to crash or possibly have other consequences...

9.8CVSS3.5AI score0.07191EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2023/10/19 9:28 p.m.•128 views

CVE-2023-45133

A vulnerability was discovered in the babel package. Using certain plugins with Babel code could lead to arbitrary code execution. This issue could allow a remote attacker to craft code and then trick the user into compiling it. Mitigation Mitigation for this issue is either not available or the...

8.8CVSS8.6AI score0.0052EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2022/08/23 3:9 p.m.•128 views

CVE-2022-34303

A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use...

7.2CVSS7.4AI score0.0082EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2022/08/16 9:38 a.m.•128 views

CVE-2022-26307

A flaw was found in LibreOffice, where the master key was poorly encoded, resulting in weakening its entropy from 128 to 43 bits. This issue makes the stored passwords that are encrypted with a single master key provided by the user vulnerable to a brute force attack if an attacker has access to...

8.8CVSS2.6AI score0.01139EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 2021/07/13 7:25 p.m.•128 views

CVE-2021-3600

A flaw was found in the Linux kernel’s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. By default, accessing the eBPF verifier is only possible to privileged users with CAPSYSADMIN. This flaw allows a local user who ca...

7.8CVSS2AI score0.00282EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2021/01/03 6:49 p.m.•128 views

CVE-2016-8735

The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is only included in EWS 2.x and JWS 3.x source distributions. If you deploy a Tomcat instance built from source, using the EWS 2.x, or JWS 3.x distributions, an attacker...

10CVSS3.4AI score0.92334EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2020/02/24 6:10 a.m.•128 views

CVE-2020-1938

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS9.3AI score0.9927EPSS
Exploits45References9
RedhatCVE
RedhatCVE
•added 2024/04/22 10:4 a.m.•127 views

CVE-2024-30171

A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS1 1.5 and OAEP decryption process a.k.a. Marvin Attack. An attacker can recover cipher-texts via a side-channe...

5.9CVSS6.3AI score0.00901EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2023/10/30 8:28 p.m.•127 views

CVE-2023-39017

A code injection vulnerability was found in quartz-jobs. The issue resides in the org.quartz.jobs.ee.jms.SendQueueMessageJob.execute component, where an unchecked argument can trigger the vulnerability. Mitigation Mitigation for this issue is either not available or the currently available option...

5.3CVSS9.4AI score0.01017EPSS
Exploits1References3
Total number of security vulnerabilities5000