206363 matches found
CVE-2023-31346
A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory. Mitigation...
CVE-2024-26921
In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...
CVE-2024-26593
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and once...
CVE-2024-21404
A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...
CVE-2024-24855
A race condition vulnerability was found in the Linux kernel's SCSI device driver in the lpfcunregisterfcfrescan function. This issue can result in a NULL pointer dereference issue, possibly leading to a kernel panic or denial of service...
CVE-2021-33630
A NULL pointer dereference flaw was found in the Linux kernel's network scheduler. This issue occurs when offloading is enabled, the cbs instance is not added to the list. The code also incorrectly handles the case when offload is disabled without removing the qdisc. This could allow a local user...
CVE-2024-0822
An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command...
CVE-2024-0232
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service...
CVE-2024-22051
An integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption when parsing tables who's marker rows contain more than UINT16MAX columns. Mitigation Disabling any use of the table extension of cmark-gfm will prevent this vulnerability from being triggered...
CVE-2023-6270
A flaw was found in the ATA over Ethernet AoE driver in the Linux kernel. The aoecmdcfgpkts function improperly updates the refcnt on struct netdevice, and a use-after-free can be triggered by racing between the free on the struct and the access through the skbtxq global queue. This could lead to...
CVE-2023-42890
A flaw was found in WebKitGTK. This issue exists due to a boundary error when processing malicious HTML content in WebKit, which could result in memory corruption and arbitrary code execution on the target system. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2023-6606
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. Mitigation To mitigate this issue, prevent module cifs from being loaded. Please see...
CVE-2023-5676
Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal SIGTERM, SIGINT or SIGHUP is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite...
CVE-2023-5090
A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. Mitigation Mitigation for this issue is either not available or the currently available optio...
CVE-2023-44271
A flaw was found in Pillow. A denial of service issue uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for TrueType in ImageFont when text length in an ImageDraw instance operates on a long text argument...
CVE-2023-42794
A flaw was found in Apache Tomcat. An incomplete cleanup vulnerability with the internal fork of the Commons FileUpload package exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be delete...
CVE-2023-39332
Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...
CVE-2023-37536
An integer overflow exists in xerces-c++. This flaw allows an attacker using a specially crafted HTTP request payload to trigger an out-of-bounds read, resulting in a loss of confidentiality, integrity, and availability. Mitigation Mitigation for this issue is either not available or the currentl...
CVE-2023-4154
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...
CVE-2023-43665
An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to a potential denial of service, given certain HTML inputs...
CVE-2023-5176
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs are present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these cou...
CVE-2023-4622
A use-after-free flaw was found in the Linux kernel's afunix component that allows local privilege escalation. The unixstreamsendpage function tries to add data to the last skb in the peer's recv queue without locking the queue. This issue leads to a race condition where the unixstreamsendpage...
CVE-2023-26048
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable...
CVE-2020-18781
A vulnerability was found in audiofile, where heap buffer overflow vulnerability was discovered in FilePOSIX::read in File.cpp leads to denial of service via a crafted wav file, this bug can be triggered by the executable sfconvert...
CVE-2022-47673
An issue was discovered in Binutils addr2line before 2.39.3, function parsemodule contains multiple out of bound reads which may cause a denial of service or other unspecified impacts...
CVE-2022-45703
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function displaydebugsection in file readelf.c...
CVE-2023-4045
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
CVE-2023-3637
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significa...
CVE-2023-3567
A use-after-free flaw was found in vcsread in drivers/tty/vt/vcscreen.c in vcscreen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. Mitigation Mitigation for this issue is either not available or the current...
CVE-2023-1295
A time-of-check to time-of-use flaw was found in the iouring subsystem's IORINGOPCLOSE operation in the Linux kernel. This flaw allows a local user to elevate their privileges to root...
CVE-2023-20867
A flaw was found in the open-vm-tools package. An attacker with root access privileges over ESXi may be able to cause an authentication bypass in the vgauth module. This may lead to compromised confidentiality and integrity...
CVE-2023-2801
A flaw was found in grafana. This issue occurs when sending an API call to the /ds/query or public dashboard query endpoint that has mixed queries, such as having two or more distinct data sources in one API call. As a result, the Grafana instance will crash. Currently, the only feature that uses...
CVE-2023-20883
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...
CVE-2023-1855
A use-after-free flaw was found in xgenehwmonremove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel driver xgene-hwmon. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. Mitigation This flaw can ...
CVE-2023-27898
A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting XSS...
CVE-2022-27672
A flaw was found in HW. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch, potentially resulting in information disclosure. Mitigation The current mitigations for spectre V4 or spectrev2 should mitiga...
CVE-2022-1438
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting XSS vulnerability...
CVE-2022-38778
A flaw was found in one of Kibana’s third-party dependencies. This issue could allow an authenticated user to perform a request that crashes the Kibana server process...
CVE-2023-23914
A flaw was found in the Curl package, where the HSTS mechanism would be ignored by subsequent transfers when done on the same command line because the state would not be properly carried. This issue may result in limited confidentiality and integrity...
CVE-2023-0778
A Time-of-check Time-of-use TOCTOU flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system...
CVE-2023-0494
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...
CVE-2022-3534
A use-after-free flaw was found in btfdumpnamedups in tools/lib/bpf/btfdump.c in libbpf in the Linux Kernel. This issue occurs because the key stored in the hash table namemap is a string address, and the string memory is allocated by realloc function. When the memory is resized by realloc later,...
CVE-2022-44566
A flaw was found in the rubygem-activerecord. RubyGem's ActiveRecord is vulnerable to a denial of service caused by a flaw in the PostgreSQL adapter. By sending a specially-crafted request, a remote attacker can cause a slow sequential scan, resulting in a denial of service...
CVE-2022-3094
A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This issue may cause named to slow down due to a lack of free memory, resulting in a denial of service DoS...
CVE-2022-4696
A use-after-free flaw was found in the iouring subsystem of the Linux kernel. This issue occurs during the IORINGOPSPLICE operation due to a missing IOWQWORKFILES flag, leading to an invalid decrease of its reference counter and later causing the use-after-free vulnerability. This flaw allows a...
CVE-2022-40897
A flaw was found in Python Setuptools due to a regular expression Denial of Service ReDoS present in packageindex.py. This issue could allow a remote attacker to cause a denial of service via HTML in a crafted package or custom PackageIndex page...
CVE-2022-42329
A possible deadlock flaw was found in the Linux kernel’s XEN driver in how some packets generated by a user dropped. This flaw allows a local user to crash the system...
CVE-2022-3996
A vulnerability was found in OpenSSL. This security flaw occurs if an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems most widely: Windows, this issue results in a denial of...
CVE-2022-3591
Use After Free in GitHub repository vim/vim prior to 9.0.0789. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-41854
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack...