206360 matches found
CVE-2022-20572
A flaw was found in the Linux kernel, where it is possible to modify read-only files due to a missing permission check. This flaw can lead to local privilege escalation...
CVE-2021-46877
A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service 2 GB transient heap usage per read in uncommon situations involving JsonNode JDK serialization...
CVE-2023-0836
A flaw was found in HAProxy, which could allow a remote attacker to obtain sensitive information caused by improper initialization when encoding the FCGIBEGINREQUEST record. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and us...
CVE-2022-3636
A vulnerability was found in Linux Kernel. This affects the mtkppecheckskb function in the drivers/net/ethernet/mediatek/mtkppe.c file in the Ethernet Handler component. This manipulation can lead to use after free issue...
CVE-2023-27535
A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic...
CVE-2023-1390
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...
CVE-2022-2503
A flaw was found in the Linux kernel. Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module and firmware loads to just the trusted root filesystem. Device-mapper table reloads currently allow users with root privileges to switch out...
CVE-2023-27901
A flaw was found in Jenkins. Affected versions of Jenkins use the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service...
CVE-2023-27899
A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator’s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in...
CVE-2023-1264
A NULL pointer dereference vulnerability was discovered in vim's utfcptr2len function in the mbyte.c file. This issue is due to using a NULL pointer with the nested :open command. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering an issue that causes a...
CVE-2022-36021
A vulnerability was found in Redis. This flaw allows an authenticated to use string matching commands like SCAN or KEYS with a specially crafted pattern to trigger a denial of service attack on Redis, causing it to hang and consume 100% of CPU time...
CVE-2023-23936
A flaw was found in the fetch API in Node.js that did not prevent CRLF injection in the 'host' header. This issue could allow HTTP response splitting and HTTP header injection...
CVE-2022-41966
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow...
CVE-2023-0833
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular...
CVE-2021-26392
A flaw was found in hw. Insufficient verification of missing size checks in the 'LoadModule' may lead to an out-of-bounds write, potentially allowing an attacker with privileges to gain code execution of the OS/kernel by loading a malicious Trusted Application TA. Mitigation Please contact AMD fo...
CVE-2021-26360
A flaw was found in hw. This flaw allows an attacker with local access to the system to make unauthorized modifications to the security configuration of the SOC registers. This issue could allow potential corruption of the AMD secure processor’s encrypted memory contents, leading to arbitrary cod...
CVE-2022-46871
The Mozilla Foundation Security Advisory describes this flaw as: An out of date library libusrsctp contained vulnerabilities that could potentially be exploited...
CVE-2022-4883
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...
CVE-2023-0030
A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkmvmatail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2022-47943
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...
CVE-2021-44856
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A title blocked by AbuseFilter can be created via Special:ChangeContentModel due to the mishandling of the EditFilterMergedContent hook return value...
CVE-2022-23527
An open redirect vulnerability was found in modauthopenidc, an OpenID Certifiedâ„¢ authentication and authorization module for the Apache 2.x HTTP server. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check for URLs that start...
CVE-2022-4139
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. Mitigation Mitigation for this issue is either not...
CVE-2022-4132
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way repeatedly hitting the login page...
CVE-2022-3977
A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...
CVE-2022-3707
A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to crash the system...
CVE-2022-38248
Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting XSS vulnerabilities at auditlog.php...
CVE-2022-39958
A flaw was found in the OWASP ModSecurity Core Rule Set. Repeated payloads with a HTTP range header field with a small byte range allows a response body bypass, resulting in access to restricted resources...
CVE-2022-40960
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that concurrent use of the URL parser with non-UTF-8 data was not thread-safe, leading to a use-after-free problem and causing a potentially exploitable crash...
CVE-2022-3219
A vulnerability was found in GnuPG. GnuPG can spin on a relatively small input by crafting a public key with thousands of signatures attached and compressed down to a few kilobytes. This issue can potentially cause a denial of service...
CVE-2022-39135
Apache Calcite 1.22.0 introduced the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these operators,...
CVE-2022-3146
A flaw was found in tripleo-ansible. Due to an insecure default configuration, the permissions of a sensitive file are not sufficiently restricted. This flaw allows a local attacker to use brute force to explore the relevant directory and discover the file. This issue leads to information...
CVE-2022-38478
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of members on the Mozilla Fuzzing Team reporting memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption, and we presume...
CVE-2022-36881
A flaw was found in the Git-Client Jenkins plugin. The affected versions of the Jenkins Git client Plugin do not perform SSH host key verification when connecting to Git repositories via SSH, enabling Man-in-the-middle attacks...
CVE-2022-34526
A stack overflow flaw was found in the TIFFVGetField function of Tiffsplit. This vulnerability allows attackers to cause a denial of service DoS via a crafted TIFF file...
CVE-2022-31160
A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label...
CVE-2022-32224
An insecure deserialization flaw was found in Active Record, which uses YAML.unsafeload to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution RCE, resulting in complete system compromise. Mitigation Mitigation for this iss...
CVE-2022-2457
A flaw was found in Business Central in Red Hat Process Automation Manager 7. This flaw allows an attacker to benefit from a brute force attack in the Administration Console. In this issue, the application does not limit the number of unsuccessful login attempts...
CVE-2022-29901
A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some IntelR processors may potentially allow an authorized user to enable information disclosure via local access...
CVE-2022-32213
A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling HRS, causing web cache poisoning, and conducting XSS attacks...
CVE-2022-2286
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-24810
A flaw was found in net-snmp. A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference issue...
CVE-2022-22980
A flaw was found in the Spring Data MongoDB. This flaw allows an attacker to perform code injection when an application uses some annotations/query methods with Spring Expression Language SpEL expressions...
CVE-2022-2200
The Mozilla Foundation Security Advisory describes this flaw as: If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution...
CVE-2022-23823
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. Mitigation For mitigations please refer to the AMD Security Bulletin at...
CVE-2022-1158
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
CVE-2022-1996
A flaw was found in CORS Filter feature from the go-restful package. When a user inputs a domain which is in AllowedDomains, all domains starting with the same pattern are accepted. This issue could allow an attacker to break the CORS policy by allowing any page to make requests and retrieve data...
CVE-2022-31213
A flaw was found in the dbus-broker package. This issue occurs when supplying a malformed XML config file and leads to a NULL pointer dereference...
CVE-2022-1968
A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a use-after-free vulnerability in the utfptr2char function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s...
CVE-2022-1796
A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a use after free vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. Mitigation Untrusted vim scripts with -s scriptin are not recommended t...