206304 matches found
CVE-2019-19058
A flaw was found in the Linux kernel. The Intel Wireless WiFi MVM Firmware driver mishandles resource cleanup during device coredump. An attacker able to trigger the device coredump and system-wide out of memory conditions at the same time could use this flaw to crash the system. The highest thre...
CVE-2019-19768
A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...
CVE-2019-19816
A flaw was found in the implementation of the BTRFS file system code in the Linux kernel. An attacker, who is able to mount a crafted BTRFS filesystem and perform common filesystem operations, can possibly cause an out-of-bounds write to memory. This could lead to memory corruption or privilege...
CVE-2019-19645
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...
CVE-2017-7542
An integer overflow vulnerability in ip6find1stfragopt function was found. A local attacker that has privileges of CAPNETRAW to open raw socket can cause an infinite loop inside the ip6find1stfragopt function...
CVE-2017-9224
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...
CVE-2017-7308
It was found that the packetsetring function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAPNETRAW capability could use this flaw to trigger a buffer overflow resulting in a system crash or a privilege escalation...
CVE-2019-17666
A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct or WiFi peer-to-peer driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network...
CVE-2017-1000410
A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space...
CVE-2017-3736
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...
CVE-2016-8864
A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
CVE-2017-7659
A NULL pointer dereference flaw was found in the modhttp2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request...
CVE-2017-7668
A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request...
CVE-2007-2383
The Prototype prototypejs framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...
CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
CVE-2019-5827
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-5786
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
CVE-2018-2942
Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...
CVE-2018-1000517
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...
CVE-2018-0495
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...
CVE-2018-1000204
A malformed SGIO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files...
CVE-2018-10323
The xfsbmapextentstobtree function in fs/xfs/libxfs/xfsbmap.c in the Linux kernel can cause a NULL pointer dereference in xfsbmapiwrite function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted xfs filesystem image to cause a kernel pani...
CVE-2017-18258
The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...
CVE-2017-18208
The madvisewillneed function in the Linux kernel allows local users to cause a denial of service infinite loop by triggering use of MADVISEWILLNEED for a DAX mapping...
CVE-2017-17682
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted wpg image file that triggers a ReadWPGImage call...
CVE-2017-17449
The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel, through 4.14.4, does not restrict observations of Netlink messages to a single net namespace, when CONFIGNLMON is enabled. This allows local users to obtain sensitive information by leveraging the CAPNETADMIN...
CVE-2017-10357
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
CVE-2017-14493
A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would cause it to a crash or, potentially, execute arbitrary code...
CVE-2017-14496
An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet...
CVE-2017-12967
The getsym function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a malformed tekhex binary...
CVE-2017-7778
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
CVE-2016-10158
It was found that the exifconvertanytoint function in PHP was vulnerable to floating point exceptions when parsing tags in image files. A remote attacker with the ability to upload a malicious image could crash PHP, causing a Denial of Service...
CVE-2016-8612
An error was found in protocol parsing logic of modcluster load balancer Apache HTTP Server modules. An attacker could use this flaw to cause a Segmentation Fault in the serving httpd process...
CVE-2016-6664
A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...
CVE-2016-7855
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016...
CVE-2016-2848
A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet...
CVE-2016-6317
A flaw was found in the way Active Record handled certain special values in dynamic finders and relations. If a Ruby on Rails application performed JSON parameter parsing, a remote attacker could possibly manipulate search conditions in SQL queries generated by the application...
CVE-2016-1702
The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service out-of-bounds read via crafted serialized data...
CVE-2016-4565
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...
CVE-2007-2768
OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar issue to CVE-2007-2243...
CVE-2025-55292
Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC address, rather than their public key. This aspect downgrades the security, specifically by abusing the HAM mode which doesn't use encryption...
CVE-2021-22710
A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF Configuration Group File file is imported to IGS...
CVE-2025-51662
A stored cross-site scripting XSS vulnerability is found in the text sharing feature of FileCodeBox version 2.2 and earlier. Insufficient input validation allows attackers to inject arbitrary JavaScript code into shared text "codeboxes". The xss payload is automatically executed in the browsers o...
CVE-2025-24853
A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...
CVE-2025-32432
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...
CVE-2025-29810
Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...
CVE-2025-22398
Dell Unity, versions 5.4 and prior, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root...
CVE-2025-20229
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution RCE through a file...
CVE-2024-38816
A flaw was found in Spring applications using the WebMvc.fn or WebFlux.fn frameworks. This issue can allow attackers to perform path traversal attacks via crafted HTTP requests when the application serves static resources using RouterFunctions and explicitly configures resource handling with a...
CVE-2023-7272
A flaw was found in Eclipse Parsson. A document containing a large depth of nested objects may allow an attacker to cause a Java stack overflow exception, potentially leading to a denial of service...