206362 matches found
CVE-2023-43338
Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjsgetptr. This vulnerability allows attackers to execute arbitrary code via a crafted input...
CVE-2025-33028
In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...
CVE-2025-27738
Improper access control in Windows Resilient File System ReFS allows an authorized attacker to disclose information over a network...
CVE-2025-32044
A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exceptionignoreargs = 1 in the...
CVE-2023-31355
A flaw was found in the AMD firmware. This vulnerability allows a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest via improper restriction of write operations. Mitigation Mitigation for this issue is either not available...
CVE-2024-4109
A flaw was found in Undertow. An HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2 connection. This issue can potentially lead to information leakage between requests...
CVE-2024-26942
In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe On reworking and splitting the at803x driver, in splitting function of at803x PHYs it was added a NULL dereference bug where priv is referenced before it's actually...
CVE-2024-3205
A flaw was found in the libyaml library. A specially crafted YAML file can cause a heap-based buffer over-read in the yamlemitteremitflowsequenceitem function in the src/emitter.c file, resulting in denial of service in the application linked to the library. Mitigation Applications that do not...
CVE-2024-23450
A flaw was found in elasticsearch. Trying to process a document in a deeply nested pipeline may cause the related ingest node to crash, resulting in a Denial of Service...
CVE-2024-27439
A flaw was found in Apache Wicket. Under certain circumstances, this flaw allows an attacker to bypass Cross-Site Request Forgery CSRF protections...
CVE-2024-28102
An uncontrolled resource consumption vulnerability was found in python-jwcrypto. If a malicious JWE token with a high compression ratio is passed to the server, the server will consume a lot of memory and processing time, leading to a denial of service. Mitigation Mitigation for this issue is...
CVE-2023-52532
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type probably from a newer hardware, still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors can be triggered by...
CVE-2024-26589
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...
CVE-2023-52451
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlparmemoryremovebyindex may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index. When the search fails,...
CVE-2024-26584
A flaw was found in the tls subsystem of the Linux kernel. When setting the CRYPTOTFMREQMAYBACKLOG flag on requests to the crypto API, cryptoaeadencrypt and cryptoaeaddecrypt functions can return -EBUSY instead of -EINPROGRESS in valid situations. This issue could lead to undefined behavior and a...
CVE-2024-0853
A flaw was found in Curl, where it inadvertently kept the SSL session ID for connections in its cache even when the verify status, OCSP stapling test, failed. A subsequent transfer to the same hostname could succeed if the session ID cache were still fresh, which then skips the verify status chec...
CVE-2024-0409
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. Mitigation Mitigation for this issue is eith...
CVE-2024-20970
Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server...
CVE-2023-6393
A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contain...
CVE-2023-48234
A flaw was found in Vim, an open source command line text editor. When getting the count for a normal mode z command, it may overflow if large counts are given. The impact is low because user interaction is required and a crash may not happen in all situations. Mitigation Mitigation for this issu...
CVE-2023-43786
A vulnerability was found in libX11 due to an infinite loop within the PutSubImage function. This flaw allows a local user to consume all available system resources and cause a denial of service condition...
CVE-2023-42119
An out-of-bounds read flaw was found in Exim which exists within the smtp service. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer, leading to disclosure of some sensitive information. An attacker can...
CVE-2023-38427
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...
CVE-2023-26049
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...
CVE-2023-40217
Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are...
CVE-2021-29390
A heap buffer over-read flaw was found in libjpeg-turbo. For certain types of smoothed jpeg images, the decompresssmoothdata function may improperly enter a condition statement that leads to heap memory read of uninitialized data, which may cause an application crash or loss of confidentiality...
CVE-2021-28025
A flaw was found in the qt-qtsvg package. An integer overflow vulnerability in qsvghandler.cpp allows local attackers to cause a denial of service DoS...
CVE-2023-20873
A flaw was found in Spring Boot. This targets specifically 'spring-boot-actuator-autoconfigure' package. This issue occurs when an application is deployed to Cloud Foundry, which could be susceptible to a security bypass. Specifically, an application is vulnerable when all of the following are...
CVE-2023-35390
A vulnerability was found in dotnet. This issue exists when some dotnet commands are used in directories with weaker permissions, which can result in remote code execution...
CVE-2023-3610
A use-after-free vulnerability was found in the netfilter: nftables component in the Linux kernel due to a missing error handling in the abort path of NFTMSGNEWRULE. This flaw allows a local attacker with CAPNETADMIN access capability to cause a local privilege escalation problem. Mitigation In...
CVE-2023-36661
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows...
CVE-2023-34966
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function slunpackloop did not validate a field in the network packet that contains the count of elements in an array-like...
CVE-2023-3269
A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas VMAs is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, a...
CVE-2023-29402
A flaw was found in golang. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program that uses cgo. This can occur when running an untrusted module that contains directories with newline characters in their names...
CVE-2023-28410
A flaw was found in the Linux kernel i915 graphics driver that improperly restricts operations within the bounds of a memory buffer. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. Mitigation Preventing loading the i915 kernel module...
CVE-2023-29199
A flaw was found in the vm2 sandbox. When exception handling is triggered, the sanitization logic is not managed with proper exception handling. This issue may allow an attacker to bypass the sandbox protections which can lead to remote code execution on the hypervisor host or the host which is...
CVE-2023-2008
A flaw was found in the Linux kernel's udmabuf device driver, within a fault handler. This issue occurs due to the lack of proper validation of user-supplied data, which can result in memory access past the end of an array. This may allow an attacker to escalate privileges and execute arbitrary...
CVE-2023-24538
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system. Mitigation Mitigation...
CVE-2023-26117
A flaw was found in AngularJS, where it is vulnerable to a denial of service caused by a regular expression denial of service ReDoS issue in the $resource service. By providing specially-crafted regex input, a remote attacker could cause a denial of service...
CVE-2023-0922
A vulnerability was found in Samba. This security issue occurs in the Samba AD DC administration tool. When operating against a remote LDAP server, it will, by default, send new or reset passwords over a signed-only connection...
CVE-2023-22999
In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3qcomcreateursusbplatdev return value expects it to be NULL in the error case, whereas it is actually an error pointer...
CVE-2022-48425
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs...
CVE-2023-28101
A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. Suppose an attacker publishes a Flatpak app with elevated permissions. In that case, they can hide those permissions from users of the flatpak1 command-line interface by setting...
CVE-2023-28327
A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. Mitigation Mitigation fo...
CVE-2023-25358
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-0507
A flaw was found in the GeoMap Grafana plugin, where a user can store unsanitized HTML in the GeoMap plugin under the Attribution text field, and the client will process it. The vulnerability makes it possible to use XHR to make arbitrary API calls on behalf of the attacked user. This means that ...
CVE-2022-47929
A NULL pointer dereference flaw was found in qdiscgraft in net/sched/schapi.c in the Linux kernel. This issue may allow a local unprivileged user to trigger a denial of service if the allocworkqueue function return is not validated in time of failure, resulting in a system crash or leaked interna...
CVE-2022-40899
A denial of service flaw was found in Python Charmers Future. This flaw allows an attacker to send a specially crafted Set-Cookie header in an HTTP request, resulting in a loss of system availability...
CVE-2023-0481
In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user...
CVE-2021-26393
A flaw was found in hw. Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker-controlled data, resultin...