206360 matches found
CVE-2019-10215
Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser...
CVE-2019-6110
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. Mitigation This issue only affects the user...
CVE-2024-3094
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...
CVE-2023-35941
A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC...
CVE-2023-1370
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...
CVE-2023-28450
A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. Mitigation Systems that can not be updated can still configure dnsmasq to use the recommended maximum EDNS value by setting edns-packet-max=1232 in the dnsmasq...
CVE-2022-24329
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects...
CVE-2018-3640
An industry-wide issue was found in the way many modern microprocessor handle speculative access of system registers inaccessible to unprivileged user. It relies on the presence of a precisely-defined instruction sequence in the privileged code which allows speculative load of system registers an...
CVE-2024-8421
This CVE has been rejected...
CVE-2022-26373
A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation eIBRS capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer RSB...
CVE-2022-24765
A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be executed by other...
CVE-2022-23307
A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run...
CVE-2019-0211
A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process usually root. An attacker having access to run arbitrary scripts on the web server PHP, CGI etc could use this flaw to run code on the...
CVE-2023-50290
A flaw was found in Apache Solr. This issue may allow an unauthorized actor access to sensitive information. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the...
CVE-2024-0057
A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggerin...
CVE-2022-21443
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...
CVE-2021-34798
A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability. Mitigation Red Hat has investigated whether a possible mitigation exists for this issue, and has...
CVE-2021-31618
A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use this flaw to crash the httpd child process, causing temporary denial of service...
CVE-2019-20372
NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. Mitigation To mitigate this issue, use a named location instead ...
CVE-2023-31890
A flaw was found in glazedlists, which permits code execution when deserializing code via the BeanXMLByteDecoder's decode method. This flaw allows an attacker to execute code on the vulnerable system...
CVE-2023-24824
A flaw was found in CommonMarker. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service...
CVE-2023-24540
A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be...
CVE-2022-3171
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...
CVE-2021-27861
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and optionally VLAN0 headers...
CVE-2019-6340
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core...
CVE-2021-36368
An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authenticatio...
CVE-2022-1671
A NULL pointer dereference flaw was found in rxrpcpreparses in net/rxrpc/serverkey.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information...
CVE-2022-23221
A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script...
CVE-2018-3639
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...
CVE-2017-20005
A flaw was found in nginx. When a date exists earlier than the standard epoch, as demonstrated by a file with a modification date in 1969 that causes a negative number to be treated as an unsigned integer, the year field becomes five characters long, larger than is allocated for, leading to a...
CVE-2021-28164
In Jetty the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. An attacker can use this vulnerability to reveal sensitive information regarding the implementation of a web application...
CVE-2024-38780
In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from syncprintobj Since commit a6aa8fca4d79 "dma-buf/sw-sync: Reduce irqsave/irqrestore from known context" by error replaced spinunlockirqrestore with spinunlockirq for both syncdebugfsshow and...
CVE-2023-33201
A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain...
CVE-2023-36664
A vulnerability was found in Ghostscript. This flaw occurs due to a mishandled permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix...
CVE-2022-35260
A vulnerability was found in curl. The issue occurs when curl is told to parse a .netrc file for credentials. If that file ends in a line with consecutive non-white space letters and no newline, curl could read past the end of the stack-based buffer, and if the read works, it can write a zero byt...
CVE-2022-33743
An incomplete cleanup flaw was found in the Linux kernel’s Xen networking XDP eXpress Data Path subsystem. This flaw allows a local user to crash the system...
CVE-2022-30594
A flaw was found in the Linux kernel. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the PTSUSPENDSECCOMP flag, possibly disabling seccomp. Mitigation If ptrace is not required, ptrace can be disabled in multiple ways. 1. SELinux policy. setsebool -P...
CVE-2022-27776
A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom Authorization...
CVE-2022-29156
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrscltdevrelease...
CVE-2022-0396
A flaw was found in Bind that incorrectly handles certain crafted TCP streams. The vulnerability allows TCP connection slots to be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. This flaw allows a remote attacker to send specially crafted TCP strea...
CVE-2025-2787
KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 a.k.a IngressNightmare vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i....
CVE-2021-30047
VSFTPD is vulnerable to a denial of service, caused by only a limited number of connections allowed, a remote attacker could exploit this vulnerability to cause a denial of service condition...
CVE-2023-0045
A flaw was found in the Linux kernel. This issue occurs due to a failure mitigating the Spectre-BTI attack using the kernel API, as IBPB is not issued during the syscall until the next schedule, leaving the system vulnerable. Mitigation For user-mode applications, a usleep after the prctl call wi...
CVE-2021-26291
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model pom, which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that...
CVE-2024-29059
.NET Framework Information Disclosure Vulnerability...
CVE-2023-6817
A use-after-free flaw was found in the Netfilter subsystem in the Linux kernel via the nftpipapowalk function. This issue may allow a local user with CAPNETADMIN capability to trigger an application crash, information disclosure, or local privilege escalation. Mitigation In order to trigger the...
CVE-2023-45871
A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue. Mitigation Mitigation for this...
CVE-2023-2977
A vulnerability was found in OpenSC. This issue causes a buffer overrun in the pkcs15 cardoshaveverifyrcpackage. This flaw allows an attacker to supply a smart card package with a malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, where the remainin...
CVE-2022-23529
A flaw was found in the jsonwebtoken package. In affected versions of the jsonwebtoken library, if a malicious actor can modify the key retrieval parameter referring to the secretOrPublicKey argument from the readme link of the jwt.verify function, they can perform remote code execution RCE...
CVE-2022-3649
A flaw was found in the NILFS2 file system implementation in the Linux kernel. If the beginning of the inode bitmap area was corrupted on disk, an inode with the same inode number as the root inode could be allocated and fail soon after. The subsequent call to nilfsclearinode wrongly decremented...