206304 matches found
CVE-2022-0088
Cross-Site Request Forgery CSRF in GitHub repository yourls/yourls prior to 1.8.3...
CVE-2022-24953
The CryptGPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions...
CVE-2022-27418
Tcpreplay v4.4.1 has a heap-based buffer overflow in dochecksummath at /tcpedit/checksum.c...
CVE-2020-10713
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access...
CVE-2022-1621
A flaw was found in vim, where it is vulnerable to a heap buffer overflow in the vimstrncpy findword function. This flaw allows a specially crafted file to crash software, modify memory and possibly perform remote execution when opened in vim...
CVE-2022-21437
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2022-27378
A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...
CVE-2022-1280
A use-after-free vulnerability was found in drmleaseheld in drivers/gpu/drm/drmlease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service DoS or a kernel information leak. Mitigation Mitigation for this issue is either not...
CVE-2022-1097
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of NSSToken objects referenced via direct points that could have been accessed unsafely on different threads, leading to a use-after-free and potentially exploitable crash...
CVE-2022-28282
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: By using a link with rel="localization," a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to...
CVE-2022-24769
A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve2 runs...
CVE-2022-0168
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system. Mitigation...
CVE-2021-23648
A flaw was found in sanitize-url due to improper sanitization in the sanitizeUrl function. This issue causes vulnerability to Cross-site Scripting in sanitize-url...
CVE-2022-24726
A stack exhaustion flaw was found in the Istio control plane. This flaw allows a remote unauthenticated attacker to send a specially crafted or oversized message to crash the control plane process, resulting in a denial of service condition...
CVE-2022-21654
A flaw was found in envoy. When certificate validation settings are changed, incorrect configuration handling allows TLS session reuse without revalidation...
CVE-2021-25636
A improper certificate validation flaw was found in LibreOffice allowing an attacker to manipulate a digitally signed ODF document to appear that no alteration of the document occurred since the last signing and that the signature is valid...
CVE-2021-44577
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this candidate. Al...
CVE-2021-44569
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this candidate. Al...
CVE-2021-45082
A flaw was found in cobbler. The vulnerability occurs due to incomplete template sanitization and leads to code injection. This flaw allows an attacker to interact and inject malicious codes and gain access to the system...
CVE-2022-25181
A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM used and the source of the library configuration. This flaw allows attackers with item/configure permission...
CVE-2022-22754
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If a user installed a particular type of extension, the extension could have auto-updated itself, and while doing so may have bypassed the prompt which grants the new version the new requested permission...
CVE-2022-22756
The Mozilla Foundation Security Advisory describes this flaw as: If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script, which would have run arbitrary code after the user clicked it...
CVE-2022-22589
A vulnerability was found in WebKitGTK. The vulnerability exists due to improper input validation in WebKit when processing email messages. This flaw allows a remote attacker to trick the victim into opening a specially crafted email message and execute arbitrary JavaScript code...
CVE-2022-0487
A use-after-free vulnerability was found in the Linux kernel’s moxartremove function in drivers/mmc/host/moxart-mmc.c. This flaw allows a local attacker with a user privilege to create issues with confidentiality. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2021-46664
MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...
CVE-2021-4214
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service...
CVE-2022-23852
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...
CVE-2021-34401
NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVGPUIOCTLCHANNELSETERRORNOTIFIER, where improper access control may lead to code execution, compromised integrity, or denial of service...
CVE-2019-11730
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...
CVE-2021-44917
A flaw was found in gnuplot. A possible divide by zero flaw could allow an attacker to input a specially crafted file leading to a crash or code execution...
CVE-2021-23463
A flaw was found in the h2database. This flaw allows an attacker to benefit from XML External Entity XXE Injection via the org.h2.jdbc.JdbcSQLXML class object. A user may trigger the vulnerability by sending malicious data...
CVE-2021-4011
A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SwapCreateRegister function...
CVE-2021-43539
The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...
CVE-2021-43546
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
CVE-2021-41816
A flaw was found in the ruby. This issue occurs due to improper bounds checking by a buffer overrun in CGI.escapehtml. By sending an overly long string using the sizet parameter, a remote attacker could overflow a buffer and execute arbitrary code on the system...
CVE-2021-42374
A flaw was found in BusyBox. It did not properly sanitize while crafted LZMA compressed input was decompressing, leading to a denial of service. The highest threat from this vulnerability is to confidentiality and system availability...
CVE-2021-23222
A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...
CVE-2021-43400
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call...
CVE-2021-41802
HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a user with write permission to an entity alias ID sharing a mount accessor with another user to acquire this other user’s policies by merging their identities. Fixed in Vault and Vault Enterprise 1.7.5 and 1.8.4...
CVE-2021-42780
A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library...
CVE-2021-35645
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-38502
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication...
CVE-2005-0877
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq...
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...
CVE-2021-32627
An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...
CVE-2017-5049
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...
CVE-2021-38493
Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.14,...
CVE-2021-33285
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-33582
A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this vulnerability is to...
CVE-2021-32778
An uncontrolled resource consumption vulnerability was found in envoyproxy/envoy. When envoy handles a large number of HTTP/2 requests which open and then reset the connection, it can cause excessive CPU usage. This flaw allows an attacker to cause a denial of service on the proxy. The highest...