206304 matches found
CVE-2023-33201
A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain...
CVE-2023-2977
A vulnerability was found in OpenSC. This issue causes a buffer overrun in the pkcs15 cardoshaveverifyrcpackage. This flaw allows an attacker to supply a smart card package with a malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, where the remainin...
CVE-2023-23529
A vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. This may, in theory, allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger type confusion, and execute arbitrary code on the...
CVE-2022-36437
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
CVE-2022-23529
A flaw was found in the jsonwebtoken package. In affected versions of the jsonwebtoken library, if a malicious actor can modify the key retrieval parameter referring to the secretOrPublicKey argument from the readme link of the jwt.verify function, they can perform remote code execution RCE...
CVE-2022-3649
A flaw was found in the NILFS2 file system implementation in the Linux kernel. If the beginning of the inode bitmap area was corrupted on disk, an inode with the same inode number as the root inode could be allocated and fail soon after. The subsequent call to nilfsclearinode wrongly decremented...
CVE-2022-3140
A vulnerability was found in LibreOffice that affects the Office URI Schemes. These schemes enable browser integration of LibreOffice with the MS SharePoint server. In LibreOffice, the links using the scheme 'vnd.libreoffice.command' could be constructed to call internal macros with arbitrary...
CVE-2022-36946
A memory corruption flaw was found in the Linux kernel’s Netfilter subsystem in the way a local user uses the libnetfilterqueue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilterqueue is used by a...
CVE-2021-44731
A race condition vulnerability in the snap-confine component setupprivatemount of snapd was found by Qualys. This flaw could lead to local privilege escalation from any user to root...
CVE-2020-10968
A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following...
CVE-2022-22576
A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious...
CVE-2022-0084
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...
CVE-2022-24959
A memory leak was found in the yamsiocdevprivate function of the YAM driver for AX.25. This issue can result in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat Product Security criteria comprising ease of u...
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...
CVE-2021-39226
An authentication bypass was found in grafana. An attacker on the network is able to view and delete snapshots by accessing a literal path...
CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables...
CVE-2023-1973
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
CVE-2023-5363
A flaw was found in OpenSSL in how it processes key and initialization vector IV lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality...
CVE-2023-4207
There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...
CVE-2022-3358
A flaw was found in OpenSSL, where it incorrectly handles legacy custom ciphers passed to the EVPEncryptInitex2, EVPDecryptInitex2 and EVPCipherInitex2 functions as well as other similarly named encryption and decryption initialization functions. Instead of using the custom cipher directly, it...
CVE-2022-20141
A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ipcheckmcrcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2022-1650
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
CVE-2022-0778
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subje...
CVE-2021-39698
A vulnerability was found in the Linux kernel’s file polling implementation in kernel/sched/wait.c., which leads to a use-after-free problem. This flaw allows a local user to cause a denial of service memory corruption or crash or privilege escalation. Mitigation Mitigation for this issue is eith...
CVE-2018-14718
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...
CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...
CVE-2021-21781
An information disclosure flaw exists in the ARM SIGPAGE functionality of the Linux kernel. An attacker with a local account can read the contents of the sigpage, which contains previously initialized kernel memory contents. This flaw requires an attacker to read a process’s memory at a specific...
CVE-2021-21362
A flaw has been identified in minio https://github.com/minio/minio. It is possible to bypass a readOnly policy by creating a temporary 'mc share upload'...
CVE-2021-33196
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...
CVE-2018-3060
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2024-32752
The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access...
CVE-2023-6237
A flaw was found in OpenSSL. When the EVPPKEYpubliccheck function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large...
CVE-2023-4807
A vulnerability was found in OpenSSL. The security issue occurs in the POLY1305 MAC message authentication code implementation, that contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA...
CVE-2023-28531
A vulnerability was found in openssh. This issue occurs when adding smartcard keys to ssh-agent1 with per-hop destination constraints. A logic error prevented the constraints from being communicated to the agent, resulting in the keys being added without constraints. The common cases of...
CVE-2022-26383
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification...
CVE-2017-18638
A flaw was found in graphite-web. The sendemail in the graphite-web/webapp/graphite/composer/views.py function is vulnerable to a Server-side request forgery SSRF. This flaw allows an attacker to use the vulnerable SSRF endpoint to have the Graphite web server request any resource. An attacker ca...
CVE-2021-22543
A flaw was found in the Linux kernel’s KVM implementation, where improper handing of the VMIO|VMPFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of...
CVE-2023-6378
A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition. Mitigation Mitigation for this issue is either no...
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...
CVE-2021-28861
A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning of the URI path. This issue may lead to information disclosure...
CVE-2022-21556
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-43529
A flaw was found in Thunderbird, which is vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...
CVE-2022-27774
A vulnerability was found in curl. This security flaw allows leaking credentials to other servers when it follows redirects from auth-protected HTTPS URLs to other protocols and port numbers...
CVE-2022-27195
Jenkins Parameterized Trigger Plugin 2.43 and earlier captures environment variables passed to builds triggered using Jenkins Parameterized Trigger Plugin, including password parameter values, in their build.xml files. These values are stored unencrypted and can be viewed by users with access to...
CVE-2021-20182
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as...
CVE-2020-2305
A flaw was found in the mercurial plugin in Jenkins. The XML changelog parser is not configured to prevent an XML external entity XXE attack allowing an attacker the ability to control an agent process to have Jenkins parse a crafted changelog file that uses external entities for extraction of...
CVE-2020-26555
A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even...
CVE-2021-29509
A flaw was found in rubygem-puma. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections...
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. Mitigation...
CVE-2024-2756
An improper input validation vulnerability was found in PHP. Due to an incomplete fix to CVE-2022-31629, network and same-site attackers can set a standard insecure cookie in the victim's browser. Mitigation Mitigation for this issue is either not available or the currently available options don'...