206363 matches found
CVE-2022-36946
A memory corruption flaw was found in the Linux kernel’s Netfilter subsystem in the way a local user uses the libnetfilterqueue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilterqueue is used by a...
CVE-2022-20141
A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ipcheckmcrcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2021-44731
A race condition vulnerability in the snap-confine component setupprivatemount of snapd was found by Qualys. This flaw could lead to local privilege escalation from any user to root...
CVE-2022-0778
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subje...
CVE-2021-4178
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML...
CVE-2021-39226
An authentication bypass was found in grafana. An attacker on the network is able to view and delete snapshots by accessing a literal path...
CVE-2021-3656
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...
CVE-2021-21781
An information disclosure flaw exists in the ARM SIGPAGE functionality of the Linux kernel. An attacker with a local account can read the contents of the sigpage, which contains previously initialized kernel memory contents. This flaw requires an attacker to read a process’s memory at a specific...
CVE-2018-1273
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...
CVE-2019-8457
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode function when handling invalid rtree tables...
CVE-2017-7529
A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory b...
CVE-2024-6119
A flaw was found in OpenSSL. Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Mitigation Mitigation for this issue is either not available or t...
CVE-2023-5363
A flaw was found in OpenSSL in how it processes key and initialization vector IV lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality...
CVE-2023-4207
There are 3 CVEs for the use-after-free flaw found in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel: CVE-2023-4206, CVE-2023-4207, CVE-2023-4208. A local user could use any of these flaws to crash the system or potentially escalate their privileges on the system...
CVE-2023-23529
A vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. This may, in theory, allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger type confusion, and execute arbitrary code on the...
CVE-2022-36437
A flaw was found in Hazelcast and Hazelcast Jet. This flaw may allow an attacker unauthenticated access to manipulate data in the cluster...
CVE-2022-3140
A vulnerability was found in LibreOffice that affects the Office URI Schemes. These schemes enable browser integration of LibreOffice with the MS SharePoint server. In LibreOffice, the links using the scheme 'vnd.libreoffice.command' could be constructed to call internal macros with arbitrary...
CVE-2020-10968
A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following...
CVE-2022-1650
A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website...
CVE-2022-22576
A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. This issue leads to an authentication bypass, either by mistake or by a malicious...
CVE-2022-0084
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...
CVE-2021-39698
A vulnerability was found in the Linux kernel’s file polling implementation in kernel/sched/wait.c., which leads to a use-after-free problem. This flaw allows a local user to cause a denial of service memory corruption or crash or privilege escalation. Mitigation Mitigation for this issue is eith...
CVE-2022-24959
A memory leak was found in the yamsiocdevprivate function of the YAM driver for AX.25. This issue can result in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options dont meet the Red Hat Product Security criteria comprising ease of u...
CVE-2018-14718
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...
CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this...
CVE-2021-21362
A flaw has been identified in minio https://github.com/minio/minio. It is possible to bypass a readOnly policy by creating a temporary 'mc share upload'...
CVE-2021-33196
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...
CVE-2021-22543
A flaw was found in the Linux kernel’s KVM implementation, where improper handing of the VMIO|VMPFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of...
CVE-2023-1973
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...
CVE-2023-28531
A vulnerability was found in openssh. This issue occurs when adding smartcard keys to ssh-agent1 with per-hop destination constraints. A logic error prevented the constraints from being communicated to the agent, resulting in the keys being added without constraints. The common cases of...
CVE-2022-3358
A flaw was found in OpenSSL, where it incorrectly handles legacy custom ciphers passed to the EVPEncryptInitex2, EVPDecryptInitex2 and EVPCipherInitex2 functions as well as other similarly named encryption and decryption initialization functions. Instead of using the custom cipher directly, it...
CVE-2017-18638
A flaw was found in graphite-web. The sendemail in the graphite-web/webapp/graphite/composer/views.py function is vulnerable to a Server-side request forgery SSRF. This flaw allows an attacker to use the vulnerable SSRF endpoint to have the Graphite web server request any resource. An attacker ca...
CVE-2020-26555
A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even...
CVE-2018-3060
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2024-32752
The iSTAR door controllers running firmware prior to version 6.6.B, does not support authenticated communications with ICU, which may allow an attacker to gain unauthorized access...
CVE-2023-6237
A flaw was found in OpenSSL. When the EVPPKEYpubliccheck function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large...
CVE-2023-4807
A vulnerability was found in OpenSSL. The security issue occurs in the POLY1305 MAC message authentication code implementation, that contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA...
CVE-2023-3899
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the...
CVE-2021-28861
A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning of the URI path. This issue may lead to information disclosure...
CVE-2021-43529
A flaw was found in Thunderbird, which is vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS...
CVE-2022-27774
A vulnerability was found in curl. This security flaw allows leaking credentials to other servers when it follows redirects from auth-protected HTTPS URLs to other protocols and port numbers...
CVE-2022-26383
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification...
CVE-2020-2305
A flaw was found in the mercurial plugin in Jenkins. The XML changelog parser is not configured to prevent an XML external entity XXE attack allowing an attacker the ability to control an agent process to have Jenkins parse a crafted changelog file that uses external entities for extraction of...
CVE-2019-11043
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. Mitigation...
CVE-2024-2756
An improper input validation vulnerability was found in PHP. Due to an incomplete fix to CVE-2022-31629, network and same-site attackers can set a standard insecure cookie in the victim's browser. Mitigation Mitigation for this issue is either not available or the currently available options don'...
CVE-2023-6378
A flaw was found in the logback package, where it is vulnerable to a denial of service caused by a serialization flaw in the receiver component. By sending specially crafted poisoned data, a remote attacker can cause a denial of service condition. Mitigation Mitigation for this issue is either no...
CVE-2023-4015
A use-after-free flaw was found in the Linux kernel's netfilter: nftables component, which can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can unbind the chain and objects can be...
CVE-2023-4513
A denial of service vulnerability was found in Wireshark due to a memory leak in the Bluetooth SDP dissector. This issue may allow a remote attacker to induce a crash in Wireshark by injecting a malformed packet onto the wire or persuading someone to read a corrupted packet trace file...
CVE-2023-32629
A flaw was found in the Linux Kernel where the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. This flaw allows a local attacker to gain elevated privileges due to skipped permission in checking for trusted.overlayfs. xattrs...
CVE-2023-27522
An HTTP Response Smuggling vulnerability was found in the Apache HTTP Server via modproxyuwsgi. This security issue occurs when special characters in the origin response header can truncate or split the response forwarded to the client. Mitigation Mitigation for this issue is either not available...