206309 matches found
CVE-2023-31486
A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...
CVE-2023-35944
A flaw was found in Envoy that allows for mixed-case schemes in HTTP/2. However, some internal scheme checks in Envoy are case-sensitive, leading to incorrect handling of requests and responses with mixed case schemes. For example, if a request with a mixed scheme HTTP is sent to the OAuth2 filte...
CVE-2020-25969
gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest...
CVE-2023-34967
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...
CVE-2023-22038
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2023-22007
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2023-38197
A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body...
CVE-2023-29404
A flaw was found in golang. The go command may execute arbitrary code at build time when using cgo. This can occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This can be triggered by linker flags, specified via a "cgo LDFLAGS"...
CVE-2022-21235
A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands on the system...
CVE-2023-31670
An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service DoS via running a crafted binary...
CVE-2023-31085
A divide-by-zero flaw was found in the Linux kernel’s UBI a software layer above the MTD layer that admits the use of LVM-like logical volumes on top of MTD devices. This flaw allows a local user to crash the system...
CVE-2023-28320
A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...
CVE-2022-24434
A flaw was found in the Node.js dicer module. The affected versions of the Node.js dicer module are vulnerable to a denial of service. By sending a specially-crafted form to the server, a remote attacker can crash the node.js service. Mitigation Mitigation for this issue is either not available o...
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2023-1667
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...
CVE-2023-21938
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploi...
CVE-2023-20863
A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server...
CVE-2022-48468
A vulnerability was found in protobuf-c. This security flaw leads to an unsigned integer overflow in parserequiredmember...
CVE-2023-26552
An out-of-bounds write flaw was found in the ntp package. A remote attacker may trigger this vulnerability by sending malicious data packets to the ntp server. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...
CVE-2023-29548
The Mozilla Foundation Security Advisory describes this flaw as: A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result...
CVE-2023-29536
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...
CVE-2021-28235
A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges...
CVE-2023-1281
A use-after-free vulnerability was found in the traffic control index filter tcindex in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. Mitigation Thi...
CVE-2023-27537
A double free vulnerability exists in libcurl 8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread...
CVE-2023-26484
A flaw was found in the Kubevirt package. KubeVirt could allow a remote authenticated attacker to bypass security restrictions caused by improper authorization validation. An attacker can modify all node specs by sending a specially-crafted request using the virt-handler service account...
CVE-2023-1175
A flaw was found in Vim. There is an incorrect calculation of buffer size issue found in Vim's yankcopyline function of the register.c file. This flaw allows illegal memory access when using virtual editing as "startspaces" goes negative. An attacker can trick a user into opening a specially...
CVE-2023-25361
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-23586
A use-after-free vulnerability was discovered in the Linux kernel's iouring subsystem. It was found that it is possible to insert a time namespace's vvar page to process memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the...
CVE-2023-25173
A flaw was found in containerd, where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some...
CVE-2023-1078
An out-of-bounds memory access flaw was found in the Linux kernel's RDS Reliable Datagram Sockets protocol due to triggering rdsmessageput. This could allow a local user to crash the system or potentially escalate their privileges on the system...
CVE-2023-25151
A flaw was found in opentelemetry-go. The v0.38.0 release of go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp uses the httpconv.ServerRequest function to annotate metric measurements for the http.server.requestcontentlength, http.server.responsecontentlength, and http.server.duration...
CVE-2023-23918
A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...
CVE-2023-25744
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort...
CVE-2023-25735
The Mozilla Foundation Security Advisory describes this flaw as: Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy...
CVE-2021-42135
A flaw was found in the HashiCorp vault. Affected versions may have an unexpected interaction between glob-related policies and the Google Cloud secrets engine. In some situations, users may have more privileges than intended...
CVE-2023-0216
A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2iPKCS7, d2iPKCS7bio or d2iPKCS7fp functions. This may result in an application crash which could lead to a denial of service. The TLS implementati...
CVE-2021-26316
A flaw was found in hw. Failure to validate the BIOS's communication buffer and communication service may allow an attacker to tamper with the buffer, resulting in potential System Management Mode SMM arbitrary code execution. Mitigation Please contact AMD for more updates on this flaw...
CVE-2022-48281
A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow for example, "WRITE of size 307203" via a crafted TIFF image...
CVE-2022-46456
A buffer over-read was found in NASM. The issue occurs when a specially crafted file is processed by NASM when using the dbg output file format, causing the application to crash and disclose a limited amount of information...
CVE-2022-40716
A flaw was found in the HashiCorp Consul package. In the affected versions of this package, a specially crafted CSR sent directly to Consul’s internal server agent RPC endpoint can include multiple SAN URI values with additional service names...
CVE-2022-47946
An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in iosqpollwaitsq in fs/iouring.c allows an attacker to crash the kernel, resulting in denial of service. finishwait can be skipped. An attack can occur in some situations by forking a process and then quickly...
CVE-2022-37966
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability...
CVE-2022-3630
A memory leak flaw was found in the Linux kernel IPSec functionality. This issue could allow a local user to crash the system...
CVE-2022-46366
Apache Tapestry 3.x allows deserialization of untrusted data, leading to remote code execution. This issue is similar to but distinct from CVE-2020-17531, which applies the the also unsupported 4.x version line. NOTE: This vulnerability only affects Apache Tapestry version line 3.x, which is no...
CVE-2020-35539
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-24999
A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a proto or constructor payload, a remote attacker can cause a...
CVE-2022-38249
Nagios XI v5.8.6 was discovered to contain a cross-site scripting XSS vulnerability via the MTR component in version 1.0.4...
CVE-2022-2663
A flaw was found in the Linux kernel in nfconntrackirc where the message handling can be confused and it incorrectly matches on the message. An attacker could exploit this vulnerability to bypass firewall when users are using unencrypted IRC with nfconntrackirc configured. Mitigation To mitigate...
CVE-2022-20148
In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-2995
Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...