206363 matches found
CVE-2021-36221
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability. Mitigation Mitigation for this issue is either not available or the...
CVE-2022-24736
A flaw was found in the Redis database when a malformed Lua script can cause a NULL pointer dereference. This flaw allows an attacker to load a crafting script, which results in a crash of the redis-server process. Mitigation If Lua scripting is not being used, this vulnerability can be mitigated...
CVE-2022-27448
An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...
CVE-2022-1196
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash...
CVE-2022-1199
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability...
CVE-2022-24771
A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...
CVE-2022-0635
An assertion check flaw was found in BIND, with a refactoration of RFC 8198 Aggressive Use of the DNSSEC-Validated Cache feature synth-from-dnssec. The repeated patterns of specific queries to servers with this feature enabled could cause an INSIST failure in query.c:querydname, which results in...
CVE-2022-0865
A reachable assertion failure was found in libtiff's JBIG functionality. This flaw allows an attacker who can submit a crafted file to an application linked with libtiff and using the JBIG functionality, causes a crash via an assertion failure, leading to a denial of service. The exact mechanism...
CVE-2022-26878
A memory leak problem was found in the virtbtrxhandle in drivers/bluetooth/virtiobt.c in the Linux kernel. This flaw allows a local attacker to cause a denial of service on the reception of packets with an invalid packet type. Mitigation Mitigation for this issue is either not available or the...
CVE-2022-26387
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified, and Firefox...
CVE-2021-45402
A memory leak flaw was found in the Linux kernel’s BPF subsystem in the way a user triggers the checkaluop function of the BPF verifier. This flaw allows a local user to obtain unauthorized memory access or potentially crash the system. Mitigation The default Red Hat Enterprise Linux kernel...
CVE-2021-45444
A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by a %F%K argument. This occurs because of recursive PROMPTSUBST expansion...
CVE-2021-43616
A flaw was found in npm. The npm ci command proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation and makes it easier for attackers to install malware that was supposed to have been blocked...
CVE-2022-20617
An OS command execution vulnerability was found in the Jenkins Docker Commons plugin. Due to a lack of sanitization in the name of an image or a tag, an attacker with Item/Configure permission or the ability to control the contents of a previously configured job’s SCM repository may be able to...
CVE-2022-21365
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...
CVE-2021-23436
A prototype pollution flaw was found in the Node.js immer module. By adding or modifying properties of Object.prototype using a proto or constructor payload, an attacker could execute arbitrary code on the system...
CVE-2019-11737
If a wildcard '' is specified for the host in Content Security Policy CSP directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox 69...
CVE-2021-43415
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1...
CVE-2021-30897
A flaw was found in the resource timing API specification and its implementation in WebKitGTK. A malicious web site could use this flaw to trigger a cross-domain data exfiltration...
CVE-2021-46142
An invalid pointer operations flaw was found in uriparser's uriNormalizeSyntax function. An attacker with local network access could pass a specially crafted unknown input causing that application to crash...
CVE-2021-4149
A vulnerability was found in btrfsalloctreeb in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service DOS due to a deadlock problem. Mitigation Mitigation for this issue is either not...
CVE-2021-43815
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...
CVE-2021-4001
A race condition was found in the Linux kernel's ebpf verifier between bpfmapupdateelem and bpfmapfreeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege capsysadmin or capbpf can modify the frozen mapped address space. Mitigation Mitigation for...
CVE-2021-3928
A flaw was found in vim. A possible stack-based buffer overflow could allow an attacker to input a specially crafted file leading to a crash or code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation Do not run...
CVE-2021-3896
An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network ISDN functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of...
CVE-2021-42781
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library...
CVE-2021-35624
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2021-41136
An HTTP Request Smuggling vulnerability was found in puma. When using puma with a proxy, which forwards LF characters as line endings, an attacker could use this flaw to smuggle a request through a proxy, causing the proxy to send a response back to another unknown client...
CVE-2021-41611
The squid proxy package may incorrectly classify certain certificates as trusted. This can allow traffic to obtain security trust when the trust is not valid. The highest threat from this vulnerability is to confidentiality and integrity. Mitigation The only mitigation is complete denial to TLS a...
CVE-2021-41799
When processing ApiQueryBacklinks, the full db table scan might be initiated what can cause resource exhaustion and in a consequence the denial of service DoS...
CVE-2020-5529
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is...
CVE-2020-21529
In transfig's fig2dev 3.2.7b it is possible for an attacker to create a specially crafted file that causes a stack buffer overflow due to improper range checks. This leads to a denial of service, impacting availability of the program...
CVE-2021-35268
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS inodes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
CVE-2021-3757
A flaw was found in immer when manipulates object attributes such as proto, constructor and prototype. An attacker can manipulate these values by overwriting and polluting them. Those attributes would be inherited by JavaScript objects which could trigger exception handlers and leading into a...
CVE-2021-37712
A flaw was found in the npm package "tar" aka node-tar. Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an...
CVE-2021-32777
An authorization bypass vulnerability was found in envoyproxy/envoy. Envoy incorrectly evaluates an HTTP request with multiple value headers. This flaw allows an attacker to bypass rule policies that use the extauthz extension. The highest threat from this vulnerability is to confidentiality,...
CVE-2021-29984
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...
CVE-2021-2387
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-32815
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denia...
CVE-2021-26423
An infinite loop error was found in ASP.NET when processing WebSocket frames. The exploitation of this issue can cause high CPU resource consumption. The highest threat from this vulnerability is to system availability...
CVE-2018-25015
A flaw was found in the Linux kernel. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off. The highest threat from the vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-33623
A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service ReDoS for the .end method...
CVE-2021-3489
A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...
CVE-2018-25011
A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2021-3520
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...
CVE-2021-21643
A flaw was found in the config-file-provider Jenkins plugin. The plugin does not correctly perform permission checks in several HTTP endpoints, as a consequence an attacker with global Job/Configure permission can enumerate system-scoped credentials IDs of credentials stored in Jenkins...
CVE-2021-29264
A flaw was found in the Linux kernel. The Freescale Gianfar Ethernet driver allows attackers to cause a system crash due to a negative fragment size calculated in situations involving an RX queue overrun when jumbo packets are used and NAPI is enabled. The highest threat from this vulnerability i...
CVE-2020-36193
A flaw was found in the ArchiveTar package. ArchiveTar could allow a remote attacker to traverse directories on the system caused by inadequate checking of symbolic links. An attacker could send a specially-crafted URL request to the Tar.php script containing "dot dot" sequences /../ to modify...
CVE-2021-28650
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplet...
CVE-2021-20232
A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and denial of service...