206321 matches found
CVE-2024-21654
A flaw was found in Rubygems.org, the Ruby community's gem hosting service. Rubygems.org users with MFA enabled are normally protected from account takeover in the case of email account takeover. However, a workaround in the forgot password form may allow an attacker to bypass the MFA requirement...
CVE-2023-49568
A denial of service DoS vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients. Mitigation In cases where a bump to...
CVE-2024-0340
A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhostnewmsg function. This issue can allow local privileged users to read...
CVE-2023-51779
A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause a denial of service condition or potential code execution...
CVE-2023-50782
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. Mitigation Mitigation for this issue is either not available or the...
CVE-2023-42364
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...
CVE-2023-34050
A flaw was found in Spring Framework AMQP. An allowed list exists in Spring AMQP, but when no allowed list is provided, all classes could be deserialized, allowing a malicious user to send harmful content to the broker. Mitigation An application may be vulnerable if: - The SimpleMessageConverter...
CVE-2023-46137
Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, th...
CVE-2023-5366
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...
CVE-2023-40451
A flaw was found in WebKitGTK. An attacker may be able to execute JavaScript code to trigger Remote Code Execution, resulting in a high impact on data confidentiality, integrity, and system availability...
CVE-2023-5197
A use-after-free vulnerability was found in net/netfilter/nftablesapi.c in the netfilter component in the Linux Kernel. This flaw can be exploited to achieve local privilege escalation. Adding and removing rules from chain bindings within the same transaction leads to a use-after-free issue...
CVE-2023-40167
A flaw was found in Jetty that permits a plus sign + preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400...
CVE-2023-41915
OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files...
CVE-2023-40857
A flaw was found in the yara library. This issue occurs due to a buffer overflow vulnerability in the exe.c component that allows a remote attacker to execute arbtirary code via the yrexecutecod function. Mitigation Mitigation for this issue is either not available or the currently available...
CVE-2023-36053
A regular expression denial of service vulnerability has been found in Django. Email and URL validators are vulnerable to this flaw when processing a very large number of domain name labels of emails and URLs...
CVE-2023-22058
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks...
CVE-2023-1989
A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. A call to btsdioremove with an unfinished job may cause a race problem which leads to a UAF on hdev devices. Mitigation This flaw can be mitigated by preventing the affected Generic Bluetooth SDIO...
CVE-2023-1260
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...
CVE-2022-30704
A flaw was found in hw. Improper initialization in the IntelR TXT SINIT ACM for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access. Mitigation Please contact the hardware vendor for more updates...
CVE-2023-0361
A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send ...
CVE-2023-23455
A denial of service flaw was found in atmtcenqueue in net/sched/schatm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TCACTSHOT condition rather than valid classification results. Mitigation Th...
CVE-2021-26391
A flaw was found in hw. Insufficient verification of multiple header signatures while loading a Trusted Application TA may allow an attacker with privileges to gain code execution in that TA or the OS/kernel. Mitigation Please contact AMD for more updates on this flaw...
CVE-2023-0456
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information...
CVE-2022-44033
A use-after-free flaw was found in the Linux Kernel. This issue occurs due to a race between cm4040open and readerdetach in drivers/char/pcmcia/cm4040cs.c when a physically proximate attacker removes a PCMCIA device while calling open. Mitigation This flaw can be mitigated by preventing the...
CVE-2022-47950
A flaw was found in Swift's S3 XML parser. By supplying specially crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This issue impacts both s3api...
CVE-2022-3520
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...
CVE-2022-3190
A vulnerability was found in Wireshark. This issue occurs due to an Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark, leading to a denial of service via packet injection or crafted capture file...
CVE-2022-20154
A use-after-free flaw due to a race condition was found in the Linux kernel’s sctpdiag module. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To mitigate this issue, prevent the sctp module from being loaded. Please see...
CVE-2022-41912
An authentication bypass flaw was discovered in the crewjam/saml go package. A remote unauthenticated attacker could trigger it by sending a SAML request. This would allow an escalation of privileges and then enable compromising system integrity...
CVE-2022-41940
A flaw was found in engine.io. The Socket.IO Engine.IO is vulnerable to a denial of service caused by an uncaught exception flaw. By sending a specially-crafted HTTP request, a remote, authenticated attacker can cause the Node.js process to crash, resulting in a denial of service...
CVE-2022-45061
A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA RFC 3490 decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be...
CVE-2022-3595
A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sessfreebuffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier ...
CVE-2022-4055
When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attac...
CVE-2022-37598
A prototype pollution vulnerability was found in UglifyJS, stemming from the DEFNODE function in ast.js via the name variable. Exploiting this flaw involves adding or altering properties of the Object.prototype through a "proto" or constructor payload, enabling an attacker to execute arbitrary co...
CVE-2022-39353
A flaw was found in the xmldom package. The xmldom parses XML that is not well-formed because it contains multiple top-level elements, adding all root nodes to the childNodes collection of the Document without reporting errors or throwing. This breaks the assumption that there is only a single ro...
CVE-2022-44638
A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-42919
A vulnerability found in Python. The flaw occurs when used with the forkserver start method on Linux. The Python multiprocessing library allows Python pickles to be deserialized from any user in the same machine's local network namespace in many system configurations, which means any user on the...
CVE-2022-39253
Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone where the source and target of the clone...
CVE-2022-21618
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...
CVE-2022-3586
A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the schsfb enqueue function used the socket buffer SKB cb field after the same SKB had been enqueued and freed into a child qdisc. This flaw allows a local, unprivileged user to to disclose sensitive...
CVE-2022-38251
Nagios XI v5.8.6 was discovered to contain a cross-site scripting XSS vulnerability via the System Performance Settings page under the Admin panel...
CVE-2022-39955
A flaw was found in the OWASP ModSecurity Core Rule Set. A specially crafted HTTP Content-Type header field allows an encoded payload bypass detection, which may be decoded in the back-end application...
CVE-2022-41318
A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure. Mitigation Disable use of the vulnerable authentication scheme...
CVE-2022-39227
A flaw was found in python-jwt, where it was subject to Authentication Bypass vulnerability by spoofing, resulting in identity spoofing, session hijacking, or authentication bypass. This flaw allows an attacker who obtains a JWT to arbitrarily forge its contents without knowing the secret key...
CVE-2022-40154
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service DoS in its target...
CVE-2022-36062
A flaw was found in Grafana. This vulnerability impacts folders/dashboards with Admin-only permissions and where role-based access control RBAC was ever enabled at least once. When RBAC is enabled, Grafana runs migrations that translate legacy access control permissions into RBAC permissions. The...
CVE-2022-35015
A heap buffer overflow vulnerability was found in advancecomp in the leuint32read function of the endianrw.h file. This flaw allows an attacker to trick a user into opening a specially crafted file that could cause an application to crash, leading to a denial of service attack...
CVE-2022-3077
A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. In particular, the userspace controllable "data-block0" variable was not capped to a numbe...
CVE-2022-36055
An out-of-memory panic vulnerability exists in the strvals package, which can lead to a denial of service. Applications that use functions from the strvals package in the Helm SDK can cause panic and denial of service...