Lucene search
+L
UbuntucveMost viewed

71772 matches found

UbuntuCve
UbuntuCve
added 2024/05/06 8:15 p.m.68 views

CVE-2024-33599

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was...

8.1CVSS7.2AI score0.0131EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/05 1:15 p.m.68 views

CVE-2023-5692

WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6.4.3 via the redirectguess404permalink function. This can allow unauthenticated attackers to expose the slug of a custom post whose 'publiclyqueryable' post status has been set to 'false'...

5.3CVSS6.7AI score0.00741EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/04/05 12:0 a.m.68 views

CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2024/02/09 12:0 a.m.68 views

CVE-2024-20328

A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file nam...

5.3CVSS7.1AI score0.84841EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/01/15 8:15 p.m.68 views

CVE-2024-0565

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

7.4CVSS6.7AI score0.01999EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2024/01/05 12:0 a.m.68 views

CVE-2023-52323

PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack...

5.9CVSS6.5AI score0.00618EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/01/04 5:15 p.m.68 views

CVE-2023-6270

A flaw was found in the ATA over Ethernet AoE driver in the Linux kernel. The aoecmdcfgpkts function improperly updates the refcnt on struct netdevice, and a use-after-free can be triggered by racing between the free on the struct and the access through the skbtxq global queue. This could lead to...

7CVSS6.7AI score0.0041EPSS
Exploits0References32
UbuntuCve
UbuntuCve
added 2023/09/14 8:15 p.m.68 views

CVE-2023-4563

Rejected reason: This was assigned as a duplicate of CVE-2023-4244...

6.7AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/08/30 12:0 a.m.68 views

CVE-2023-4575

When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable...

6.5CVSS6.7AI score0.00571EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/08/22 7:16 p.m.68 views

CVE-2022-44730

Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...

4.4CVSS6.8AI score0.00749EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2023/08/03 12:0 a.m.68 views

CVE-2023-3995

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2023-4147...

6.7AI score
Exploits1References14
UbuntuCve
UbuntuCve
added 2023/03/20 12:0 a.m.68 views

CVE-2023-27536

An authentication bypass vulnerability exists libcurl 8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPTGSSAPIDELEGATION option. This vulnerability affects...

5.9CVSS6.7AI score0.01566EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/10/24 2:15 p.m.68 views

CVE-2022-43680

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations...

7.5CVSS6.8AI score0.0226EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2022/10/18 12:0 a.m.68 views

CVE-2022-2602

iouring UAF, Unix SCM garbage collection...

7CVSS6.6AI score0.01433EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2022/09/21 12:0 a.m.68 views

CVE-2022-38177

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.1AI score0.0228EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/05/20 12:0 a.m.68 views

CVE-2022-1729

A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc...

7CVSS6.8AI score0.0031EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2022/05/03 12:0 a.m.68 views

CVE-2022-1343

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

5.3CVSS6.8AI score0.01174EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/04/11 12:0 a.m.68 views

CVE-2022-28893

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xsxprtfree before ensuring that sockets are in the intended state...

7.8CVSS6.8AI score0.004EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2022/02/18 6:15 p.m.68 views

CVE-2021-4091

A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash...

7.5CVSS6.7AI score0.02014EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/02/18 6:15 p.m.68 views

CVE-2021-20320

A flaw was found in s390 eBPF JIT in bpfjitinsn in arch/s390/net/bpfjitcomp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem...

5.5CVSS6.7AI score0.00254EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/02/17 5:0 p.m.68 views

CVE-2021-4120

snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement. Fixed in snapd versions...

8.2CVSS7.1AI score0.00437EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2022/02/14 10:15 p.m.68 views

CVE-2021-45005

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements...

9.8CVSS7.3AI score0.01456EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/12/31 12:0 a.m.68 views

CVE-2021-4202

A use-after-free flaw was found in ncirequest in net/nfc/nci/core.c in NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem...

7CVSS6.7AI score0.00357EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2021/12/17 8:15 p.m.68 views

CVE-2021-41495

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error ca...

5.3CVSS6.8AI score0.01154EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2021/10/21 12:0 a.m.68 views

CVE-2021-42097

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrftoken value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin e.g., for account takeover...

8.5CVSS7AI score0.01289EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/09/17 12:0 a.m.68 views

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to...

7.9CVSS6.7AI score0.01736EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2021/08/31 12:0 a.m.68 views

CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability...

7.5CVSS6.9AI score0.11994EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2021/02/26 3:15 a.m.68 views

CVE-2021-21330

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the...

6.1CVSS6.7AI score0.01905EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2020/12/02 1:15 a.m.68 views

CVE-2020-14305

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this...

8.3CVSS6.7AI score0.05114EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2020/05/15 6:15 p.m.68 views

CVE-2020-12888

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space...

5.3CVSS6.8AI score0.00404EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2017/10/03 12:0 a.m.68 views

CVE-2017-12617

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted...

8.1CVSS7.1AI score0.99988EPSS
Exploits23References6
UbuntuCve
UbuntuCve
added 2013/07/23 5:20 p.m.68 views

CVE-2013-2249

modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

7.5CVSS7.2AI score0.14255EPSS
Exploits3References2
UbuntuCve
UbuntuCve
added 2011/01/18 12:0 a.m.68 views

CVE-2006-7243

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the fileexists function...

5CVSS7AI score0.05363EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2010/12/09 12:0 a.m.68 views

CVE-2010-3771

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a...

6.8CVSS7.4AI score0.02316EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/02/04 7:30 p.m.68 views

CVE-2009-0354

Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting XSS attacks, via vectors involving a chrome XBL method and the window.eval...

2.6CVSS7.3AI score0.02323EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.67 views

CVE-2026-23122

In the Linux kernel, the following vulnerability has been resolved: igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue The previous 7 KB per queue caused TX unit hangs under heavy timestamping load. Reducing to 5 KB avoids these hangs and matches the TSN recommendation in I225/I226 SW Use...

5.5CVSS5.9AI score0.001EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/11/28 7:15 a.m.67 views

CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS...

6.8CVSS6.8AI score0.01297EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2023/10/29 4:15 a.m.67 views

CVE-2023-46862

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...

4.7CVSS6.7AI score0.00227EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2023/10/10 6:15 p.m.67 views

CVE-2023-42794

Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened ...

5.9CVSS6.8AI score0.01854EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/09/12 12:0 a.m.67 views

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS7.2AI score0.99735EPSS
Exploits9References10
UbuntuCve
UbuntuCve
added 2023/09/06 2:15 p.m.67 views

CVE-2023-4208

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. When u32change is called on an existing filter, the whole tcfresult struct is always copied into the new instance of the filter. This causes a problem when...

7.8CVSS6.7AI score0.00296EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/06/08 12:0 a.m.67 views

CVE-2023-29403

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

7.8CVSS6.7AI score0.00429EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2023/05/25 8:15 p.m.67 views

CVE-2023-0950

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

7.8CVSS7.1AI score0.003EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/03/31 5:15 p.m.67 views

CVE-2023-28879

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...

9.8CVSS7.4AI score0.06341EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2023/01/09 11:15 a.m.67 views

CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...

8.8CVSS7.1AI score0.00285EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2022/11/25 2:15 p.m.67 views

CVE-2022-4141

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command...

7.8CVSS7.3AI score0.00423EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/08/24 9:15 a.m.67 views

CVE-2022-38078

Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and...

9.8CVSS7.3AI score0.01854EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/08/09 5:0 p.m.67 views

CVE-2022-2588

It was discovered that the clsroute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0...

7.8CVSS7AI score0.05871EPSS
Exploits7References15
UbuntuCve
UbuntuCve
added 2022/07/14 12:15 p.m.67 views

CVE-2022-25803

Best Practical Request Tracker RT before 5.0.3 has an Open Redirect via a ticket search...

6.1CVSS6.3AI score0.00494EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/06/02 9:15 p.m.67 views

CVE-2022-32250

net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...

7.8CVSS6.7AI score0.02881EPSS
Exploits6References5
Total number of security vulnerabilities5000