Lucene search
+L
UbuntucveMost viewed

71772 matches found

ubuntucve
ubuntucve
added 2023/11/03 9:15 p.m.51 views

CVE-2023-47233

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to...

4.3CVSS6.7AI score0.00315EPSS
Exploits0References19
ubuntucve
ubuntucve
added 2023/09/27 12:0 a.m.51 views

CVE-2023-44216

PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...

5.3CVSS6.1AI score0.01809EPSS
Exploits1References9
ubuntucve
ubuntucve
added 2023/09/15 7:15 p.m.51 views

CVE-2023-36479

Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, th...

3.5CVSS6.8AI score0.01006EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2023/08/22 7:16 p.m.51 views

CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

5.5CVSS6.4AI score0.00483EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2023/08/11 3:15 a.m.51 views

CVE-2022-40964

Improper access control for some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow a privileged user to potentially enable escalation of privilege via local access...

7.9CVSS6.8AI score0.00235EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2023/08/09 12:0 a.m.51 views

CVE-2023-4155

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.7AI score0.00159EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2023/07/05 12:0 a.m.51 views

CVE-2023-31248

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace...

7.8CVSS6.8AI score0.0205EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2023/07/04 12:0 a.m.51 views

CVE-2023-36053

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...

7.5CVSS7.1AI score0.02978EPSS
Exploits0References9
ubuntucve
ubuntucve
added 2023/06/26 7:15 p.m.51 views

CVE-2020-23066

Rejected reason: DO NOT USE THIS CVE ID NUMBER. Consult IDs: CVE-2020-17480. Reason: This CVE Record is a duplicate of CVE-2020-17480. Notes: All CVE users should reference CVE-2020-17480 instead of this record...

6.3AI score
Exploits0References2
ubuntucve
ubuntucve
added 2023/06/18 10:15 p.m.51 views

CVE-2023-35829

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdecremove in drivers/staging/media/rkvdec/rkvdec.c...

7CVSS6.9AI score0.00476EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2023/06/07 3:15 a.m.51 views

CVE-2023-0667

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark...

6.5CVSS7.2AI score0.02008EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2023/06/02 5:15 p.m.51 views

CVE-2023-25748

By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...

4.3CVSS6.7AI score0.00348EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2023/05/26 6:15 p.m.51 views

CVE-2023-32681

Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent...

6.1CVSS6.6AI score0.02974EPSS
Exploits1References6
ubuntucve
ubuntucve
added 2023/05/17 6:15 p.m.51 views

CVE-2023-26044

react/http is an event-driven, streaming HTTP client and server implementation for ReactPHP. Previous versions of ReactPHP's HTTP server component contain a potential DoS vulnerability that can cause high CPU load when processing large HTTP request bodies. This vulnerability has little to no impa...

5.3CVSS6AI score0.0068EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2023/04/19 11:15 p.m.51 views

CVE-2023-28327

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unixdiaggetexact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service...

5.5CVSS6.7AI score0.00189EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2023/04/14 10:15 p.m.51 views

CVE-2023-29383

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...

3.3CVSS6.6AI score0.00428EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2023/04/11 9:15 p.m.51 views

CVE-2023-1989

A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdioremove with an unfinished job, may cause a race problem leading to a UAF on hdev devices...

7.1CVSS6.7AI score0.00387EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2023/03/29 12:0 a.m.51 views

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS6.6AI score0.00343EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2023/03/27 9:15 p.m.51 views

CVE-2023-1076

A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAPNETADMIN, it may not always be the case, e.g., a non-root user only having that...

5.5CVSS6.7AI score0.00257EPSS
Exploits0References13
ubuntucve
ubuntucve
added 2023/03/22 9:15 p.m.51 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS7AI score0.00725EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2023/03/22 12:0 a.m.51 views

CVE-2023-28434

Last updated 21 August 2024...

8.9AI score0.06736EPSS
Exploits2References4
ubuntucve
ubuntucve
added 2023/03/19 3:15 a.m.51 views

CVE-2022-48423

In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An out-of-bounds write may occur...

7.8CVSS6.8AI score0.00266EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2023/03/19 3:15 a.m.51 views

CVE-2022-48424

In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur...

7.8CVSS6.7AI score0.00266EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2023/03/06 10:15 p.m.51 views

CVE-2021-36713

Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function fnCreateCookie. NOTE: 1.9.2 is a version from 2012...

6.1CVSS7AI score0.00792EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2023/03/05 5:15 a.m.51 views

CVE-2015-10088

A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function httpconnect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

8.1CVSS5.4AI score0.00721EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2023/02/23 8:15 p.m.51 views

CVE-2023-23919

A cryptographic vulnerability exists in Node.js 19.2.0, 18.14.1, 16.19.1, 14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread...

7.5CVSS6.8AI score0.02209EPSS
Exploits1References6
ubuntucve
ubuntucve
added 2023/02/03 12:0 a.m.51 views

CVE-2022-24894

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses including headers and returns them to the clients. In a recent change in the AbstractSessionListener, the response...

8.8CVSS6.8AI score0.00753EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2023/01/25 12:0 a.m.51 views

CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7AI score0.13108EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2023/01/25 12:0 a.m.51 views

CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS7.2AI score0.15989EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2023/01/18 12:0 a.m.51 views

CVE-2023-21868

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS6.7AI score0.00879EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2023/01/14 2:15 a.m.51 views

CVE-2023-22497

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

9.1CVSS7AI score0.0068EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2023/01/10 8:15 p.m.51 views

CVE-2023-0129

Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. Chromium security severity: High...

8.8CVSS7.4AI score0.00503EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/11/08 8:15 p.m.51 views

CVE-2022-39377

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic...

7.8CVSS7AI score0.01096EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2022/11/02 2:15 p.m.51 views

CVE-2022-43995

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

7.1CVSS7AI score0.00271EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2022/11/01 8:15 p.m.51 views

CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.3AI score0.01144EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2022/10/25 5:15 p.m.51 views

CVE-2022-41704

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16...

7.5CVSS7AI score0.02143EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2022/10/06 12:0 a.m.51 views

CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...

7.5CVSS6.9AI score0.00307EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/09/26 4:15 p.m.51 views

CVE-2022-3200

Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.00688EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2022/09/23 12:0 a.m.51 views

CVE-2022-2785

There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill pointers in structs passed in to bpfsysbpf are not verified and can point anywhere, including memory not owned by BPF. An attacker with CAPBPF can arbitrarily read memory from anywhere on the system. We...

6.7CVSS6.2AI score0.00255EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/09/21 7:15 a.m.51 views

CVE-2022-41218

In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvbdemuxopen and dvbdmxdevrelease...

5.5CVSS6.8AI score0.00778EPSS
Exploits1References30
ubuntucve
ubuntucve
added 2022/09/19 9:15 p.m.51 views

CVE-2022-28201

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message...

4.4CVSS5.9AI score0.00407EPSS
Exploits1References3
ubuntucve
ubuntucve
added 2022/09/09 9:15 p.m.51 views

CVE-2022-36087

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

6.5CVSS6.9AI score0.01323EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2022/08/25 8:15 p.m.51 views

CVE-2021-35937

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and...

6.4CVSS6.7AI score0.00307EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2022/08/24 4:15 p.m.51 views

CVE-2021-4037

A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belon...

7.8CVSS6.7AI score0.00277EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/08/16 9:15 p.m.51 views

CVE-2022-35107

SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c...

5.5CVSS6.1AI score0.00284EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2022/08/10 8:15 p.m.51 views

CVE-2021-33646

The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...

7.5CVSS6.9AI score0.01438EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/07/28 10:32 p.m.51 views

CVE-2022-32816

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing...

6.5CVSS6.9AI score0.06463EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2022/07/26 10:15 p.m.51 views

CVE-2022-1639

Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.00735EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2022/07/19 10:15 p.m.51 views

CVE-2022-21455

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.00962EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2022/07/17 11:15 p.m.51 views

CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

7.5CVSS7.4AI score0.02073EPSS
Exploits3References1
Total number of security vulnerabilities5000