Lucene search
K
UbuntucveMost viewed

68528 matches found

UbuntuCve
UbuntuCve
added 2023/04/13 12:0 a.m.276 views

CVE-2023-1998

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...

5.6CVSS6.7AI score0.01377EPSS
Exploits3References15
UbuntuCve
UbuntuCve
added 2021/08/03 7:15 p.m.276 views

CVE-2021-32804

The npm package "tar" aka node-tar before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when th...

8.2CVSS6.8AI score0.15014EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2023/10/14 2:15 a.m.275 views

CVE-2023-45853

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

9.8CVSS7AI score0.03179EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/01/03 5:15 p.m.274 views

CVE-2024-0217

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any...

3.3CVSS5.8AI score0.00228EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/03/07 12:0 a.m.273 views

CVE-2023-25690

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

9.8CVSS6.8AI score0.8377EPSS
Exploits5References3
UbuntuCve
UbuntuCve
added 2024/05/03 3:15 a.m.268 views

CVE-2023-40481

7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.27087EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/07/02 10:15 p.m.267 views

CVE-2024-24791

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.9AI score0.01414EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2023/10/23 7:15 a.m.266 views

CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

7.5CVSS6.9AI score0.70595EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2012/01/05 12:0 a.m.266 views

CVE-2011-4576

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer...

5CVSS7.2AI score0.14523EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/12/23 12:0 a.m.265 views

CVE-2022-40897

Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py...

5.9CVSS6.8AI score0.02617EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/02/19 5:15 a.m.264 views

CVE-2016-20013

sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service CPU consumption because the algorithm's runtime is proportional to the square of the length of the password...

7.5CVSS7.1AI score0.02234EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2021/02/05 10:15 p.m.264 views

CVE-2021-21303

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

6.8CVSS7AI score0.0103EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/05/08 12:0 a.m.263 views

CVE-2024-24788

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop...

5.9CVSS6.8AI score0.01001EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/08/26 6:15 a.m.261 views

CVE-2024-41996

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource...

7.5CVSS6.8AI score0.01083EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/08/06 11:15 p.m.261 views

CVE-2020-15136

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

6.5CVSS6.7AI score0.01636EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/05/25 7:15 p.m.260 views

CVE-2021-32640

ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...

5.3CVSS6.6AI score0.02821EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2021/04/20 4:15 p.m.260 views

CVE-2021-28156

HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10...

7.5CVSS7AI score0.02273EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/09/07 4:15 p.m.258 views

CVE-2024-36138

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn / childprocess.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option i...

8.1CVSS7.6AI score0.01098EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/01/31 5:15 a.m.258 views

CVE-2022-24130

xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in setsixel in graphicssixel.c via crafted text...

5.5CVSS6.3AI score0.01694EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/05/16 9:15 p.m.257 views

CVE-2022-37341

Improper access control in some IntelR Ethernet Adapters and IntelR Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/04/25 5:15 p.m.256 views

CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS6.2AI score0.00516EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2005/01/24 5:0 a.m.256 views

CVE-2005-0145

Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature...

2.6CVSS5.9AI score0.01044EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/11/22 9:15 p.m.255 views

CVE-2024-11612

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on th...

6.5CVSS6.8AI score0.01703EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/09/13 7:15 p.m.254 views

CVE-2022-26929

.NET Framework Remote Code Execution Vulnerability...

7.8CVSS7.2AI score0.01356EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/03/10 12:0 a.m.253 views

CVE-2022-23042

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

7CVSS6.5AI score0.00359EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/08/16 8:15 a.m.253 views

CVE-2021-23423

This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing include, include-code or include-raw block is processed. The contents of arbitrary files could be disclosed in the HTML output...

7.5CVSS7.1AI score0.01106EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/02/14 12:0 a.m.251 views

CVE-2023-25567

GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the avpair is not checked properly for two of the elements which can trigger an out-of-bound read. The...

7.5CVSS7AI score0.01103EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/01/26 6:15 p.m.249 views

CVE-2020-35239

A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP checks. Additionally, t...

8.8CVSS7.2AI score0.006EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/08/15 9:15 p.m.247 views

CVE-2024-7868

In Xpdf 4.05 and earlier, invalid header info in a DCT JPEG stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address...

8.2CVSS5.9AI score0.00391EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/08/02 12:0 a.m.247 views

CVE-2023-4016

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap...

3.3CVSS6.8AI score0.00241EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/12/11 12:0 a.m.246 views

CVE-2024-11053

When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...

3.4CVSS6.8AI score0.01378EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/12/06 4:15 p.m.246 views

CVE-2024-12254

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.1AI score0.0188EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/12/05 8:15 p.m.246 views

CVE-2024-53589

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD Binary File Descriptor library's handling of tekhex format files...

8.4CVSS6.6AI score0.00268EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/10/16 5:15 p.m.246 views

CVE-2024-9143

Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution,...

4.3CVSS6.9AI score0.05966EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/11/15 6:15 p.m.244 views

CVE-2024-52522

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target...

5.4CVSS6.9AI score0.00214EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/05/03 3:16 a.m.244 views

CVE-2023-51596

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...

7.1CVSS7.4AI score0.01493EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/07/09 8:15 p.m.243 views

CVE-2024-6501

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service...

3.1CVSS5.8AI score0.00447EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/09/28 11:15 p.m.240 views

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

6.5CVSS6.8AI score0.49336EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2024/11/26 12:0 a.m.239 views

CVE-2024-52336

A script injection vulnerability was identified in the Tuned package. The instancecreate D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with scriptpre or scriptpost options that permit arbitrary...

7.8CVSS7AI score0.00287EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/11/12 2:15 a.m.239 views

CVE-2024-49393

In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality...

6.5CVSS7.1AI score0.00331EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/11/12 10:15 p.m.236 views

CVE-2024-11168

The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser...

6.3CVSS6.8AI score0.0067EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/11/06 8:15 p.m.234 views

CVE-2024-51754

Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...

2.2CVSS5.8AI score0.0044EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/29 1:15 p.m.234 views

CVE-2024-27322

Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user’s system when interacted...

8.8CVSS7.5AI score0.23618EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2022/11/09 7:15 a.m.234 views

CVE-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

7.5CVSS6.9AI score0.02453EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2023/05/02 6:15 p.m.229 views

CVE-2023-30861

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

7.5CVSS6.9AI score0.01261EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2022/01/27 1:15 p.m.228 views

CVE-2022-23181

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is...

7CVSS7.1AI score0.00692EPSS
Exploits16References5
UbuntuCve
UbuntuCve
added 2015/01/28 11:59 a.m.228 views

CVE-2015-1419

Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to denyfile parsing...

5CVSS5.9AI score0.06725EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2013/07/08 10:55 p.m.222 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.8CVSS7.2AI score0.81802EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2024/01/19 6:15 p.m.213 views

CVE-2024-22913

A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution...

7.8CVSS7.1AI score0.00357EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2023/12/07 9:15 a.m.210 views

CVE-2023-50164

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this...

9.8CVSS7.3AI score0.80819EPSS
Exploits15References4
Total number of security vulnerabilities5000