71772 matches found
CVE-2022-36318
When visiting directory listings for chrome:// URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...
CVE-2022-1364
Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-33656
When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...
CVE-2022-32117
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryxprintunhandledexception in /util/print.c...
CVE-2022-22677
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...
CVE-2022-31056
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms Ticket/Change/Problem permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and...
CVE-2022-2208
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163...
CVE-2022-31033
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site...
CVE-2022-30790
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552...
CVE-2022-1940
A Stored Cross-Site Scripting vulnerability in Jira integration in GitLab EE affecting all versions from 13.11 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows an attacker to execute arbitrary JavaScript code in GitLab on a victim's behalf via specially crafted Jira Issues...
CVE-2022-1972
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2022-22577
An XSS Vulnerability in Action Pack = 5.2.0 and 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses...
CVE-2022-21499
KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...
CVE-2022-24434
This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes...
CVE-2022-28184
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape, where an unprivileged regular user can access administrator- privileged registers, which may lead to denial of service, information disclosure, and data...
CVE-2022-1650
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...
CVE-2022-1545
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note...
CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
CVE-2022-29869
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign characters but is not a valid credentials file...
CVE-2022-27775
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead...
CVE-2022-21457
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2022-28048
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...
CVE-2021-32162
A Cross-site request forgery CSRF vulnerability exists in Webmin 1.973 through the File Manager feature...
CVE-2022-22629
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-22950
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition...
CVE-2021-39698
In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2020-36518
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects...
CVE-2022-24687
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.9.14, 1.10.7, and 1.11.2 clusters with at least one Ingress Gateway allow a user with service:write to register a specifically-defined service that can cause Consul servers to panic. Fixed in 1.9.15, 1.10.8, and 1.11.3...
CVE-2021-45083
An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobble...
CVE-2021-45386
tcpreplay 4.3.4 has a Reachable Assertion in addtreeipv6 at tree.c...
CVE-2021-4154
A use-after-free flaw was found in cgroup1parseparam in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service ...
CVE-2021-46668
MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...
CVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...
CVE-2022-23221
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNOREUNKNOWNSETTINGS=TRUE;FORBIDCREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392...
CVE-2022-21341
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...
CVE-2022-21282
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result ...
CVE-2021-37983
Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2011-4124
Input validation issues were found in Calibre at devices/linuxmounthelper.c which can lead to argument injection and elevation of privileges...
CVE-2021-35588
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker wi...
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...
CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
CVE-2020-21913
International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp...
CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
CVE-2020-18734
A stack buffer overflow in /ddsi/qbitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash...
CVE-2020-23171
A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file...
CVE-2021-38198
arch/x86/kvm/mmu/pagingtmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault...
CVE-2021-3655
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory...
CVE-2021-3612
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from th...
CVE-2021-0512
In hidinputchangeresolutionmultipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...