Lucene search
K
UbuntucveMost viewed

68528 matches found

UbuntuCve
UbuntuCve
•added 2019/01/31 6:29 p.m.•135 views

CVE-2019-6110

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred...

6.8CVSS7AI score0.20906EPSS
Exploits8References3
UbuntuCve
UbuntuCve
•added 2017/09/15 7:29 p.m.•135 views

CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.1CVSS7AI score0.99461EPSS
Exploits23References3
UbuntuCve
UbuntuCve
•added 2020/09/14 5:15 p.m.•134 views

CVE-2019-0230

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution...

9.8CVSS7.6AI score0.97399EPSS
Exploits15References1
UbuntuCve
UbuntuCve
•added 2024/02/05 6:15 p.m.•132 views

CVE-2024-24267

gpac v2.2.1 fixed in v2.4.0 was discovered to contain a memory leak via the gfioblob variable in the gffileiofromblob function...

7.5CVSS7.1AI score0.01635EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2023/04/11 9:15 p.m.•132 views

CVE-2023-26551

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd...

5.6CVSS6.8AI score0.0067EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2021/07/15 5:15 p.m.•132 views

CVE-2021-34429

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc...

5.3CVSS6.8AI score0.99298EPSS
Exploits6References2
UbuntuCve
UbuntuCve
•added 2018/01/18 11:29 p.m.•132 views

CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.9AI score0.29726EPSS
Exploits2References4
UbuntuCve
UbuntuCve
•added 2006/12/14 12:28 a.m.•132 views

CVE-2006-5875

eoc.py in Enemies of Carlotta EoC before 1.2.4 allows remote attackers to execute arbitrary commands via shell metacharacters in an "SMTP level e-mail address"...

6.8CVSS6.1AI score0.01882EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2023/07/15 2:15 a.m.•130 views

CVE-2023-38350

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26...

5.4CVSS6.1AI score0.00449EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2023/06/12 8:15 p.m.•130 views

CVE-2023-3161

A flaw was found in the Framebuffer Console fbcon in the Linux Kernel. When providing font-width and font-height greater than 32 to fbconsetfont, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service...

5.5CVSS6.7AI score0.00206EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2021/04/23 6:15 p.m.•130 views

CVE-2021-22205

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution...

10CVSS7.2AI score0.99731EPSS
Exploits30References5
UbuntuCve
UbuntuCve
•added 2022/01/14 8:15 a.m.•129 views

CVE-2022-23222

kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain ORNULL pointer types...

7.8CVSS6.8AI score0.01914EPSS
Exploits5References9
UbuntuCve
UbuntuCve
•added 2022/09/13 6:15 p.m.•128 views

CVE-2022-32190

JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...

7.5CVSS6.9AI score0.01739EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2021/08/18 3:15 p.m.•128 views

CVE-2021-21781

An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4 seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a...

4CVSS6.3AI score0.00508EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2023/10/13 10:15 a.m.•127 views

CVE-2023-38000

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

6.5CVSS6.7AI score0.00788EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2023/06/13 5:15 p.m.•127 views

CVE-2023-31439

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security...

5.3CVSS6.8AI score0.00352EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2023/03/22 12:0 a.m.•127 views

CVE-2023-28432

Last updated 21 August 2024...

7.9AI score0.83957EPSS
Exploits13References4
UbuntuCve
UbuntuCve
•added 2022/09/06 6:15 p.m.•127 views

CVE-2022-27664

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...

7.5CVSS6.8AI score0.02607EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2020/08/07 4:15 p.m.•127 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

7.5CVSS7AI score0.58716EPSS
Exploits2References4
UbuntuCve
UbuntuCve
•added 2024/09/04 7:15 p.m.•126 views

CVE-2024-44952

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.7AI score
Exploits0References17
UbuntuCve
UbuntuCve
•added 2023/07/14 10:15 p.m.•126 views

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

9.8CVSS7.2AI score0.01763EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2023/07/01 12:15 a.m.•126 views

CVE-2023-30586

A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine API can be used to bypass...

7.5CVSS7.1AI score0.01348EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2021/08/12 9:15 p.m.•125 views

CVE-2021-33056

Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message...

7.5CVSS7.2AI score0.01294EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2023/08/30 10:15 p.m.•123 views

CVE-2023-41040

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git...

6.5CVSS6.6AI score0.01012EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2023/06/16 8:15 p.m.•123 views

CVE-2023-34475

A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an heap-use-after-free write error, allowing an application to crash, resulting in a denial of service...

5.5CVSS6.1AI score0.00352EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2023/06/08 12:0 a.m.•123 views

CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2023/05/04 5:15 a.m.•123 views

CVE-2023-26125

Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. Note: Although this issue does not pose a significant...

7.3CVSS6.8AI score0.00905EPSS
Exploits1References7
UbuntuCve
UbuntuCve
•added 2020/05/19 9:15 p.m.•123 views

CVE-2020-7656

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "" HTML tags that contain a whitespace character, i.e: "", which results in the enclosed script logic to be executed...

6.1CVSS6.8AI score0.06273EPSS
Exploits4References2
UbuntuCve
UbuntuCve
•added 2023/02/28 12:0 a.m.•122 views

CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...

7.8CVSS7.7AI score0.01286EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2022/01/25 2:15 p.m.•122 views

CVE-2022-21697

Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery SSRF. Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affected. A lack of...

7.1CVSS7AI score0.01096EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2015/08/24 1:59 a.m.•121 views

CVE-2015-6564

Use-after-free vulnerability in the mmanswerpamfreectx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITORREQPAMFREECTX request...

7CVSS6.8AI score0.00599EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2023/09/12 8:15 p.m.•120 views

CVE-2023-4921

A use-after-free vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfqdequeue due to the incorrect .peek handler of...

7.8CVSS6.7AI score0.00396EPSS
Exploits1References26
UbuntuCve
UbuntuCve
•added 2022/12/23 12:0 a.m.•120 views

CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

7.5CVSS6.9AI score0.02659EPSS
Exploits1References8
UbuntuCve
UbuntuCve
•added 2022/06/21 12:0 a.m.•120 views

CVE-2022-2068

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

10CVSS7.2AI score0.96275EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2019/12/20 11:15 p.m.•120 views

CVE-2019-19919

Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's proto and defineGetter properties, which may allow an attacker to execute arbitrary code through crafted payloads...

9.8CVSS7AI score0.07066EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2018/03/26 12:0 a.m.•121 views

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

8.1CVSS6.7AI score0.86006EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2022/01/20 11:0 a.m.•119 views

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

7.3CVSS7AI score0.01376EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2015/03/31 12:0 a.m.•119 views

CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

5CVSS6.3AI score0.73851EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2023/08/22 7:16 p.m.•118 views

CVE-2022-48174

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution...

9.8CVSS6.9AI score0.02979EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2023/11/15 12:0 a.m.•117 views

CVE-2023-44444

GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio...

7.8CVSS7.5AI score0.56404EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2023/05/30 12:0 a.m.•117 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

6.5CVSS6.7AI score0.75116EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2018/02/06 5:29 p.m.•117 views

CVE-2018-6389

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service resource consumption by using the large list of registered .js files from wp-includes/script-loader.php to construct a series of requests to load every file many times...

7.5CVSS7.2AI score0.73098EPSS
Exploits11References4
UbuntuCve
UbuntuCve
•added 2024/12/02 12:0 a.m.•116 views

CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

7.8CVSS6.7AI score0.03301EPSS
Exploits1References58
UbuntuCve
UbuntuCve
•added 2023/04/19 12:15 a.m.•116 views

CVE-2023-27043

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...

5.3CVSS6.7AI score0.02527EPSS
Exploits1References8
UbuntuCve
UbuntuCve
•added 2023/12/20 12:0 a.m.•115 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2023/07/11 11:15 p.m.•115 views

CVE-2023-37766

GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gfisomremoveuserdata function at /lib/libgpac.so...

5.5CVSS6.1AI score0.00334EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2023/05/04 2:15 p.m.•115 views

CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...

9.8CVSS6.8AI score0.05552EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2021/07/15 2:15 p.m.•115 views

CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic...

6.5CVSS6.8AI score0.06975EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2021/04/15 9:15 p.m.•115 views

CVE-2021-29447

Wordpress is an open source CMS. A user with the ability to upload files like an Author can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has...

7.1CVSS6.6AI score0.85719EPSS
Exploits20References3
UbuntuCve
UbuntuCve
•added 2019/11/27 9:15 p.m.•115 views

CVE-2011-2523

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp...

10CVSS7.2AI score0.96184EPSS
Exploits36References1
Total number of security vulnerabilities5000