Lucene search

K

Leap Security Vulnerabilities

cve
cve

CVE-2020-8252

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

7.8CVSS

7.9AI Score

0.001EPSS

2020-09-18 09:15 PM
218
3
cve
cve

CVE-2020-8432

In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identif...

9.8CVSS

9.4AI Score

0.008EPSS

2020-01-29 07:15 PM
156
2
cve
cve

CVE-2020-8449

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.

7.5CVSS

7.4AI Score

0.002EPSS

2020-02-04 08:15 PM
304
4
cve
cve

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.

7.3CVSS

7.5AI Score

0.919EPSS

2020-02-04 08:15 PM
753
4
cve
cve

CVE-2020-8492

Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.

6.5CVSS

7AI Score

0.006EPSS

2020-01-30 07:15 PM
2210
4
cve
cve

CVE-2020-8517

An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexp...

7.5CVSS

7.4AI Score

0.004EPSS

2020-02-04 08:15 PM
242
4
cve
cve

CVE-2020-8608

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

5.6CVSS

6.5AI Score

0.007EPSS

2020-02-06 05:15 PM
328
3
cve
cve

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

7.5CVSS

7AI Score

0.972EPSS

2020-05-19 02:15 PM
747
cve
cve

CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

4.9CVSS

5.1AI Score

0.002EPSS

2020-06-17 10:15 PM
228
cve
cve

CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry ...

4.9CVSS

5.2AI Score

0.003EPSS

2020-06-17 10:15 PM
762
cve
cve

CVE-2020-8620

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

7.5CVSS

7.3AI Score

0.02EPSS

2020-08-21 09:15 PM
297
3
cve
cve

CVE-2020-8621

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.

7.5CVSS

7.3AI Score

0.011EPSS

2020-08-21 09:15 PM
208
cve
cve

CVE-2020-8622

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated respons...

6.5CVSS

6.9AI Score

0.004EPSS

2020-08-21 09:15 PM
574
3
cve
cve

CVE-2020-8623

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be ...

7.5CVSS

7.5AI Score

0.024EPSS

2020-08-21 09:15 PM
404
3
cve
cve

CVE-2020-8624

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of th...

4.3CVSS

5.8AI Score

0.003EPSS

2020-08-21 09:15 PM
350
3
cve
cve

CVE-2020-8631

cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.

5.5CVSS

5.5AI Score

0.0004EPSS

2020-02-05 02:15 PM
168
cve
cve

CVE-2020-8632

In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.

5.5CVSS

5.5AI Score

0.0004EPSS

2020-02-05 02:15 PM
165
cve
cve

CVE-2020-8647

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.

6.1CVSS

6.5AI Score

0.0004EPSS

2020-02-06 01:15 AM
290
cve
cve

CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1CVSS

7AI Score

0.001EPSS

2020-02-06 01:15 AM
399
2
cve
cve

CVE-2020-8649

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.

5.9CVSS

6.2AI Score

0.001EPSS

2020-02-06 01:15 AM
298
cve
cve

CVE-2020-8834

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel t...

6.5CVSS

6.6AI Score

0.001EPSS

2020-04-09 10:15 PM
315
cve
cve

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the ...

7.8CVSS

7.3AI Score

0.001EPSS

2020-06-22 02:15 PM
138
2
cve
cve

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and moun...

7.8CVSS

7.5AI Score

0.001EPSS

2020-06-22 02:15 PM
138
3
cve
cve

CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli libr...

6.5CVSS

7AI Score

0.01EPSS

2020-09-15 10:15 AM
368
2
cve
cve

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an...

7.8CVSS

7.5AI Score

0.001EPSS

2020-06-22 02:15 PM
143
3
cve
cve

CVE-2020-8955

irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).

9.8CVSS

9.7AI Score

0.024EPSS

2020-02-12 10:15 PM
169
cve
cve

CVE-2020-8992

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.

5.5CVSS

5.5AI Score

0.0004EPSS

2020-02-14 05:15 AM
277
cve
cve

CVE-2020-9272

ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.

7.5CVSS

7.8AI Score

0.002EPSS

2020-02-20 04:15 PM
654
4
cve
cve

CVE-2020-9273

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.

8.8CVSS

8.7AI Score

0.07EPSS

2020-02-20 04:15 PM
204
24
cve
cve

CVE-2020-9383

An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.

7.1CVSS

6.7AI Score

0.0004EPSS

2020-02-25 04:15 PM
226
4
cve
cve

CVE-2020-9428

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

7.5CVSS

7.2AI Score

0.003EPSS

2020-02-27 11:15 PM
189
cve
cve

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.

7.5CVSS

7.1AI Score

0.004EPSS

2020-02-27 11:15 PM
187
cve
cve

CVE-2020-9430

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.

7.5CVSS

7.1AI Score

0.005EPSS

2020-02-27 11:15 PM
174
5
cve
cve

CVE-2020-9431

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

7.5CVSS

7.1AI Score

0.003EPSS

2020-02-27 11:15 PM
169
cve
cve

CVE-2020-9484

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the Persisten...

7CVSS

7.5AI Score

0.914EPSS

2020-05-20 07:15 PM
1047
23
cve
cve

CVE-2020-9490

Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for...

7.5CVSS

8.3AI Score

0.007EPSS

2020-08-07 04:15 PM
2833
In Wild
4
cve
cve

CVE-2021-26675

A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute code.

8.8CVSS

8.7AI Score

0.002EPSS

2021-02-09 04:15 PM
159
9
cve
cve

CVE-2021-26676

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.

6.5CVSS

7.1AI Score

0.001EPSS

2021-02-09 04:15 PM
156
6
cve
cve

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.5CVSS

7.4AI Score

0.005EPSS

2022-01-01 05:15 AM
319
2
cve
cve

CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5CVSS

7.5AI Score

0.005EPSS

2022-01-01 06:15 AM
367
2
cve
cve

CVE-2021-46141

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

5.5CVSS

5.2AI Score

0.001EPSS

2022-01-06 04:15 AM
101
cve
cve

CVE-2021-46142

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

5.5CVSS

5.2AI Score

0.001EPSS

2022-01-06 04:15 AM
95
cve
cve

CVE-2022-31252

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the pa...

4.4CVSS

4.2AI Score

0.0004EPSS

2022-10-06 06:16 PM
77
9
cve
cve

CVE-2022-45153

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. ...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-02-15 10:15 AM
38
cve
cve

CVE-2023-32182

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before ...

7.8CVSS

7.4AI Score

0.0004EPSS

2023-09-19 04:15 PM
37
Total number of security vulnerabilities1895