Lucene search

K
DebianDebian Linux

9125 matches found

CVE
CVE
added 2021/06/10 7:15 a.m.1168 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

5.3CVSS7.5AI score0.20869EPSS
CVE
CVE
added 2022/05/03 4:15 p.m.1164 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.41603EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1160 views

CVE-2020-13950

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

7.5CVSS8.4AI score0.16331EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1160 views

CVE-2021-37973

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.5AI score0.19205EPSS
In wild
CVE
CVE
added 2019/08/01 2:15 p.m.1159 views

CVE-2019-0193

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging...

9CVSS6.8AI score0.9325EPSS
In wild
CVE
CVE
added 2015/05/21 12:59 a.m.1158 views

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then ...

4.3CVSS4.8AI score0.93647EPSS
In wild
CVE
CVE
added 2022/06/21 3:15 p.m.1158 views

CVE-2022-2068

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there ...

10CVSS9.2AI score0.51848EPSS
CVE
CVE
added 2012/01/28 4:5 a.m.1157 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in co...

4.3CVSS6.2AI score0.82458EPSS
CVE
CVE
added 2022/08/24 8:15 p.m.1154 views

CVE-2022-32893

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have b...

8.8CVSS8.8AI score0.00134EPSS
In wild
CVE
CVE
added 2020/11/06 8:15 a.m.1153 views

CVE-2020-16846

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.

9.8CVSS9.3AI score0.94387EPSS
In wildWeb
CVE
CVE
added 2023/01/18 5:15 p.m.1147 views

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affect...

7.8CVSS7.7AI score0.43244EPSS
Web
CVE
CVE
added 2024/04/25 6:15 a.m.1145 views

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with aback-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms...add_elem("0000000X") timeout 100 m...

5.9CVSS6.2AI score0.00088EPSS
CVE
CVE
added 2022/01/26 2:15 p.m.1136 views

CVE-2021-22600

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

7.2CVSS6.8AI score0.00074EPSS
In wild
CVE
CVE
added 2021/11/23 10:15 p.m.1133 views

CVE-2021-38003

Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.79679EPSS
In wildWeb
CVE
CVE
added 2019/02/22 11:29 p.m.1132 views

CVE-2019-9023

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regco...

9.8CVSS8.5AI score0.09205EPSS
CVE
CVE
added 2013/06/26 3:19 a.m.1128 views

CVE-2013-1690

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possi...

9.3CVSS7.4AI score0.48488EPSS
In wild
CVE
CVE
added 2018/11/14 3:29 p.m.1126 views

CVE-2018-17463

Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.8AI score0.89601EPSS
In wildWeb
CVE
CVE
added 2021/10/08 10:15 p.m.1124 views

CVE-2021-37975

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.2AI score0.52102EPSS
In wild
CVE
CVE
added 2018/03/26 3:29 p.m.1116 views

CVE-2018-1301

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level)...

5.9CVSS7.5AI score0.00836EPSS
CVE
CVE
added 2015/07/16 10:59 a.m.1113 views

CVE-2015-2590

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

10CVSS4.2AI score0.76849EPSS
In wild
CVE
CVE
added 2021/10/08 10:15 p.m.1111 views

CVE-2021-37976

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.5AI score0.11445EPSS
In wild
CVE
CVE
added 2019/01/30 10:29 p.m.1106 views

CVE-2018-17189

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.

5.3CVSS6.1AI score0.00736EPSS
CVE
CVE
added 2023/04/14 7:15 p.m.1106 views

CVE-2023-2033

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.08355EPSS
In wild
CVE
CVE
added 2021/11/23 10:15 p.m.1103 views

CVE-2021-38000

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.

6.1CVSS6.6AI score0.02914EPSS
In wild
CVE
CVE
added 2023/12/18 7:15 p.m.1103 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

5.5CVSS5.8AI score0.00011EPSS
CVE
CVE
added 2018/03/26 3:29 p.m.1100 views

CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considere...

7.5CVSS7.3AI score0.0708EPSS
CVE
CVE
added 2017/11/09 2:29 p.m.1092 views

CVE-2017-16651

Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid u...

7.8CVSS7.2AI score0.30531EPSS
In wildWeb
CVE
CVE
added 2021/12/18 12:15 p.m.1091 views

CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

5.9CVSS7.7AI score0.67558EPSS
In wildWeb
CVE
CVE
added 2017/04/27 1:59 a.m.1087 views

CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

7.8CVSS7.9AI score0.92675EPSS
In wildWeb
CVE
CVE
added 2019/03/08 9:29 p.m.1086 views

CVE-2019-9636

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse...

9.8CVSS9.4AI score0.09135EPSS
CVE
CVE
added 2019/08/01 9:15 p.m.1080 views

CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

7.5CVSS8.7AI score0.39886EPSS
CVE
CVE
added 2018/11/14 3:29 p.m.1077 views

CVE-2018-6065

Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.8471EPSS
In wild
CVE
CVE
added 2018/12/11 4:29 p.m.1076 views

CVE-2018-17480

Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.7AI score0.27789EPSS
In wild
CVE
CVE
added 2021/01/18 8:15 p.m.1070 views

CVE-2020-36193

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

7.5CVSS7.5AI score0.78929EPSS
In wild
CVE
CVE
added 2022/03/18 6:15 p.m.1068 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.

9.8CVSS9.3AI score0.00633EPSS
CVE
CVE
added 2022/08/05 7:15 a.m.1068 views

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHe...

9.8CVSS9.9AI score0.92678EPSS
CVE
CVE
added 2022/07/19 10:15 p.m.1066 views

CVE-2022-21549

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated a...

5.3CVSS5AI score0.00129EPSS
CVE
CVE
added 2016/02/16 2:59 a.m.1062 views

CVE-2016-0752

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a...

7.5CVSS6.1AI score0.92461EPSS
In wildWeb
CVE
CVE
added 2019/06/19 11:15 p.m.1062 views

CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

9.8CVSS9.6AI score0.01371EPSS
CVE
CVE
added 2018/01/04 1:29 p.m.1057 views

CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6CVSS6.1AI score0.94304EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.1054 views

CVE-2021-3560

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vu...

7.8CVSS6.1AI score0.08682EPSS
In wild
CVE
CVE
added 2020/12/08 4:15 p.m.1052 views

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrec...

5.9CVSS5.7AI score0.0031EPSS
Web
CVE
CVE
added 2010/12/14 4:0 p.m.1051 views

CVE-2010-4345

Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.

7.8CVSS8.8AI score0.05675EPSS
In wildWeb
CVE
CVE
added 2005/09/06 11:3 p.m.1048 views

CVE-2005-2700

ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.

10CVSS9.3AI score0.06708EPSS
CVE
CVE
added 2022/01/13 4:15 p.m.1043 views

CVE-2022-23134

After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.

5.3CVSS5.6AI score0.93102EPSS
In wild
CVE
CVE
added 2024/04/16 4:15 p.m.1042 views

CVE-2024-3861

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird

4CVSS5.7AI score0.00091EPSS
CVE
CVE
added 2021/01/20 5:15 p.m.1041 views

CVE-2020-25687

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to cause an overflow in a heap-allocated memory. Thi...

7.1CVSS7AI score0.22341EPSS
CVE
CVE
added 2024/04/16 4:15 p.m.1041 views

CVE-2024-3857

The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird

7.8CVSS6AI score0.00098EPSS
CVE
CVE
added 2009/03/26 2:30 p.m.1039 views

CVE-2009-1151

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

9.8CVSS7.5AI score0.93032EPSS
In wildWeb
CVE
CVE
added 2013/05/16 11:45 a.m.1037 views

CVE-2013-1675

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sen...

6.5CVSS8.7AI score0.02572EPSS
In wild
Total number of security vulnerabilities9125