Lucene search

K
DebianDebian Linux

9109 matches found

CVE
CVE
added 2022/02/02 12:15 p.m.713 views

CVE-2022-21724

pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on ...

9.8CVSS8.4AI score0.04424EPSS
CVE
CVE
added 2021/02/16 5:15 p.m.712 views

CVE-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating succ...

7.5CVSS8AI score0.00619EPSS
CVE
CVE
added 2021/07/20 7:15 p.m.712 views

CVE-2021-33909

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

7.8CVSS7.9AI score0.03171EPSS
CVE
CVE
added 2011/05/16 5:55 p.m.711 views

CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allow...

4.3CVSS7.7AI score0.50389EPSS
CVE
CVE
added 2023/02/20 4:15 p.m.711 views

CVE-2023-24998

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, thenew configuration option (FileUploadBase#setFi...

7.5CVSS7.2AI score0.41119EPSS
CVE
CVE
added 2016/09/20 6:59 p.m.708 views

CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and b...

10CVSS8AI score0.89854EPSS
CVE
CVE
added 2012/08/17 12:55 a.m.706 views

CVE-2012-2750

Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.

10CVSS4.9AI score0.01275EPSS
CVE
CVE
added 2019/01/16 8:29 p.m.706 views

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to...

7.5CVSS7.6AI score0.69522EPSS
CVE
CVE
added 2022/10/02 5:15 a.m.705 views

CVE-2022-42003

In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.

7.5CVSS7.5AI score0.00278EPSS
CVE
CVE
added 2023/05/30 2:15 p.m.705 views

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers ordata containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any ofthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no messagesize limit may experience notabl...

6.5CVSS7AI score0.9197EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.699 views

CVE-2021-4189

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connec...

5.3CVSS6.2AI score0.00442EPSS
CVE
CVE
added 2018/11/16 9:29 a.m.698 views

CVE-2018-19296

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.

8.8CVSS8.6AI score0.01371EPSS
CVE
CVE
added 2021/10/27 9:15 p.m.697 views

CVE-2021-25219

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw...

5.3CVSS5.8AI score0.00518EPSS
CVE
CVE
added 2017/11/27 10:29 p.m.694 views

CVE-2017-14746

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

9.8CVSS9.6AI score0.31253EPSS
CVE
CVE
added 2019/08/09 8:15 p.m.694 views

CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to informatio...

7.1CVSS7.2AI score0.02817EPSS
CVE
CVE
added 2009/07/05 4:30 p.m.693 views

CVE-2009-1890

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of servic...

7.1CVSS7.2AI score0.2152EPSS
CVE
CVE
added 2021/01/20 4:15 p.m.689 views

CVE-2020-25685

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNS...

4.3CVSS6AI score0.00521EPSS
CVE
CVE
added 2019/09/20 7:15 p.m.688 views

CVE-2019-14814

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9AI score0.00254EPSS
CVE
CVE
added 2019/02/04 8:29 a.m.688 views

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

5.3CVSS6.3AI score0.00576EPSS
CVE
CVE
added 2022/05/23 11:16 a.m.687 views

CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

9.8CVSS9.8AI score0.00395EPSS
CVE
CVE
added 2019/01/25 4:29 p.m.686 views

CVE-2018-20743

murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood.

7.5CVSS7.1AI score0.07515EPSS
CVE
CVE
added 2021/06/02 4:15 p.m.686 views

CVE-2021-3468

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is ...

5.5CVSS5.6AI score0.0001EPSS
CVE
CVE
added 2020/12/03 7:15 p.m.682 views

CVE-2020-17527

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this wou...

7.5CVSS7.5AI score0.08457EPSS
CVE
CVE
added 2020/04/01 4:15 a.m.682 views

CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_h...

5.3CVSS6.5AI score0.0137EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.676 views

CVE-2019-9512

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memor...

7.8CVSS7.8AI score0.24189EPSS
CVE
CVE
added 2023/03/28 7:15 p.m.674 views

CVE-2022-23121

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing...

9.8CVSS9.6AI score0.15391EPSS
CVE
CVE
added 2023/10/27 3:15 p.m.668 views

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote CodeExecution. This vulnerability may allow a remote attacker with networkaccess to either a Java-based OpenWire broker or client to run arbitraryshell commands by manipulating serialized class types in the OpenWireprotocol to cause eith...

10CVSS10AI score0.94436EPSS
CVE
CVE
added 2020/07/07 2:15 p.m.667 views

CVE-2020-10745

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulne...

7.8CVSS7.1AI score0.16334EPSS
CVE
CVE
added 2022/09/28 11:15 p.m.667 views

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

5.5CVSS6.4AI score0.00007EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.666 views

CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure...

6.5CVSS7AI score0.03174EPSS
CVE
CVE
added 2018/07/13 2:29 p.m.665 views

CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

6.1CVSS6.1AI score0.01633EPSS
CVE
CVE
added 2019/11/26 5:15 p.m.665 views

CVE-2019-12526

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data ov...

9.8CVSS9.2AI score0.39194EPSS
CVE
CVE
added 2016/05/05 1:59 a.m.664 views

CVE-2016-2107

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exi...

5.9CVSS6.9AI score0.82039EPSS
CVE
CVE
added 2020/07/09 3:15 p.m.663 views

CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret...

4.4CVSS5.8AI score0.00025EPSS
CVE
CVE
added 2021/07/12 3:15 p.m.663 views

CVE-2021-30640

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.

6.5CVSS6.6AI score0.00179EPSS
CVE
CVE
added 2022/09/21 11:15 a.m.663 views

CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

5.3CVSS6.5AI score0.00375EPSS
CVE
CVE
added 2021/04/29 1:15 a.m.661 views

CVE-2021-25214

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of na...

6.5CVSS6.6AI score0.00634EPSS
CVE
CVE
added 2020/02/10 8:15 a.m.659 views

CVE-2020-7059

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

9.1CVSS7.6AI score0.01881EPSS
CVE
CVE
added 2016/04/21 11:0 a.m.658 views

CVE-2016-3427

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

10CVSS6.8AI score0.93626EPSS
CVE
CVE
added 2023/08/11 6:15 a.m.658 views

CVE-2023-3823

In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appr...

8.6CVSS8.6AI score0.00144EPSS
CVE
CVE
added 2018/10/04 1:29 p.m.655 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the a...

4.3CVSS5.1AI score0.86748EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.652 views

CVE-2024-22201

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop...

7.5CVSS7.5AI score0.00293EPSS
CVE
CVE
added 2020/06/26 5:15 p.m.651 views

CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unrespon...

7.5CVSS7.4AI score0.37363EPSS
CVE
CVE
added 2023/03/31 4:15 a.m.651 views

CVE-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

5.3CVSS5.7AI score0.00665EPSS
CVE
CVE
added 2024/02/20 6:15 p.m.651 views

CVE-2023-52434

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts insmb2_parse_contexts(). This fixes following oops when accessing invalid create contexts fromserver: BUG: u...

8CVSS7.7AI score0.00021EPSS
CVE
CVE
added 2020/10/12 2:15 p.m.650 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could cont...

4.3CVSS4.7AI score0.12123EPSS
CVE
CVE
added 2024/10/09 1:15 p.m.650 views

CVE-2024-9680

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, T...

9.8CVSS9AI score0.10797EPSS
CVE
CVE
added 2018/12/14 8:29 p.m.649 views

CVE-2018-20148

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.

9.8CVSS9.3AI score0.52815EPSS
CVE
CVE
added 2020/03/06 3:15 p.m.649 views

CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

10CVSS9.9AI score0.11181EPSS
CVE
CVE
added 2018/09/16 3:29 p.m.646 views

CVE-2018-17082

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.

6.1CVSS6AI score0.25917EPSS
Total number of security vulnerabilities9109