Lucene search

K
DebianDebian Linux

9134 matches found

CVE
CVE
added 2023/09/20 1:15 p.m.764 views

CVE-2023-3341

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, c...

7.5CVSS7.9AI score0.0016EPSS
CVE
CVE
added 2021/07/20 7:15 p.m.762 views

CVE-2021-33909

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

7.8CVSS7.9AI score0.03537EPSS
CVE
CVE
added 2023/08/11 6:15 a.m.761 views

CVE-2023-3824

In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.

9.8CVSS8.9AI score0.34747EPSS
Web
CVE
CVE
added 2019/09/20 7:15 p.m.758 views

CVE-2019-14816

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9.1AI score0.00121EPSS
CVE
CVE
added 2021/03/25 3:15 p.m.758 views

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a...

5.9CVSS6.7AI score0.15408EPSS
CVE
CVE
added 2019/02/04 8:29 a.m.755 views

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

5.3CVSS6.3AI score0.00431EPSS
CVE
CVE
added 2021/02/15 1:15 p.m.753 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can s...

5.9CVSS7.6AI score0.00414EPSS
CVE
CVE
added 2021/06/02 4:15 p.m.753 views

CVE-2021-3468

A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is ...

5.5CVSS5.6AI score0.00011EPSS
CVE
CVE
added 2022/05/23 11:16 a.m.748 views

CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

9.8CVSS9.8AI score0.00421EPSS
CVE
CVE
added 2012/08/17 12:55 a.m.746 views

CVE-2012-2750

Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.

10CVSS4.9AI score0.01372EPSS
CVE
CVE
added 2019/08/13 9:15 p.m.744 views

CVE-2019-9512

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memor...

7.8CVSS7.8AI score0.20167EPSS
CVE
CVE
added 2021/02/16 5:15 p.m.744 views

CVE-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating succ...

7.5CVSS8AI score0.00821EPSS
CVE
CVE
added 2018/08/26 4:29 p.m.743 views

CVE-2011-2767

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permittin...

10CVSS9.5AI score0.04879EPSS
CVE
CVE
added 2020/12/03 7:15 p.m.743 views

CVE-2020-17527

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this wou...

7.5CVSS7.5AI score0.08457EPSS
CVE
CVE
added 2023/10/27 3:15 p.m.738 views

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote CodeExecution. This vulnerability may allow a remote attacker with networkaccess to either a Java-based OpenWire broker or client to run arbitraryshell commands by manipulating serialized class types in the OpenWireprotocol to cause eith...

10CVSS10AI score0.94436EPSS
In wild
CVE
CVE
added 2019/08/09 8:15 p.m.737 views

CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to informatio...

7.1CVSS7.2AI score0.02317EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.737 views

CVE-2024-22201

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop...

7.5CVSS7.5AI score0.00293EPSS
CVE
CVE
added 2016/09/20 6:59 p.m.733 views

CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and b...

10CVSS8AI score0.89167EPSS
CVE
CVE
added 2018/07/13 2:29 p.m.731 views

CVE-2018-14040

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

6.1CVSS6.1AI score0.00811EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.729 views

CVE-2019-11049

In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.

9.8CVSS7.8AI score0.01969EPSS
CVE
CVE
added 2022/07/20 8:15 p.m.729 views

CVE-2022-31160

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents consi...

6.1CVSS6AI score0.09618EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.728 views

CVE-2021-4189

A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connec...

5.3CVSS6.2AI score0.00361EPSS
CVE
CVE
added 2016/04/21 11:0 a.m.725 views

CVE-2016-3427

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

10CVSS6.8AI score0.93626EPSS
In wild
CVE
CVE
added 2021/01/20 4:15 p.m.724 views

CVE-2020-25685

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNS...

4.3CVSS6AI score0.01132EPSS
CVE
CVE
added 2019/09/20 7:15 p.m.722 views

CVE-2019-14814

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

7.8CVSS9AI score0.00254EPSS
CVE
CVE
added 2023/03/31 4:15 a.m.721 views

CVE-2023-28756

A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.

5.3CVSS5.7AI score0.00758EPSS
CVE
CVE
added 2019/08/09 8:15 p.m.720 views

CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to informatio...

7.1CVSS7.2AI score0.0198EPSS
CVE
CVE
added 2024/10/09 1:15 p.m.720 views

CVE-2024-9680

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, T...

9.8CVSS9AI score0.48168EPSS
In wild
CVE
CVE
added 2011/05/16 5:55 p.m.719 views

CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allow...

4.3CVSS7.7AI score0.58438EPSS
CVE
CVE
added 2025/02/28 10:15 p.m.716 views

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an...

5.9CVSS6.6AI score0.42381EPSS
CVE
CVE
added 2020/06/26 5:15 p.m.715 views

CVE-2020-11996

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unrespon...

7.5CVSS7.4AI score0.31135EPSS
In wild
CVE
CVE
added 2019/01/16 8:29 p.m.714 views

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to...

7.5CVSS7.6AI score0.58047EPSS
CVE
CVE
added 2022/05/01 4:15 p.m.712 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

7.7CVSS7.7AI score0.01666EPSS
CVE
CVE
added 2024/02/20 6:15 p.m.712 views

CVE-2023-52434

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts() Validate offsets and lengths before dereferencing create contexts insmb2_parse_contexts(). This fixes following oops when accessing invalid create contexts fromserver: BUG: u...

8CVSS7.7AI score0.00017EPSS
CVE
CVE
added 2020/04/21 2:15 p.m.711 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.67225EPSS
CVE
CVE
added 2020/10/12 2:15 p.m.710 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could cont...

4.3CVSS4.7AI score0.09572EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.710 views

CVE-2023-21930

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vul...

7.4CVSS7.4AI score0.00131EPSS
CVE
CVE
added 2017/11/27 10:29 p.m.709 views

CVE-2017-14746

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

9.8CVSS9.6AI score0.2833EPSS
CVE
CVE
added 2020/04/01 4:15 a.m.708 views

CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_h...

5.3CVSS6.5AI score0.01281EPSS
CVE
CVE
added 2020/07/09 3:15 p.m.707 views

CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret...

4.4CVSS5.8AI score0.00079EPSS
CVE
CVE
added 2021/07/12 3:15 p.m.707 views

CVE-2021-30640

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.

6.5CVSS6.6AI score0.00172EPSS
CVE
CVE
added 2021/10/27 9:15 p.m.705 views

CVE-2021-25219

In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw...

5.3CVSS5.8AI score0.00518EPSS
CVE
CVE
added 2022/07/06 6:15 p.m.705 views

CVE-2022-31129

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has qua...

7.5CVSS7.8AI score0.04179EPSS
In wild
CVE
CVE
added 2020/06/03 11:15 p.m.702 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes th...

7.5CVSS6.5AI score0.00566EPSS
CVE
CVE
added 2009/07/05 4:30 p.m.701 views

CVE-2009-1890

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of servic...

7.1CVSS7.2AI score0.26458EPSS
CVE
CVE
added 2018/10/04 1:29 p.m.701 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the a...

4.3CVSS5.1AI score0.84899EPSS
CVE
CVE
added 2018/11/16 9:29 a.m.701 views

CVE-2018-19296

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.

8.8CVSS8.6AI score0.01204EPSS
CVE
CVE
added 2024/03/13 4:15 p.m.698 views

CVE-2024-23672

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0...

6.3CVSS7.2AI score0.00577EPSS
CVE
CVE
added 2016/05/05 1:59 a.m.694 views

CVE-2016-2107

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exi...

5.9CVSS6.9AI score0.78923EPSS
CVE
CVE
added 2023/09/21 7:15 p.m.692 views

CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

8.8CVSS8.8AI score0.08952EPSS
In wild
Total number of security vulnerabilities9134