Lucene search

K

276 matches found

CVE
CVE
added 2022/03/14 11:15 a.m.9877 views

CVE-2022-23943

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

9.8CVSS9.2AI score0.65905EPSS
CVE
CVE
added 2022/03/13 12:15 a.m.8456 views

CVE-2021-36368

An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication ...

3.7CVSS4.2AI score0.00283EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.7594 views

CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.8CVSS9.4AI score0.3179EPSS
CVE
CVE
added 2022/03/25 9:15 a.m.3061 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00095EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2333 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.1CVSS9.4AI score0.23333EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2000 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.34984EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.1460 views

CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could...

9CVSS7.5AI score0.00182EPSS
CVE
CVE
added 2022/03/15 5:15 p.m.1198 views

CVE-2022-0778

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.8AI score0.0537EPSS
CVE
CVE
added 2022/05/03 4:15 p.m.1122 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.6768EPSS
CVE
CVE
added 2022/01/26 2:15 p.m.1096 views

CVE-2021-22600

A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

7.2CVSS6.8AI score0.00033EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.1065 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.

9.8CVSS9.3AI score0.00707EPSS
CVE
CVE
added 2022/05/26 6:15 p.m.1017 views

CVE-2022-26691

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

7.2CVSS6.1AI score0.00011EPSS
CVE
CVE
added 2022/01/13 4:15 p.m.1011 views

CVE-2022-23134

After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.

5.3CVSS5.6AI score0.9158EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.933 views

CVE-2022-0546

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.

7.8CVSS7.8AI score0.00341EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.836 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00152EPSS
CVE
CVE
added 2022/01/10 2:12 p.m.827 views

CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used.

9.8CVSS8.9AI score0.02548EPSS
CVE
CVE
added 2022/02/02 12:15 p.m.713 views

CVE-2022-21724

pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on ...

9.8CVSS8.4AI score0.04424EPSS
CVE
CVE
added 2022/05/01 4:15 p.m.642 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

7.7CVSS7.7AI score0.01666EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.616 views

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

5.9CVSS7.2AI score0.00681EPSS
CVE
CVE
added 2022/02/24 3:15 p.m.609 views

CVE-2022-24407

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

8.8CVSS9.1AI score0.00563EPSS
CVE
CVE
added 2022/03/11 7:15 a.m.568 views

CVE-2020-36518

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.5CVSS7.4AI score0.00477EPSS
CVE
CVE
added 2022/05/04 8:15 p.m.563 views

CVE-2022-29155

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.

9.8CVSS9.5AI score0.1885EPSS
CVE
CVE
added 2022/01/26 2:15 p.m.562 views

CVE-2021-22570

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to versi...

6.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.554 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.06994EPSS
CVE
CVE
added 2022/01/06 11:15 p.m.533 views

CVE-2022-21661

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress ve...

8CVSS8AI score0.90593EPSS
CVE
CVE
added 2022/01/06 11:15 p.m.516 views

CVE-2022-21664

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected ve...

8.8CVSS8.2AI score0.06592EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.468 views

CVE-2022-1011

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

7.8CVSS7.7AI score0.00141EPSS
CVE
CVE
added 2022/06/02 9:15 p.m.466 views

CVE-2022-32250

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

7.8CVSS7.5AI score0.01457EPSS
CVE
CVE
added 2022/01/06 11:15 p.m.462 views

CVE-2022-21662

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched...

8CVSS6.4AI score0.23275EPSS
CVE
CVE
added 2022/05/09 6:15 p.m.457 views

CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.

7.5CVSS7.8AI score0.00386EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.432 views

CVE-2022-21426

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerab...

5.3CVSS5.3AI score0.00055EPSS
CVE
CVE
added 2022/03/13 12:15 a.m.432 views

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

5.6CVSS6.4AI score0.00134EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.429 views

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to con...

7.9CVSS7.2AI score0.0002EPSS
CVE
CVE
added 2022/01/01 6:15 a.m.429 views

CVE-2021-41819

CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.

7.5CVSS7.5AI score0.00673EPSS
CVE
CVE
added 2022/05/26 2:15 p.m.428 views

CVE-2022-1664

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can ...

9.8CVSS9.3AI score0.00476EPSS
CVE
CVE
added 2022/03/03 11:15 p.m.426 views

CVE-2021-3640

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. ...

7CVSS7.1AI score0.00005EPSS
CVE
CVE
added 2022/01/18 5:15 p.m.421 views

CVE-2021-4083

A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges ...

7CVSS6.9AI score0.00009EPSS
CVE
CVE
added 2022/05/06 12:15 a.m.411 views

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code executi...

8.1CVSS8.7AI score0.01172EPSS
CVE
CVE
added 2022/02/26 5:15 a.m.410 views

CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

7.5CVSS7.7AI score0.00044EPSS
CVE
CVE
added 2022/01/20 6:15 p.m.408 views

CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

7.8CVSS7.5AI score0.00039EPSS
CVE
CVE
added 2022/01/24 2:15 a.m.407 views

CVE-2022-23852

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

9.8CVSS9.6AI score0.01944EPSS
CVE
CVE
added 2022/02/11 1:15 a.m.405 views

CVE-2022-23806

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

9.1CVSS9.1AI score0.00022EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.403 views

CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

8.8CVSS8.5AI score0.00295EPSS
CVE
CVE
added 2022/04/19 9:15 p.m.386 views

CVE-2022-21476

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vul...

7.5CVSS7AI score0.0014EPSS
CVE
CVE
added 2022/01/01 5:15 a.m.382 views

CVE-2021-41817

Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.

7.5CVSS7.4AI score0.00422EPSS
CVE
CVE
added 2022/02/11 1:15 a.m.371 views

CVE-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.

7.8CVSS8.4AI score0.00016EPSS
CVE
CVE
added 2022/06/15 8:15 p.m.365 views

CVE-2022-21123

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00461EPSS
CVE
CVE
added 2022/03/30 12:15 p.m.364 views

CVE-2022-1154

Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.

7.8CVSS8.3AI score0.00386EPSS
CVE
CVE
added 2022/03/05 8:15 p.m.363 views

CVE-2022-24921

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.

7.5CVSS7.5AI score0.00014EPSS
CVE
CVE
added 2022/03/23 6:15 a.m.358 views

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

7.8CVSS8AI score0.01101EPSS
Total number of security vulnerabilities276