31 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2019-1559
OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...
CVE-2019-11477
CVE-2019-11477 (SACK Panic) is a Linux kernel TCP vulnerability where crafted SACK blocks can trigger an integer overflow, potentially causing a kernel crash and DoS. CVE-2019-11478/11479 describe related DoS via SACK handling and low MSS. In practice, Arista discloses affected products (EOS, Clo...
CVE-2019-13565
CVE-2019-13565 affects OpenLDAP 2.x before 2.4.48. The issue arises when using SASL authentication with session encryption and relying on SASL security layers in slapd ACLs, allowing access that would normally be denied via a simple bind for identities covered by the ACLs. After the first SASL bi...
CVE-2019-11479
The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...
CVE-2019-11478
CVE-2019-11478 describes a DoS in the Linux kernel TCP SACK handling where the TCP retransmission queue can fragment, leading to degraded performance or denial of service when processing crafted SACK sequences. The initial entry notes a fixed commit f070ef2ac66716357066b683fb0baf55f8191a2e and st...
CVE-2019-5436
CVE-2019-5436 affects curl/libcurl with a heap buffer overflow in the TFTP receiving code (tftp_receive_packet). Exploitation can lead to DoS or arbitrary code execution. Upstream fix released in curl 7.65.0; advisories from CentOS, Arch Linux, Debian, and others document the vulnerability and re...
CVE-2018-20836
CVE-2018-20836 : A race condition in the Linux kernel before 4.20, specifically in drivers/scsi/libsas/sas_expander.c (smp_task_timedout() vs smp_task_done()), can lead to a use-after-free. Affected: Linux kernel versions prior to 4.20. Impact is described as high by CVSS. The provided documents ...
CVE-2018-14634
CVE-2018-14634 is a Linux kernel integer overflow vulnerability in create_elf_tables(). An unprivileged local user with access to a SUID (or otherwise privileged) binary could escalate privileges. Documented vulnerable kernel families include 2.6.x, 3.10.x, and 4.14.x. Mitigations/recognitions ex...
CVE-2002-20001
CVE-2002-20001 describes a Diffie-Hellman key exchange weakness where a remote attacker (from the client side) can send non-public values to induce expensive server-side DHE modular-exponentiation, potentially impacting availability. The description specifies that the attack is most disruptive wh...
CVE-2019-13050
CVE-2019-13050: Describes a DoS risk arising from the interaction between SKS keyserver network code (through SKS 1.2.0) and GNU Privacy Guard (GnuPG) up to 2.2.16, where a keyserver host reference on the SKS network may trigger a Certificate Spamming Attack leading to a persistent denial-of-serv...
CVE-2018-1320
CVE-2018-1320 affects Apache Thrift: Java client library versions 0.5.0–0.11.0. The issue stems from an assert in TSaslTransport.isComplete that validates SASL handshakes; disabling this check can leave SASL negotiation validation incomplete, enabling a security bypass. Multiple connected sources...
CVE-2018-14463
CVE-2018-14463 affects tcpdump before 4.9.3 with a buffer over-read in the VRRP parser (print-vrrp.c:vrrp_print) for VRRP version 2. The connected AlmaLinux advisory confirms the vulnerability and points to upgrading tcpdump to 4.9.3 or later as a remediation; no exploitation details are provided...
CVE-2018-14462
CVE-2018-14462: TCPDUMP has a buffer over-read in the ICMP parser (print-icmp.c:icmp_print()) in versions prior to 4.9.3. A fix was released with tcpdump 4.9.3; upgrade to 4.9.3 or later to remediate. Evidence in connected docs confirms the ICMP over-read and related tcpdump fixes.
CVE-2018-14469
CVE-2018-14469 affects tcpdump prior to 4.9.3. Root cause: buffer over-read in the IKEv1 parser (print-isakmp.c:ikev1_n_print()). Affected: tcpdump versions before 4.9.3. Impact stated in related advisories for tcpdump family includes potential crashes or instability; exploitation details are not...
CVE-2018-16229
CVE-2018-16229 (tcpdump) affects tcpdump before 4.9.3, with a buffer over-read in print-dccp.c:dccp_print_option() (DCCP parser). The issue is listed among multiple tcpdump vulnerabilities and is addressed by upgrading to tcpdump 4.9.3 or newer (as per ALMA Linux advisory noting CVE-2018-16229 am...
CVE-2018-14465
CVE-2018-14465 affects tcpdump before 4.9.3. The RSVP parser’s rsvp_obj_print() performs a buffer over-read, as described in the provided sources. The vulnerability is addressed by upgrading tcpdump to version 4.9.3 or newer (and related fixes in the same release), per multiple advisories and sec...
CVE-2018-14468
tcpdump before 4.9.3 contains a buffer over-read in the FRF.16 parser (print-fr.c:mfr_print()). Upgrading to tcpdump 4.9.3 (or later) is the remediation mentioned in the accompanying advisories for affected platforms.
CVE-2018-14880
tcpdump has a confirmed vulnerability CVE-2018-14880 in the OSPFv3 parser: a buffer over-read in ospf6_print_lshdr() inside print-ospf6.c, affecting tcpdump before version 4.9.3. Connected advisories (e.g., AlmaLinux ALSA-2020:4760, Debian DSA-4547-1, DLA-1955-1) reference this CVE and span multi...
CVE-2018-14879
tcpdump (affected: before 4.9.3) has a buffer overflow in tcpdump.c:get_next_file(), tracked as CVE-2018-14879. The issue is one of multiple parsing bugs in the 4.9.x series and is documented in security advisories (e.g., AlmaLinux ALSA-2020:4760) as an out-of-bounds read/write in get_next_file()...
CVE-2018-14882
CVE-2018-14882 affects tcpdump before 4.9.3, with a buffer over-read in the ICMPv6 parser (print-icmp6.c). This can cause a crash or, in some contexts, enable arbitrary code execution as part of the suite of tcpdump issues. The linked advisory (tcpdump updates 4.9.3) and Cloud Foundry USN note th...
CVE-2019-9077
CVE-2019-9077 : GNU Binutils 2.32 contains a heap-based buffer overflow in readelf.c (process_mips_specific) triggered by a malformed MIPS option section. Public sources describe potential outcomes as arbitrary code execution or denial of service. Affected users should upgrade Binutils to a non-v...
CVE-2019-16714
Summary: CVE-2019-16714 affects the Linux kernel prior to 5.2.14. The vulnerability is in rds6_inc_info_copy (net/rds/recv.c), where tos and flags are not initialized, allowing a remote attacker to read sensitive data from kernel stack memory. This is an information disclosure vulnerability with ...
CVE-2018-20002
CVE-2018-20002 affects GNU Binutils’ BFD library (libbfd); the _bfd_generic_read_minisymbols function leaks memory when processing crafted ELF files, causing DoS via memory consumption. Documented in multiple sources (Binutils 2.31, nm demonstration). Impact is a denial of service with potential ...
CVE-2019-9070
GNU Binutils (libiberty) vulnerability CVE-2019-9070: heap-based buffer over-read in d_expression_1 of cp-demangle.c after deep recursion, affecting Binutils prior to a patched release. Impact per sources includes potential code execution, information leakage, or DoS when processing crafted ELF i...
CVE-2018-20657
CVE-2018-20657 affects GNU Binutils’ libiberty, specifically the demangle_template function in cplus-dem.c, distributed with Binutils 2.31.1. The issue is a memory leak triggered by crafted strings, causing a denial of service via memory consumption (as demonstrated by cxxfilt). Connected sources...
CVE-2022-27880
CVE-2022-27880 (F5 Traffix SDC) : A stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility. Affected versions are 5.2.x prior to 5.2.2 and 5.1.x prior to 5.1.35. An authenticated attacker can store malicious HTML/JavaScript that exec...
CVE-2015-5738
The CVE-2015-5738 issue concerns the Cavium SDK 2.x RSA-CRT implementation used on OCTEON II CN6xxx hardware under Linux to support TLS with PFS. A Lenstra fault-side channel attack could allow remote attackers to obtain private RSA keys. Connected advisories indicate mitigations exist in vendor/...
CVE-2022-27662
CVE-2022-27662 affects F5 Traffix SDC: stored Cross-Site Template Injection in the Traffix SDC Configuration utility. Affected versions are 5.2.x prior to 5.2.2 and 5.1.x prior to 5.1.35. The underlying issue enables an attacker to execute template language-specific instructions in the server con...
CVE-2020-5854
The CVE-2020-5854 issue affects BIG-IP TMM when using the connector profile, causing a core on specific connection sequences and temporary traffic processing failure post-restart, with device group failover risk. According to the F5 K50046200 advisory, vulnerable versions are BIG-IP TMM 11.6.0–11...