Lucene search
+L
FedoraprojectFedora

5353 matches found

CVE
CVE
added 2023/07/20 12:0 a.m.36667 views

CVE-2023-38408

The CVE-2023-38408 issue affects OpenSSH’s ssh-agent PKCS#11 support, where an insufficiently trustworthy search path (notably code loaded from /usr/lib) enables remote code execution when an agent is forwarded to an attacker-controlled system; this stems from an incomplete fix for CVE-2016-10009...

9.8CVSS8.3AI score0.76768EPSS
CVE
CVE
added 2022/06/08 10:0 a.m.19080 views

CVE-2022-31813

CVE-2022-31813 affects Apache HTTP Server 2.4.53 and older; due to hop-by-hop handling, X-Forwarded-* headers may be dropped to the origin server, which can enable bypass of IP-based authentication. All connected advisories indicate the fix is in Apache HTTP Server 2.4.54 and related updates in d...

9.8CVSS9.4AI score0.0314EPSS
CVE
CVE
added 2021/09/26 12:0 a.m.17266 views

CVE-2021-41617

CVE-2021-41617 affects OpenSSH sshd (versions 6.2–8.x prior to 8.8) where certain non-default configurations allow local privilege escalation because supplemental groups are not initialized as expected when AuthorizedKeysCommand/AuthorizedPrincipalsCommand run under a different user. This can cau...

7CVSS7.5AI score0.02367EPSS
CVE
CVE
added 2013/11/15 8:0 p.m.16212 views

CVE-2013-6629

The CVE-2013-6629 issue affects libjpeg 6b and libjpeg-turbo up to 1.3.0, used by Chrome prior to 31.0.1650.48, Ghostscript, and other products. The vulnerability arises in get_sos() in jdmarker.c, which does not properly validate certain duplications of component data after SOS JPEG markers, all...

5CVSS6.1AI score0.10117EPSS
CVE
CVE
added 2014/06/05 9:0 p.m.15808 views

CVE-2014-3470

CVE-2014-3470 is an OpenSSL vulnerability where the ssl3_send_client_key_exchange in s3_clnt.c can trigger a NULL certificate value when using anonymous ECDH cipher suites, leading to a denial-of-service via NULL pointer dereference and client crash. Affected OpenSSL versions are before 0.9.8za, ...

4.3CVSS7.4AI score0.85784EPSS
CVE
CVE
added 2014/02/06 2:0 a.m.15499 views

CVE-2014-1491

CVE-2014-1491 describes an issue in the Mozilla NSS library where public DH values were not properly restricted, enabling remote attackers to bypass cryptographic protections in ticket handling when NSS was used (e.g., in Firefox/Thunderbird/SeaMonkey). The vulnerability affects NSS

4.3CVSS8.4AI score0.04664EPSS
CVE
CVE
added 2019/04/08 9:31 p.m.14733 views

CVE-2019-0211

CVE-2019-0211 affects Apache HTTP Server 2.4.17–2.4.38 when using MPM event, worker, or prefork. The issue arises from code executing in less-privileged child processes/threads (including in-process scripting interpreters) that could be exploited to run arbitrary code with the privileges of the p...

7.8CVSS7.2AI score0.65005EPSS
In wild
CVE
CVE
added 2019/01/31 12:0 a.m.13883 views

CVE-2019-6111

OpenSSH SCP client vulnerability CVE-2019-6111: in OpenSSH 7.9, the SCP client does not properly validate the object name returned by the server, allowing a malicious SCP server or MITM to overwrite arbitrary files in the client target directory. If recursive transfers (-r) are used, subdirectori...

5.9CVSS6.3AI score0.58204EPSS
In wildWeb
CVE
CVE
added 2021/03/05 7:7 p.m.12906 views

CVE-2021-28041

The CVE refers to OpenSSH ssh-agent before 8.5, where a double-free vulnerability may be triggered in rare scenarios (unconstrained agent-socket access on legacy OS or forwarding to an attacker-controlled host). Affected component: ssh-agent in OpenSSH prior to 8.5. Root cause: double free descri...

7.1CVSS6.8AI score0.03422EPSS
CVE
CVE
added 2020/08/07 3:27 p.m.11994 views

CVE-2020-11984

CVE-2020-11984 affects Apache HTTP Server mod_proxy_uwsgi. Based on the provided documents, it is a vulnerability in httpd’s uwsgi handling that can lead to information disclosure and potentially remote code execution. The vulnerability was reported for Apache HTTP Server versions around 2.4.32 t...

9.8CVSS9.3AI score0.90039EPSS
In wild
CVE
CVE
added 2024/02/14 12:0 a.m.11337 views

CVE-2023-50868

CVE-2023-50868 is a DNSSEC-related denial of service issue (NSEC3 Closest Encloser proof) that can cause CPU exhaustion. The connected documents confirm impact on DNS implementations such as Unbound and BIND/BIND9 and describe the root cause as processors performing thousands of hash iterations f...

7.5CVSS7.6AI score0.81729EPSS
CVE
CVE
added 2022/03/14 10:15 a.m.10409 views

CVE-2022-23943

CVE-2022-23943 is an out-of-bounds write vulnerability in httpd’s mod_sed that could allow memory corruption by attacker-supplied data. Affected: Apache HTTP Server 2.4.52 and earlier. Mitigation: upgrade to a fixed release (e.g., httpd 2.4.53 or later) as indicated by multiple advisories (includ...

9.8CVSS9.2AI score0.50401EPSS
CVE
CVE
added 2024/04/23 1:5 p.m.9511 views

CVE-2024-26922

CVE-2024-26922 affects the Linux kernel drm/amdgpu path and arises from insufficient validation of bo mapping operation parameters (amdgpu_vm_bo_(map/replace_map/clearing_mappings)). The vulnerability is addressed by validating parameters in a central location for amdgpu_vm_bo_* calls, with the i...

5.5CVSS6.3AI score0.00301EPSS
CVE
CVE
added 2024/02/11 12:0 a.m.8871 views

CVE-2024-25711

CVE-2024-25711 affects diffoscope before 256. The vulnerability arises from trusting the gpg --use-embedded-filenames option, enabling directory traversal via an embedded filename in a GPG file. Exploitation would disclose contents of arbitrary files (e.g., ../.ssh/id_rsa). Impact is information ...

7.5CVSS6.2AI score0.00979EPSS
CVE
CVE
added 2024/03/10 12:0 a.m.8337 views

CVE-2024-28757

The CVE-2024-28757 entry concerns libexpat up to version 2.6.1, where XML External Entity (XXE) processing can be triggered when isolated external parsers are used (XML_ExternalEntityParserCreate). The impact is denial of service or resource exhaustion (availability impact: HIGH) with CVSS v3.1 b...

7.5CVSS7.4AI score0.02006EPSS
CVE
CVE
added 2022/03/14 10:15 a.m.8166 views

CVE-2022-22720

CVE-2022-22720 – Apache httpd HTTP Request Smuggling (details from connected docs) Affected software: Apache HTTP Server (httpd) versions 2.4.52 and earlier. Root cause / description: Inbound connections are not closed when errors occur while discarding the request body, which can expose the serv...

9.8CVSS9.4AI score0.28189EPSS
CVE
CVE
added 2024/05/01 5:28 a.m.7860 views

CVE-2024-27004

CVE-2024-27004 in the Linux kernel affects the clk subsystem, where runtime PM resuming/suspending a device while holding the clk prepare_lock can deadlock (ABBA) when walking the clock tree during disable_unused. The issue manifests as hung tasks (e.g., swapper/0 and a kworker) and a deadlock be...

5.5CVSS6.2AI score0.00211EPSS
CVE
CVE
added 2024/05/01 5:28 a.m.7803 views

CVE-2024-27000

Summary: CVE-2024-27000 is a Linux kernel vulnerability in the serial mxs-auart driver where uart_handle_cts_change() could be invoked without holding uport->lock, risking mis-synchronization. The issue is resolved by adding a spinlock around changing the CTS state. The described scenario invo...

7.8CVSS6.2AI score0.00327EPSS
CVE
CVE
added 2024/05/01 5:28 a.m.7755 views

CVE-2024-27001

CVE-2024-27001 is described in the Linux kernel context as a fix for a USB endpoint checking flaw in the comedi vmk80xx driver. The issue arose because vmk80xx_find_usb_endpoints() did not fully account for varying endpoint types (bulk vs interrupt) across hardware models, which could lead to an ...

5.5CVSS6.3AI score0.0028EPSS
CVE
CVE
added 2020/04/29 12:0 a.m.7695 views

CVE-2020-11022

CVE-2020-11022 affects jQuery versions >=1.2 and =3.5.0 or apply vendor guidance where applicable.

6.9CVSS6.7AI score0.99019EPSS
In wild
CVE
CVE
added 2024/05/16 1:39 p.m.7504 views

CVE-2024-31142

CVE-2024-31142 concerns the Xen hypervisor. The issue stems from a logical error in XSA-407 (Branch Type Confusion); the mitigation is not applied as intended, and XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, making it equally impacted. Available connected sources des...

7.5CVSS6.2AI score0.17444EPSS
CVE
CVE
added 2021/06/10 7:10 a.m.7484 views

CVE-2021-26691

CVE-2021-26691 affects Apache HTTP Server, where a crafted SessionHeader can cause a heap overflow in 2.4.0–2.4.46. Several connected advisories indicate that updates have been released (e.g., AlmaLinux/CentOS/Red Hat ecosystems) and that newer Apache HTTP Server versions (e.g., 2.4.51 in Check P...

9.8CVSS9.2AI score0.68067EPSS
CVE
CVE
added 2021/12/20 12:0 a.m.7281 views

CVE-2021-44790

CVE-2021-44790 affects Apache HTTP Server up to version 2.4.51. It describes a buffer overflow in the mod_lua multipart parser (triggered via r:parsebody() from Lua scripts). Connected documents corroborate this in various advisories and patch notes, indicating releases with fixes (e.g., patched ...

9.8CVSS9.9AI score0.97108EPSS
Web
CVE
CVE
added 2020/04/29 12:0 a.m.7250 views

CVE-2020-11023

The connected Astra Linux bulletin confirms CVE-2020-11023: in jQuery versions >= 1.0.3 and < 3.5.0, passing HTML containing elements from untrusted sources to DOM manipulation methods (e.g., .html(), .append()) may lead to untrusted code execution. Patch released in jQuery 3.5.0. Remediat...

6.9CVSS7.2AI score0.8383EPSS
In wild
CVE
CVE
added 2021/01/20 4:28 p.m.7239 views

CVE-2020-25682

Dnsmasq contains multiple DNSSEC-related memory-corruption flaws (notably CVE-2020-25682) arising from improper length checks in the extract_name() path used to parse DNS names. An attacker on the network who can craft valid DNS replies can trigger a heap overflow, potentially allowing remote cod...

8.3CVSS8.3AI score0.70754EPSS
CVE
CVE
added 2024/05/13 10:22 a.m.7117 views

CVE-2024-27398

CVE-2024-27398 – Linux kernel Bluetooth SCO use-after-free . The vulnerability stems from a use-after-free in sco_sock_timeout: after a SCO connection is established, releasing the SCO socket may schedule timeout_work, but the socket can be freed yet still dereferenced by sco_sock_timeout, leadin...

7.8CVSS6.3AI score0.00757EPSS
CVE
CVE
added 2024/05/13 10:29 a.m.7065 views

CVE-2024-27401

CVE-2024-27401 affects the Linux kernel’s firewire nosy code path. The vulnerability arises because packet_buffer_get could read beyond the user-supplied length if the head packet length exceeded user_length, potentially allowing a user-space overflow. The fix ensures the function returns 0 when ...

7.1CVSS6.6AI score0.00296EPSS
CVE
CVE
added 2024/03/03 12:0 a.m.6964 views

CVE-2024-28084

CVE-2024-28084 affects iNet wireless daemon (IWD) p2putil.c up to version 2.15. The issue stems from initialization during parsing of advertised service information, enabling denial of service via daemon crash and possibly other unspecified impact. Fedora advisories indicate fixes in iwd 2.16 and...

7.5CVSS7.9AI score0.00937EPSS
CVE
CVE
added 2024/05/13 10:24 a.m.6946 views

CVE-2024-27399

CVE-2024-27399 affects the Linux kernel Bluetooth stack (l2cap). It is caused by a race between l2cap_chan_timeout() and l2cap_chan_del(), where deleting a channel can set chan->conn to NULL but a dereference may occur in mutex_lock() inside l2cap_chan_timeout(), leading to a NULL pointer dere...

5.5CVSS6.1AI score0.00301EPSS
CVE
CVE
added 2024/02/21 3:14 a.m.6936 views

CVE-2024-1674

CVE-2024-1674 is a Chrome/Chromium vulnerability: an inappropriate Navigation implementation allowed remote bypass of navigation restrictions via a crafted HTML page. Affected product is Google Chrome (Chromium core); vulnerable builds prior to 122.0.6261.57. Impact described as navigation bypass...

8.8CVSS4.8AI score0.00786EPSS
CVE
CVE
added 2024/02/21 3:14 a.m.6933 views

CVE-2024-1675

CVE-2024-1675 affects Google Chrome/Chromium prior to version 122.0.6261.57. The vulnerability stems from insufficient policy enforcement in the Chrome Download pathway, enabling a remote attacker to bypass filesystem restrictions via a crafted HTML page. The issue is categorized as high severity...

8.8CVSS4.8AI score0.10423EPSS
CVE
CVE
added 2021/12/10 12:0 a.m.6926 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2021/09/16 2:40 p.m.6655 views

CVE-2021-39275

CVE-2021-39275 affects Apache HTTP Server (httpd) up to 2.4.48 and earlier. The issue is an out-of-bounds write in ap_escape_quotes() when given malicious input, potentially crashing the server or enabling code execution in some environments. Several connected sources concur this vulnerability ex...

9.8CVSS9.3AI score0.36339EPSS
CVE
CVE
added 2021/06/01 12:28 p.m.6343 views

CVE-2021-23017

CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...

7.7CVSS6.3AI score0.53461EPSS
CVE
CVE
added 2024/02/21 3:14 a.m.6293 views

CVE-2024-1676

CVE-2024-1676 affects Google Chrome (Chromium core) prior to 122.0.6261.57. The vulnerability arises from an inappropriate implementation in Navigation, enabling a remote attacker to spoof the security UI via a crafted HTML page. According to the reports, the CVSS data show a network attack vecto...

9.8CVSS4.7AI score0.18552EPSS
CVE
CVE
added 2024/02/21 6:41 a.m.6264 views

CVE-2023-42843

CVE-2023-42843 is described as an inconsistent UI issue leading to address bar spoofing. Connected advisories confirm affected WebKitGTK/WebKitGTK4 components across Debian (webkit2gtk), AlmaLinux (webk­­itgtk4), Fedora (webkit2gtk4.0), and Amazon Linux 2 (webkitgtk4) with fixes in package update...

7.5CVSS5.2AI score0.0086EPSS
CVE
CVE
added 2024/02/21 3:14 a.m.6206 views

CVE-2024-1669

CVE-2024-1669 affects Blink in Google Chrome and is fixed by upgrading to Chrome 122.0.6261.57. The vulnerability is an out-of-bounds memory access in Blink that could be triggered by a crafted HTML page, allowing a remote attacker to access memory. The CVE is documented with a high severity in t...

8.8CVSS5.1AI score0.00953EPSS
CVE
CVE
added 2024/05/01 5:29 a.m.5963 views

CVE-2024-27008

CVE-2024-27008 is confirmed in the connected MiracleLinux advisories as a Linux kernel vulnerability affecting the drm nv04 driver. Description: when Output Resource (dcb->or) is assigned in fabricate_dcb_output(), there can be an out-of-bounds access to the dac_users array if dcb->or is ze...

7.8CVSS6.2AI score0.00293EPSS
CVE
CVE
added 2024/02/26 12:0 a.m.5911 views

CVE-2024-25082

FontForge (through 20230101) is affected by CVE-2024-25081 and CVE-2024-25082, allowing shell command injection via specially crafted filenames or archives/compressed files. Public advisories from Debian (DSA-5641-1), AlmaLinux (ALSA-2024-2495 / ALSA-2024-565), and Amazon Linux (ALAS2024-2495 / A...

6.5CVSS8.7AI score0.0187EPSS
Web
CVE
CVE
added 2020/04/01 11:8 p.m.5903 views

CVE-2020-1927

CVE-2020-1927 affects Apache HTTP Server 2.4.0–2.4.41, where mod_rewrite redirects intended to be self-referential could be fooled by encoded newlines and redirect to an unexpected URL within the request. Multiple connected advisories confirm the issue and indicate that fixes were released in Apa...

6.1CVSS6.7AI score0.56691EPSS
CVE
CVE
added 2019/08/13 8:50 p.m.5804 views

CVE-2019-9513

CVE-2019-9513 (and related HTTP/2 CVEs) affect nginx and nghttp2. The issues enable denial of service via HTTP/2 resource loops and priority/window manipulation, causing high CPU/memory usage. nginx 1.16.x and nghttp2 are specifically named in advisories; remediation is upgrading to fixed package...

7.8CVSS7.7AI score0.82017EPSS
CVE
CVE
added 2024/04/10 12:7 p.m.5568 views

CVE-2024-31309

CVE-2024-31309 affects Apache Traffic Server (ATS) HTTP/2 CONTINUATION handling. A DoS can occur due to CONTINUATION frame floods, impacting ATS 8.0.0–8.1.9 and 9.0.0–9.2.3. Upstream fixes are in 8.1.10 and 9.2.4. Practical mitigation includes setting proxy.config.http2.max_continuation_frames_pe...

7.5CVSS7.5AI score0.94615EPSS
CVE
CVE
added 2020/04/01 7:22 p.m.5491 views

CVE-2020-1934

CVE-2020-1934 affects Apache HTTP Server 2.4.0–2.4.41 via mod_proxy_ftp, which may use uninitialized memory when proxying to a malicious FTP backend. Public advisories confirm the fixes in Apache HTTP Server 2.4.43+ (e.g., ALAS-2020-1370/ALAS2-2020-1427), so upgrading to 2.4.43 or newer is the re...

5.3CVSS6AI score0.51951EPSS
In wild
CVE
CVE
added 2023/10/10 12:0 a.m.5330 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wild
CVE
CVE
added 2019/08/13 8:50 p.m.5318 views

CVE-2019-9517

CVE-2019-9517 describes an attack against some HTTP/2 implementations where unconstrained internal data buffering can cause a denial of service. The vulnerability arises when an attacker floods a connection with a large number of requests for a large response object while manipulating HTTP/2 flow...

7.8CVSS7.7AI score0.27004EPSS
CVE
CVE
added 2023/12/18 12:0 a.m.4961 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.93305EPSS
CVE
CVE
added 2024/04/04 7:19 p.m.4950 views

CVE-2023-38709

CVE-2023-38709 describes HTTP response splitting in the core of Apache HTTP Server caused by faulty input validation. It affects Apache HTTP Server up to version 2.4.58; multiple advisories (e.g., Astra Linux, AlmaLinux, Alpine Linux) note that upgrading to 2.4.64 fixes the issue. Some sources in...

7.3CVSS7.1AI score0.03914EPSS
CVE
CVE
added 2019/01/31 12:0 a.m.4876 views

CVE-2019-6109

OpenSSH 7.9 contains CVE-2019-6109: missing character encoding in the progress display allows a malicious server/MITM to spoof scp client output by crafting object names (refresh_progress_meter in progressmeter.c). The vulnerability can enable spoofing of file transfer output; related issues incl...

6.8CVSS6.7AI score0.03807EPSS
In wild
CVE
CVE
added 2019/10/28 2:19 p.m.4763 views

CVE-2019-11043

CVE-2019-11043 affects PHP in FPM configurations where known underflow in env_path_info in fpm_main.c allows writing past buffers, enabling remote code execution. Affected versions are PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, and 7.3.x

9.8CVSS9.6AI score0.9947EPSS
In wildWeb
CVE
CVE
added 2021/01/26 12:0 a.m.4743 views

CVE-2021-3156

CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...

7.8CVSS8.3AI score0.99295EPSS
In wild
Total number of security vulnerabilities5353