Lucene search

K
FedoraprojectFedora

5307 matches found

CVE
CVE
added 2023/11/03 5:15 a.m.193 views

CVE-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and ...

7.5CVSS6.8AI score0.02811EPSS
CVE
CVE
added 2022/09/03 4:15 p.m.192 views

CVE-2022-3099

Use After Free in GitHub repository vim/vim prior to 9.0.0360.

7.8CVSS7.7AI score0.00054EPSS
CVE
CVE
added 2023/11/01 6:15 p.m.192 views

CVE-2023-5849

Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.5AI score0.00557EPSS
CVE
CVE
added 2019/11/21 9:15 p.m.191 views

CVE-2019-19204

An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.

7.5CVSS8.4AI score0.11189EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.191 views

CVE-2019-5767

Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.

6.5CVSS5.8AI score0.00488EPSS
CVE
CVE
added 2020/09/11 4:15 p.m.191 views

CVE-2020-15169

In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the t and translate helpers could be susceptible to XSS attacks. When an HTML-...

6.1CVSS5.7AI score0.0115EPSS
CVE
CVE
added 2020/03/16 4:15 p.m.191 views

CVE-2020-1735

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.

4.6CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2020/11/02 9:15 p.m.191 views

CVE-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.

9.8CVSS9.3AI score0.04829EPSS
CVE
CVE
added 2020/11/19 8:15 p.m.191 views

CVE-2020-28924

An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on the time the second rclone was started. This limits...

7.5CVSS7.3AI score0.00257EPSS
CVE
CVE
added 2020/09/21 8:15 p.m.191 views

CVE-2020-6537

Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.5AI score0.01766EPSS
CVE
CVE
added 2020/09/21 8:15 p.m.191 views

CVE-2020-6549

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS8.8AI score0.17688EPSS
CVE
CVE
added 2020/09/21 8:15 p.m.191 views

CVE-2020-6560

Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.01047EPSS
CVE
CVE
added 2021/04/26 5:15 p.m.191 views

CVE-2021-21226

Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.2AI score0.01347EPSS
CVE
CVE
added 2021/09/03 8:15 p.m.191 views

CVE-2021-30612

Chromium: CVE-2021-30612 Use after free in WebRTC

8.8CVSS8.2AI score0.00393EPSS
CVE
CVE
added 2021/02/23 11:15 p.m.191 views

CVE-2021-3410

A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.

7.8CVSS7.8AI score0.00298EPSS
CVE
CVE
added 2022/03/11 6:15 p.m.191 views

CVE-2022-0924

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

5.5CVSS5.9AI score0.0007EPSS
CVE
CVE
added 2024/04/16 8:15 p.m.191 views

CVE-2022-24805

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a...

8.8CVSS6.6AI score0.00406EPSS
CVE
CVE
added 2022/09/22 1:15 p.m.191 views

CVE-2022-3256

Use After Free in GitHub repository vim/vim prior to 9.0.0530.

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2023/03/03 4:15 p.m.191 views

CVE-2022-4645

LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.

6.8CVSS5.2AI score0.0001EPSS
CVE
CVE
added 2010/11/26 8:0 p.m.190 views

CVE-2010-3705

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.

8.3CVSS5.8AI score0.01215EPSS
CVE
CVE
added 2019/03/27 6:29 p.m.190 views

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

7.5CVSS6.2AI score0.04071EPSS
CVE
CVE
added 2020/11/03 3:15 a.m.190 views

CVE-2020-15991

Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

8.8CVSS8.8AI score0.01427EPSS
CVE
CVE
added 2020/03/16 4:15 p.m.190 views

CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the...

4.7CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2020/04/13 1:15 p.m.190 views

CVE-2020-1759

A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reu...

6.8CVSS6.5AI score0.00412EPSS
CVE
CVE
added 2020/09/02 5:15 p.m.190 views

CVE-2020-24654

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

4.3CVSS3.5AI score0.00516EPSS
CVE
CVE
added 2020/04/13 6:15 p.m.190 views

CVE-2020-6442

Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3CVSS4.7AI score0.01095EPSS
CVE
CVE
added 2020/09/21 8:15 p.m.190 views

CVE-2020-6564

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.

6.5CVSS6.1AI score0.00625EPSS
CVE
CVE
added 2021/02/22 10:15 p.m.190 views

CVE-2021-21155

Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.1AI score0.00853EPSS
CVE
CVE
added 2021/03/09 6:15 p.m.190 views

CVE-2021-21185

Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.

4.3CVSS4.9AI score0.00607EPSS
CVE
CVE
added 2021/03/09 6:15 p.m.190 views

CVE-2021-21190

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

8.8CVSS7.6AI score0.01249EPSS
CVE
CVE
added 2021/06/28 12:15 p.m.190 views

CVE-2021-29157

Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

7.5CVSS5.5AI score0.00105EPSS
CVE
CVE
added 2021/06/07 8:15 p.m.190 views

CVE-2021-30540

Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5CVSS6.4AI score0.00419EPSS
CVE
CVE
added 2021/08/03 8:15 p.m.190 views

CVE-2021-30575

Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.00805EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.190 views

CVE-2021-30934

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

9.3CVSS8.6AI score0.01392EPSS
CVE
CVE
added 2021/07/01 3:15 a.m.190 views

CVE-2021-36087

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.

3.3CVSS4.1AI score0.0002EPSS
CVE
CVE
added 2021/11/15 9:15 p.m.190 views

CVE-2021-42385

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

7.2CVSS7.2AI score0.0018EPSS
CVE
CVE
added 2022/07/28 1:15 a.m.190 views

CVE-2022-2011

Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.00453EPSS
CVE
CVE
added 2022/08/12 8:15 p.m.190 views

CVE-2022-2604

Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00419EPSS
CVE
CVE
added 2022/09/21 11:15 a.m.190 views

CVE-2022-3080

By sending specific queries to the resolver, an attacker can cause named to crash.

7.5CVSS7.5AI score0.00084EPSS
CVE
CVE
added 2020/06/22 10:15 p.m.189 views

CVE-2020-11099

In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.

6.5CVSS5AI score0.00154EPSS
CVE
CVE
added 2020/06/12 4:15 p.m.189 views

CVE-2020-4050

In affected versions of WordPress, misuse of the set-screen-option filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in ve...

6CVSS5.2AI score0.01821EPSS
CVE
CVE
added 2020/07/22 5:15 p.m.189 views

CVE-2020-6518

Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS9AI score0.0307EPSS
CVE
CVE
added 2020/09/21 8:15 p.m.189 views

CVE-2020-6543

Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01036EPSS
CVE
CVE
added 2020/11/03 3:15 a.m.189 views

CVE-2020-6557

Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5CVSS6.3AI score0.00817EPSS
CVE
CVE
added 2020/07/02 7:15 p.m.189 views

CVE-2020-8185

A denial of service vulnerability exists in Rails

6.5CVSS6.2AI score0.01071EPSS
CVE
CVE
added 2020/02/27 11:15 p.m.189 views

CVE-2020-9431

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

7.5CVSS7.1AI score0.04397EPSS
CVE
CVE
added 2023/03/06 11:15 p.m.189 views

CVE-2021-20251

A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.

5.9CVSS5.6AI score0.00215EPSS
CVE
CVE
added 2021/03/09 6:15 p.m.189 views

CVE-2021-21161

Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.01688EPSS
CVE
CVE
added 2021/08/26 6:15 p.m.189 views

CVE-2021-30601

Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00247EPSS
CVE
CVE
added 2021/02/02 7:15 a.m.189 views

CVE-2021-3281

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments.

5.3CVSS5.4AI score0.33479EPSS
Total number of security vulnerabilities5307