Lucene search

K
FedoraprojectFedora

5299 matches found

CVE
CVE
added 2021/10/05 6:15 p.m.983 views

CVE-2021-39226

Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuratio...

9.8CVSS8.4AI score0.94344EPSS
CVE
CVE
added 2022/05/24 3:15 p.m.977 views

CVE-2022-29217

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can sp...

7.5CVSS6.7AI score0.00446EPSS
CVE
CVE
added 2020/04/23 3:15 p.m.962 views

CVE-2020-11945

An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if...

9.8CVSS9.7AI score0.38376EPSS
CVE
CVE
added 2021/03/09 8:15 p.m.961 views

CVE-2021-21300

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive fil...

8CVSS7.7AI score0.70789EPSS
CVE
CVE
added 2022/11/01 6:15 p.m.961 views

CVE-2022-3786

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verificat...

7.5CVSS8.1AI score0.22051EPSS
CVE
CVE
added 2023/01/12 3:15 p.m.959 views

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with ...

6.5CVSS6.7AI score0.00501EPSS
CVE
CVE
added 2022/02/21 3:15 p.m.957 views

CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and w...

9CVSS8.9AI score0.24407EPSS
CVE
CVE
added 2023/04/19 4:15 a.m.956 views

CVE-2023-2136

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS8.2AI score0.00392EPSS
CVE
CVE
added 2023/05/26 6:15 p.m.956 views

CVE-2023-32681

Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuild_proxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent thro...

6.1CVSS6.8AI score0.06121EPSS
CVE
CVE
added 2020/06/15 2:15 p.m.945 views

CVE-2020-0543

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5CVSS6.3AI score0.00533EPSS
CVE
CVE
added 2022/03/04 7:15 p.m.945 views

CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

7.5CVSS7.6AI score0.00122EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.937 views

CVE-2022-0546

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.

7.8CVSS7.8AI score0.00386EPSS
CVE
CVE
added 2019/03/23 6:29 p.m.936 views

CVE-2019-9948

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

9.1CVSS9.4AI score0.01118EPSS
CVE
CVE
added 2021/06/07 8:15 p.m.931 views

CVE-2021-30533

Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.

6.5CVSS6.5AI score0.06446EPSS
CVE
CVE
added 2022/09/26 4:15 p.m.928 views

CVE-2022-2856

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.

6.5CVSS6.6AI score0.03079EPSS
CVE
CVE
added 2021/12/23 9:15 p.m.922 views

CVE-2021-3621

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threa...

9.3CVSS8.8AI score0.00276EPSS
CVE
CVE
added 2021/06/15 10:15 p.m.919 views

CVE-2021-30547

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8CVSS5.9AI score0.00639EPSS
CVE
CVE
added 2024/06/09 8:15 p.m.910 views

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misin...

9.8CVSS9.3AI score0.94365EPSS
CVE
CVE
added 2020/11/19 7:15 p.m.908 views

CVE-2020-28949

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

7.8CVSS7.7AI score0.92731EPSS
CVE
CVE
added 2022/02/16 11:15 p.m.905 views

CVE-2022-25271

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critica...

7.5CVSS7.2AI score0.00223EPSS
CVE
CVE
added 2023/09/28 4:15 p.m.884 views

CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS9.2AI score0.01679EPSS
CVE
CVE
added 2023/03/23 9:15 p.m.880 views

CVE-2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

6.5CVSS6.3AI score0.00148EPSS
CVE
CVE
added 2022/09/20 11:15 p.m.878 views

CVE-2022-35957

Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All inst...

6.6CVSS7.2AI score0.00748EPSS
CVE
CVE
added 2009/07/10 3:30 p.m.873 views

CVE-2009-1891

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

7.1CVSS7.3AI score0.14811EPSS
CVE
CVE
added 2022/08/06 6:15 p.m.871 views

CVE-2022-37451

Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.

7.5CVSS7.5AI score0.02123EPSS
CVE
CVE
added 2019/06/07 6:29 p.m.870 views

CVE-2019-10160

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. Wh...

9.8CVSS9.7AI score0.09135EPSS
CVE
CVE
added 2018/12/23 11:29 p.m.857 views

CVE-2018-20406

Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of...

7.5CVSS8.1AI score0.01206EPSS
CVE
CVE
added 2021/01/20 4:15 p.m.854 views

CVE-2020-25684

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query...

4.3CVSS6AI score0.00556EPSS
CVE
CVE
added 2023/06/13 5:15 p.m.854 views

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

3.9CVSS5.1AI score0.00558EPSS
CVE
CVE
added 2022/09/28 11:15 p.m.849 views

CVE-2022-31629

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications.

6.5CVSS7.2AI score0.24317EPSS
CVE
CVE
added 2022/06/09 5:15 p.m.848 views

CVE-2022-30522

If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.

7.5CVSS8.7AI score0.14821EPSS
CVE
CVE
added 2014/10/15 12:55 a.m.842 views

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

4.3CVSS4.4AI score0.9413EPSS
CVE
CVE
added 2021/12/28 8:15 p.m.842 views

CVE-2021-44832

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is ...

8.5CVSS8.4AI score0.53591EPSS
CVE
CVE
added 2021/05/12 2:15 p.m.839 views

CVE-2021-20277

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

7.5CVSS7.5AI score0.11529EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.837 views

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

8.5CVSS8.1AI score0.00154EPSS
CVE
CVE
added 2019/08/20 9:15 p.m.835 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00321EPSS
CVE
CVE
added 2019/07/11 7:15 p.m.835 views

CVE-2019-12525

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends wi...

9.8CVSS9.2AI score0.46527EPSS
CVE
CVE
added 2020/05/19 2:15 p.m.834 views

CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

7.5CVSS7.2AI score0.92345EPSS
CVE
CVE
added 2022/02/15 4:15 p.m.828 views

CVE-2022-21698

client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and ...

7.5CVSS8.8AI score0.00265EPSS
CVE
CVE
added 2023/02/03 6:15 a.m.818 views

CVE-2023-25136

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-p...

6.5CVSS6.8AI score0.90014EPSS
CVE
CVE
added 2021/05/05 2:15 p.m.814 views

CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...

6.8CVSS6.8AI score0.00341EPSS
CVE
CVE
added 2021/02/22 10:15 p.m.814 views

CVE-2021-21157

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.01551EPSS
CVE
CVE
added 2021/12/30 10:15 p.m.808 views

CVE-2021-4183

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

5.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2019/02/27 11:29 p.m.793 views

CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is receiv...

5.9CVSS6.3AI score0.06225EPSS
CVE
CVE
added 2020/06/17 10:15 p.m.793 views

CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry ...

4.9CVSS5.3AI score0.09969EPSS
CVE
CVE
added 2020/07/15 6:15 p.m.792 views

CVE-2020-15117

In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was verified that this issue does not cause a crash through the exception handler if the availab...

6.5CVSS6.2AI score0.00494EPSS
CVE
CVE
added 2020/02/04 8:15 p.m.790 views

CVE-2020-8450

An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.

7.5CVSS7.5AI score0.41291EPSS
CVE
CVE
added 2020/09/27 4:15 a.m.784 views

CVE-2020-26116

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

7.2CVSS7.3AI score0.00579EPSS
CVE
CVE
added 2022/03/10 5:42 p.m.783 views

CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is s...

6.5CVSS7.1AI score0.0037EPSS
CVE
CVE
added 2021/04/29 1:15 a.m.780 views

CVE-2021-25215

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query ...

7.5CVSS6.6AI score0.0214EPSS
Total number of security vulnerabilities5299