Lucene search

K
FedoraprojectFedora

5315 matches found

CVE
CVE
added 2020/04/21 2:15 p.m.680 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.67225EPSS
Web
CVE
CVE
added 2022/09/28 11:15 p.m.680 views

CVE-2022-31628

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

5.5CVSS6.4AI score0.00031EPSS
CVE
CVE
added 2020/07/09 3:15 p.m.679 views

CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret...

4.4CVSS5.8AI score0.00025EPSS
CVE
CVE
added 2022/10/12 11:15 p.m.675 views

CVE-2022-3171

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-fo...

7.5CVSS6.1AI score0.00064EPSS
CVE
CVE
added 2022/07/06 6:15 p.m.674 views

CVE-2022-31129

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has qua...

7.5CVSS7.8AI score0.03437EPSS
In wild
CVE
CVE
added 2023/08/11 6:15 a.m.672 views

CVE-2023-3823

In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appr...

8.6CVSS8.6AI score0.00092EPSS
CVE
CVE
added 2020/07/07 2:15 p.m.671 views

CVE-2020-10745

A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulne...

7.8CVSS7.1AI score0.16334EPSS
CVE
CVE
added 2020/06/03 11:15 p.m.671 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes th...

7.5CVSS6.5AI score0.00566EPSS
CVE
CVE
added 2022/09/21 11:15 a.m.668 views

CVE-2022-2795

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

5.3CVSS6.5AI score0.00375EPSS
CVE
CVE
added 2019/09/24 6:15 a.m.666 views

CVE-2019-16746

An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.

9.8CVSS9.1AI score0.02247EPSS
CVE
CVE
added 2024/03/13 4:15 p.m.665 views

CVE-2024-23672

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0...

6.3CVSS7.2AI score0.00577EPSS
CVE
CVE
added 2021/04/29 1:15 a.m.663 views

CVE-2021-25214

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of na...

6.5CVSS6.6AI score0.00482EPSS
CVE
CVE
added 2023/08/15 4:15 p.m.663 views

CVE-2023-32006

The use of module.constructor.createRequire() can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...

8.8CVSS9.1AI score0.00053EPSS
CVE
CVE
added 2021/01/20 3:15 p.m.662 views

CVE-2021-2011

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Suc...

7.1CVSS5.5AI score0.00512EPSS
CVE
CVE
added 2023/09/21 7:15 p.m.660 views

CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

8.8CVSS8.8AI score0.08736EPSS
In wild
CVE
CVE
added 2019/05/30 4:29 p.m.658 views

CVE-2018-12126

Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www....

5.6CVSS5.9AI score0.00432EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.655 views

CVE-2020-2752

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise ...

5.3CVSS6AI score0.00238EPSS
CVE
CVE
added 2021/06/15 9:15 a.m.655 views

CVE-2021-31618

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating wh...

7.5CVSS7.7AI score0.12644EPSS
In wild
CVE
CVE
added 2020/03/06 3:15 p.m.652 views

CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

10CVSS9.9AI score0.11181EPSS
CVE
CVE
added 2021/05/27 1:15 p.m.646 views

CVE-2021-31525

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.

5.9CVSS5.9AI score0.0001EPSS
CVE
CVE
added 2020/10/06 1:15 p.m.644 views

CVE-2020-25613

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poo...

7.5CVSS7.7AI score0.00224EPSS
CVE
CVE
added 2022/09/26 4:15 p.m.643 views

CVE-2022-3038

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.80787EPSS
In wild
CVE
CVE
added 2021/11/01 4:15 a.m.642 views

CVE-2021-42574

An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and i...

8.3CVSS8.4AI score0.21803EPSS
In wild
CVE
CVE
added 2023/05/25 11:15 p.m.641 views

CVE-2023-32067

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shu...

7.5CVSS7.6AI score0.00323EPSS
CVE
CVE
added 2020/12/28 8:15 p.m.633 views

CVE-2020-35730

An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.

6.1CVSS6.1AI score0.61937EPSS
In wild
CVE
CVE
added 2020/08/21 9:15 p.m.633 views

CVE-2020-8622

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated respons...

6.5CVSS7.2AI score0.00345EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.631 views

CVE-2024-4058

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

9CVSS8.4AI score0.0582EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.630 views

CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

5.9CVSS7AI score0.19467EPSS
CVE
CVE
added 2019/09/06 6:15 p.m.628 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers ...

7.5CVSS6.7AI score0.00829EPSS
CVE
CVE
added 2019/07/23 11:15 p.m.628 views

CVE-2019-2740

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to co...

6.5CVSS6.3AI score0.00477EPSS
CVE
CVE
added 2021/10/26 3:15 p.m.628 views

CVE-2021-41182

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the altField option is now trea...

6.5CVSS6.4AI score0.26482EPSS
CVE
CVE
added 2023/07/25 9:15 p.m.627 views

CVE-2023-37920

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by...

9.8CVSS9AI score0.00112EPSS
CVE
CVE
added 2019/06/19 12:15 a.m.626 views

CVE-2019-11038

When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized var...

5.3CVSS5.5AI score0.06012EPSS
CVE
CVE
added 2019/12/23 3:15 a.m.626 views

CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure...

6.5CVSS7.1AI score0.01611EPSS
CVE
CVE
added 2021/11/19 4:15 a.m.623 views

CVE-2021-44026

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.

9.8CVSS9.6AI score0.6813EPSS
In wild
CVE
CVE
added 2022/02/18 6:15 p.m.618 views

CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.

5.9CVSS7.2AI score0.00604EPSS
CVE
CVE
added 2019/09/16 7:15 p.m.618 views

CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

9.8CVSS9.7AI score0.10791EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.617 views

CVE-2019-2974

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to c...

6.5CVSS6.3AI score0.00308EPSS
CVE
CVE
added 2023/08/15 4:15 p.m.617 views

CVE-2023-32004

A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the ...

8.8CVSS8.8AI score0.00063EPSS
CVE
CVE
added 2022/02/24 3:15 p.m.614 views

CVE-2022-24407

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

8.8CVSS9.1AI score0.00638EPSS
CVE
CVE
added 2022/02/16 1:15 a.m.614 views

CVE-2022-25235

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

9.8CVSS9.6AI score0.13322EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.613 views

CVE-2020-2760

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succ...

5.5CVSS5.6AI score0.00098EPSS
CVE
CVE
added 2024/06/09 7:15 p.m.612 views

CVE-2024-5458

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs...

5.3CVSS5.9AI score0.0188EPSS
Web
CVE
CVE
added 2022/03/18 7:15 a.m.610 views

CVE-2022-27191

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.

7.5CVSS9.3AI score0.00072EPSS
CVE
CVE
added 2021/04/05 10:15 p.m.603 views

CVE-2021-20305

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw all...

8.1CVSS6.7AI score0.0008EPSS
CVE
CVE
added 2019/10/17 6:15 p.m.602 views

CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo...

9CVSS8.7AI score0.84563EPSS
Web
CVE
CVE
added 2024/02/29 8:15 p.m.599 views

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.

5.5CVSS5.2AI score0.00222EPSS
CVE
CVE
added 2022/01/26 2:15 p.m.598 views

CVE-2021-22570

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to versi...

6.5CVSS6.5AI score0.00121EPSS
CVE
CVE
added 2022/07/19 6:15 p.m.597 views

CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or ...

7.5CVSS8.2AI score0.1168EPSS
Web
CVE
CVE
added 2018/07/06 2:29 p.m.596 views

CVE-2018-13405

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...

7.8CVSS6.5AI score0.0017EPSS
Total number of security vulnerabilities5315