Lucene search

K
FedoraprojectFedora

5315 matches found

CVE
CVE
added 2022/08/02 3:15 p.m.596 views

CVE-2022-29154

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A mali...

7.4CVSS7.7AI score0.00349EPSS
In wild
CVE
CVE
added 2019/12/10 10:15 p.m.594 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.05858EPSS
CVE
CVE
added 2019/05/30 4:29 p.m.594 views

CVE-2019-8457

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

9.8CVSS9.3AI score0.25131EPSS
CVE
CVE
added 2019/09/09 5:15 p.m.593 views

CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

6.5CVSS7AI score0.00863EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.592 views

CVE-2019-2614

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple prot...

4.4CVSS4.7AI score0.00138EPSS
CVE
CVE
added 2023/03/31 4:15 a.m.592 views

CVE-2023-28755

A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.

5.3CVSS5.9AI score0.00452EPSS
CVE
CVE
added 2023/10/18 4:15 a.m.590 views

CVE-2023-38552

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check.Impacts:This vulnerability affects all users us...

7.5CVSS7.3AI score0.00137EPSS
CVE
CVE
added 2019/07/10 7:15 p.m.589 views

CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due t...

9.8CVSS9.6AI score0.26587EPSS
CVE
CVE
added 2020/11/06 8:15 a.m.588 views

CVE-2020-28196

MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

7.5CVSS7.6AI score0.00278EPSS
CVE
CVE
added 2021/01/20 3:15 p.m.588 views

CVE-2021-2022

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

6.3CVSS4.5AI score0.00351EPSS
CVE
CVE
added 2021/03/29 2:15 p.m.588 views

CVE-2021-23358

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

7.2CVSS5.6AI score0.00968EPSS
CVE
CVE
added 2023/08/15 4:15 p.m.588 views

CVE-2023-32003

fs.mkdtemp() and fs.mkdtempSync() can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the exp...

5.3CVSS6.9AI score0.00046EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.586 views

CVE-2022-39253

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone a...

5.5CVSS6.5AI score0.03252EPSS
CVE
CVE
added 2020/08/31 6:15 p.m.585 views

CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to...

5CVSS6.6AI score0.11636EPSS
CVE
CVE
added 2020/01/21 11:15 p.m.585 views

CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

7.5CVSS7.6AI score0.00479EPSS
CVE
CVE
added 2022/09/06 6:15 p.m.584 views

CVE-2022-27664

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

7.5CVSS7.7AI score0.00128EPSS
CVE
CVE
added 2021/05/27 1:15 p.m.583 views

CVE-2021-31535

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allow...

9.8CVSS7.7AI score0.02601EPSS
CVE
CVE
added 2023/08/23 12:15 a.m.583 views

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.07638EPSS
Web
CVE
CVE
added 2023/04/25 9:15 p.m.581 views

CVE-2023-29007

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that are longer than 1024 characters can used to exploit a bug in config.c::git_config_copy_or_ren...

7.8CVSS7.8AI score0.01423EPSS
Web
CVE
CVE
added 2022/12/08 8:15 p.m.580 views

CVE-2022-41717

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate a...

5.3CVSS6.8AI score0.00413EPSS
CVE
CVE
added 2019/10/21 5:15 a.m.579 views

CVE-2019-18218

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

7.8CVSS8AI score0.00216EPSS
CVE
CVE
added 2023/09/18 5:15 p.m.579 views

CVE-2023-4806

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nss _gethostbyname2_r and nss _getcanonname_r hooks without implementing...

5.9CVSS6.8AI score0.01106EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.578 views

CVE-2020-2812

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protoc...

4.9CVSS5.2AI score0.00115EPSS
CVE
CVE
added 2018/09/25 12:29 a.m.577 views

CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming la...

7.5CVSS7.5AI score0.01909EPSS
CVE
CVE
added 2023/06/06 12:15 p.m.577 views

CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

6.5CVSS6.5AI score0.00119EPSS
CVE
CVE
added 2024/04/17 8:15 a.m.577 views

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.2AI score0.02577EPSS
CVE
CVE
added 2022/10/29 2:15 a.m.576 views

CVE-2022-42916

In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host nam...

7.5CVSS8.3AI score0.00049EPSS
CVE
CVE
added 2023/11/03 8:15 a.m.576 views

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS7AI score0.00438EPSS
CVE
CVE
added 2022/03/03 7:15 p.m.575 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

7.8CVSS8AI score0.07461EPSS
Web
CVE
CVE
added 2023/12/08 6:15 a.m.574 views

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such acce...

6.3CVSS6.9AI score0.23924EPSS
Web
CVE
CVE
added 2021/07/15 2:15 p.m.572 views

CVE-2021-34558

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.

6.5CVSS7AI score0.01475EPSS
CVE
CVE
added 2019/06/03 7:29 p.m.571 views

CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

8.8CVSS9.1AI score0.00324EPSS
CVE
CVE
added 2021/10/05 9:15 a.m.570 views

CVE-2021-41524

While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.

7.5CVSS7.4AI score0.08615EPSS
CVE
CVE
added 2019/09/19 6:15 p.m.569 views

CVE-2019-14821

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->...

8.8CVSS9AI score0.00058EPSS
CVE
CVE
added 2020/05/15 6:15 p.m.569 views

CVE-2020-12888

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.3CVSS6AI score0.00028EPSS
CVE
CVE
added 2022/03/16 5:15 p.m.568 views

CVE-2022-24729

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser...

7.5CVSS6.7AI score0.0043EPSS
CVE
CVE
added 2020/06/04 4:15 p.m.566 views

CVE-2020-13692

PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.

7.7CVSS7.5AI score0.02469EPSS
CVE
CVE
added 2020/06/17 8:15 p.m.566 views

CVE-2020-14040

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trig...

7.5CVSS7.3AI score0.0002EPSS
CVE
CVE
added 2021/01/04 6:15 p.m.565 views

CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

7.1CVSS6.8AI score0.0068EPSS
CVE
CVE
added 2020/10/29 8:15 p.m.565 views

CVE-2020-14323

A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.

5.5CVSS5.9AI score0.00421EPSS
CVE
CVE
added 2021/03/30 9:15 p.m.564 views

CVE-2021-29650

An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf...

5.5CVSS6.1AI score0.00024EPSS
CVE
CVE
added 2019/03/21 9:29 p.m.562 views

CVE-2019-3855

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

9.3CVSS8.7AI score0.13214EPSS
CVE
CVE
added 2019/05/03 8:29 p.m.561 views

CVE-2019-11036

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.

9.1CVSS7AI score0.00903EPSS
CVE
CVE
added 2021/05/12 3:15 p.m.561 views

CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.

7.5CVSS7.5AI score0.07171EPSS
CVE
CVE
added 2021/05/14 8:15 p.m.559 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS7AI score0.00127EPSS
In wild
CVE
CVE
added 2021/02/09 8:15 p.m.557 views

CVE-2021-26937

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

9.8CVSS9.6AI score0.02977EPSS
CVE
CVE
added 2019/09/17 4:15 p.m.556 views

CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migratio...

7.8CVSS8.3AI score0.00025EPSS
CVE
CVE
added 2019/11/26 4:15 a.m.555 views

CVE-2019-19270

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certifica...

7.5CVSS7.9AI score0.00185EPSS
CVE
CVE
added 2022/10/19 10:15 p.m.555 views

CVE-2022-41742

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might re...

7.1CVSS7AI score0.00074EPSS
CVE
CVE
added 2022/02/16 7:15 p.m.552 views

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.

9.8CVSS8.9AI score0.0048EPSS
Total number of security vulnerabilities5315