Lucene search

K

1179 matches found

CVE
CVE
added 2021/09/26 7:15 p.m.16449 views

CVE-2021-41617

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with gr...

7CVSS7.5AI score0.01864EPSS
CVE
CVE
added 2021/03/05 9:15 p.m.12586 views

CVE-2021-28041

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.

7.1CVSS6.8AI score0.00275EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.9902 views

CVE-2022-23943

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

9.8CVSS9.2AI score0.64142EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.7625 views

CVE-2022-22720

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.8CVSS9.4AI score0.29926EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.7254 views

CVE-2021-26691

In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

9.8CVSS9.2AI score0.47495EPSS
CVE
CVE
added 2021/12/20 12:15 p.m.6743 views

CVE-2021-44790

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earl...

9.8CVSS9.9AI score0.86206EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.6374 views

CVE-2021-39275

ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.

9.8CVSS9.3AI score0.44803EPSS
CVE
CVE
added 2021/12/10 10:15 a.m.5828 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS
CVE
CVE
added 2021/06/01 1:15 p.m.5811 views

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

7.7CVSS6.3AI score0.79436EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.4453 views

CVE-2021-40438

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

9CVSS9.5AI score0.94443EPSS
CVE
CVE
added 2022/03/25 9:15 a.m.3078 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00085EPSS
CVE
CVE
added 2021/10/05 9:15 a.m.2563 views

CVE-2021-41773

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configur...

7.5CVSS9.2AI score0.94427EPSS
CVE
CVE
added 2021/12/20 12:15 p.m.2494 views

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forger...

8.2CVSS8.7AI score0.08392EPSS
CVE
CVE
added 2022/03/23 8:15 p.m.2487 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from...

7.4CVSS7.5AI score0.00375EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.2430 views

CVE-2020-35452

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make i...

7.3CVSS8.5AI score0.03741EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2344 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.1CVSS9.4AI score0.26907EPSS
CVE
CVE
added 2020/12/08 10:15 p.m.2111 views

CVE-2020-27918

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary cod...

7.8CVSS8.6AI score0.00164EPSS
CVE
CVE
added 2021/10/07 4:15 p.m.2062 views

CVE-2021-42013

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default co...

9.8CVSS9.4AI score0.94427EPSS
CVE
CVE
added 2022/03/14 11:15 a.m.2010 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

7.5CVSS8.7AI score0.27284EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1938 views

CVE-2021-26690

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

7.5CVSS8.6AI score0.68374EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.1879 views

CVE-2021-34798

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.

7.5CVSS8.8AI score0.10967EPSS
CVE
CVE
added 2022/02/24 3:15 p.m.1864 views

CVE-2021-25636

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to cre...

7.5CVSS6.7AI score0.00184EPSS
CVE
CVE
added 2021/05/20 1:15 p.m.1730 views

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to acces...

5.7CVSS5.6AI score0.00113EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1671 views

CVE-2019-17567

Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...

5.3CVSS7AI score0.05655EPSS
CVE
CVE
added 2021/04/08 11:15 p.m.1633 views

CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID...

4.3CVSS4.1AI score0.00042EPSS
CVE
CVE
added 2021/08/16 8:15 a.m.1629 views

CVE-2021-33193

A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.

7.5CVSS7.8AI score0.01229EPSS
CVE
CVE
added 2021/12/14 7:15 p.m.1603 views

CVE-2021-45046

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context L...

9CVSS9.7AI score0.94358EPSS
CVE
CVE
added 2020/10/22 3:16 a.m.1528 views

CVE-2020-27619

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

9.8CVSS9.6AI score0.00896EPSS
CVE
CVE
added 2021/10/25 6:15 a.m.1504 views

CVE-2021-21703

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the m...

7.8CVSS7.2AI score0.00094EPSS
CVE
CVE
added 2022/02/18 6:15 p.m.1467 views

CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could...

9CVSS7.5AI score0.00161EPSS
CVE
CVE
added 2021/04/23 6:15 p.m.1430 views

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

7.8CVSS8AI score0.93101EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.1413 views

CVE-2021-36160

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

7.5CVSS8.5AI score0.06954EPSS
CVE
CVE
added 2021/02/17 11:15 p.m.1365 views

CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gss...

8.1CVSS8.4AI score0.02085EPSS
CVE
CVE
added 2021/06/15 10:15 p.m.1317 views

CVE-2021-30551

Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.76294EPSS
CVE
CVE
added 2021/04/26 5:15 p.m.1285 views

CVE-2021-21224

Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.9AI score0.66739EPSS
CVE
CVE
added 2021/08/24 7:15 p.m.1242 views

CVE-2021-30858

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

8.8CVSS8.9AI score0.01324EPSS
CVE
CVE
added 2021/07/02 7:15 p.m.1240 views

CVE-2021-30554

Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.24629EPSS
CVE
CVE
added 2021/04/26 5:15 p.m.1233 views

CVE-2021-21220

Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.92805EPSS
CVE
CVE
added 2022/03/15 5:15 p.m.1214 views

CVE-2022-0778

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...

7.5CVSS7.8AI score0.06777EPSS
CVE
CVE
added 2021/04/26 5:15 p.m.1205 views

CVE-2021-21206

Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.12795EPSS
CVE
CVE
added 2021/03/09 6:15 p.m.1176 views

CVE-2021-21166

Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.41931EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1159 views

CVE-2021-30641

Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

5.3CVSS7.5AI score0.18342EPSS
CVE
CVE
added 2021/06/10 7:15 a.m.1153 views

CVE-2020-13950

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

7.5CVSS8.4AI score0.20337EPSS
CVE
CVE
added 2022/02/08 9:15 p.m.1138 views

CVE-2022-21703

Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows attackers to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana users (for example, Edito...

8.8CVSS7.3AI score0.01791EPSS
CVE
CVE
added 2021/11/23 10:15 p.m.1115 views

CVE-2021-38003

Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.764EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1107 views

CVE-2021-37975

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.2AI score0.56103EPSS
CVE
CVE
added 2021/10/08 10:15 p.m.1095 views

CVE-2021-37976

Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.5AI score0.11445EPSS
CVE
CVE
added 2022/02/08 9:15 p.m.1089 views

CVE-2022-21713

Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. /teams/:teamId will allow an authenticated attacker to view unintended data by querying for the specific team ID, /teams/:...

4.3CVSS6.2AI score0.00119EPSS
CVE
CVE
added 2021/11/23 10:15 p.m.1087 views

CVE-2021-38000

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.

6.1CVSS6.6AI score0.03375EPSS
CVE
CVE
added 2022/03/18 6:15 p.m.1065 views

CVE-2022-0547

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.

9.8CVSS9.3AI score0.00666EPSS
Total number of security vulnerabilities1179