Lucene search

K

455 matches found

CVE
CVE
added 2024/02/27 2:15 a.m.8848 views

CVE-2024-25711

diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted.

7.5CVSS6.2AI score0.03162EPSS
CVE
CVE
added 2024/03/10 5:15 a.m.8286 views

CVE-2024-28757

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

7.5CVSS7.4AI score0.00474EPSS
CVE
CVE
added 2024/03/03 9:15 p.m.6946 views

CVE-2024-28084

p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails.

7.5CVSS7.9AI score0.00077EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.6875 views

CVE-2024-1674

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00012EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.6871 views

CVE-2024-1675

Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00065EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.6228 views

CVE-2024-1676

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS4.7AI score0.00186EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.6143 views

CVE-2024-1669

Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.1AI score0.00164EPSS
CVE
CVE
added 2024/04/10 12:15 p.m.5534 views

CVE-2024-31309

HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION fr...

7.5CVSS7.5AI score0.02807EPSS
CVE
CVE
added 2024/04/04 8:15 p.m.4718 views

CVE-2023-38709

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

7.3CVSS7.1AI score0.03698EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.4587 views

CVE-2024-1670

Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.00309EPSS
CVE
CVE
added 2024/02/27 3:15 p.m.4165 views

CVE-2024-27507

libLAS 1.8.1 contains a memory leak vulnerability in /libLAS/apps/ts2las.cpp.

7.5CVSS6.3AI score0.00066EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.3931 views

CVE-2024-1673

Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8CVSS5.9AI score0.0036EPSS
CVE
CVE
added 2024/02/21 4:15 a.m.3925 views

CVE-2024-1672

Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00042EPSS
CVE
CVE
added 2023/12/18 4:15 p.m.3851 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.67729EPSS
CVE
CVE
added 2024/05/22 4:15 p.m.3748 views

CVE-2024-5157

Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00724EPSS
CVE
CVE
added 2024/04/04 8:15 p.m.3719 views

CVE-2024-24795

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.

6.3CVSS7AI score0.01219EPSS
CVE
CVE
added 2024/02/29 2:15 a.m.3638 views

CVE-2024-22871

An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.

7.5CVSS6.2AI score0.00083EPSS
CVE
CVE
added 2023/10/11 10:15 p.m.3096 views

CVE-2023-39325

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new ...

7.5CVSS7.3AI score0.0015EPSS
CVE
CVE
added 2024/04/11 2:15 p.m.2987 views

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which ...

7CVSS6.3AI score0.03636EPSS
CVE
CVE
added 2024/05/07 6:15 p.m.2730 views

CVE-2024-34397

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based c...

5.2CVSS6.2AI score0.00085EPSS
CVE
CVE
added 2024/04/04 8:15 p.m.2473 views

CVE-2024-27316

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

7.5CVSS7.2AI score0.87872EPSS
CVE
CVE
added 2023/12/24 7:15 a.m.2396 views

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-lo...

7CVSS6.6AI score0.00012EPSS
CVE
CVE
added 2024/02/14 4:15 p.m.2321 views

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG ...

7.5CVSS7.7AI score0.37707EPSS
CVE
CVE
added 2024/04/17 8:15 a.m.2191 views

CVE-2024-3832

Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.2AI score0.03717EPSS
CVE
CVE
added 2012/05/11 10:15 a.m.1654 views

CVE-2012-1823

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

9.8CVSS9.9AI score0.94349EPSS
CVE
CVE
added 2024/04/17 6:15 p.m.1646 views

CVE-2024-3914

Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.4AI score0.00208EPSS
CVE
CVE
added 2023/09/12 3:15 p.m.1403 views

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS8.5AI score0.93949EPSS
CVE
CVE
added 2023/10/23 7:15 a.m.1320 views

CVE-2023-45802

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing ...

5.9CVSS8.3AI score0.9441EPSS
CVE
CVE
added 2023/10/03 6:15 p.m.1187 views

CVE-2023-4911

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS8.2AI score0.81669EPSS
CVE
CVE
added 2023/04/19 12:15 a.m.1077 views

CVE-2023-27043

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is gran...

5.3CVSS5.8AI score0.00117EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.989 views

CVE-2024-4368

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00332EPSS
CVE
CVE
added 2024/06/09 8:15 p.m.910 views

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misin...

9.8CVSS9.3AI score0.94365EPSS
CVE
CVE
added 2023/09/28 4:15 p.m.884 views

CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS9.2AI score0.01679EPSS
CVE
CVE
added 2023/06/13 5:15 p.m.854 views

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

3.9CVSS5.1AI score0.00558EPSS
CVE
CVE
added 2023/10/04 5:15 p.m.767 views

CVE-2023-43804

urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie header and unknowingly leak informati...

8.1CVSS8AI score0.00554EPSS
CVE
CVE
added 2023/09/18 5:15 p.m.761 views

CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data,...

6.5CVSS7.2AI score0.00105EPSS
CVE
CVE
added 2024/04/15 8:15 p.m.740 views

CVE-2024-31497

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. Th...

5.9CVSS5.9AI score0.22841EPSS
CVE
CVE
added 2023/11/03 1:15 p.m.738 views

CVE-2023-3961

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates o...

9.8CVSS9.3AI score0.01941EPSS
CVE
CVE
added 2023/08/23 12:15 a.m.729 views

CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

8.1CVSS7.6AI score0.00128EPSS
CVE
CVE
added 2023/10/18 4:15 a.m.719 views

CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings (see CVE-2023-30584) and Buffer objects (see CVE-2023-32004), but not through non-Buffer ...

9.8CVSS8.6AI score0.00375EPSS
CVE
CVE
added 2024/01/31 10:15 p.m.698 views

CVE-2024-21626

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem name...

8.6CVSS8.7AI score0.0331EPSS
CVE
CVE
added 2024/05/14 3:44 p.m.682 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.3AI score0.00373EPSS
CVE
CVE
added 2023/09/18 8:15 a.m.680 views

CVE-2023-43115

In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be spe...

8.8CVSS8.8AI score0.20058EPSS
CVE
CVE
added 2024/03/13 4:15 p.m.645 views

CVE-2024-23672

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0...

6.3CVSS7.2AI score0.00577EPSS
CVE
CVE
added 2023/09/21 7:15 p.m.638 views

CVE-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

8.8CVSS8.8AI score0.08736EPSS
CVE
CVE
added 2024/02/29 8:15 p.m.599 views

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::__shared_count() function at /bits/shared_ptr_base.h.

5.5CVSS5.2AI score0.0016EPSS
CVE
CVE
added 2023/08/23 12:15 a.m.576 views

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.07638EPSS
CVE
CVE
added 2023/11/03 8:15 a.m.574 views

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

6.5CVSS7AI score0.00438EPSS
CVE
CVE
added 2023/09/18 5:15 p.m.574 views

CVE-2023-4806

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nss _gethostbyname2_r and nss _getcanonname_r hooks without implementing...

5.9CVSS6.8AI score0.01076EPSS
CVE
CVE
added 2023/10/18 4:15 a.m.570 views

CVE-2023-38552

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check.Impacts:This vulnerability affects all users us...

7.5CVSS7.3AI score0.00137EPSS
Total number of security vulnerabilities455