CVE-2021-28041

The CVE refers to OpenSSH ssh-agent before 8.5, where a double-free vulnerability may be triggered in rare scenarios (unconstrained agent-socket access on legacy OS or forwarding to an attacker-controlled host). Affected component: ssh-agent in OpenSSH prior to 8.5. Root cause: double free descri...

CVE-2018-15919

CVE-2018-15919 affects OpenSSH up to version 7.8, where Remotely observable behaviour in auth-gss2.c could allow a remote attacker to enumerate existing usernames when GSS2 is used. The IBM/linked bulletin explicitly notes the discoverer’s statement that username enumeration is not treated as a v...

CVE-2017-15906

OpenSSH OpenSSH sftp-server.c contains a write-blocking flaw in readonly mode that can let an attacker create zero-length files. Specifically, the process_open function in sftp-server.c mishandles write operations when in read-only mode, affecting OpenSSH versions prior to 7.6. The vulnerability ...

CVE-2021-26691

CVE-2021-26691 affects Apache HTTP Server, where a crafted SessionHeader can cause a heap overflow in 2.4.0–2.4.46. Several connected advisories indicate that updates have been released (e.g., AlmaLinux/CentOS/Red Hat ecosystems) and that newer Apache HTTP Server versions (e.g., 2.4.51 in Check P...

CVE-2018-1312

CVE-2018-1312 affects Apache httpd 2.2.0–2.4.29 where nonce generation for HTTP Digest authentication was not seeded with a proper pseudo-random seed. This allowed replay across servers in a common Digest configuration. Public advisories (CentOS, Debian, Arch Linux, ALT Linux) fix confirmed in ve...

CVE-2021-44790

CVE-2021-44790 affects Apache HTTP Server up to version 2.4.51. It describes a buffer overflow in the mod_lua multipart parser (triggered via r:parsebody() from Lua scripts). Connected documents corroborate this in various advisories and patch notes, indicating releases with fixes (e.g., patched ...

CVE-2020-11023

The connected Astra Linux bulletin confirms CVE-2020-11023: in jQuery versions >= 1.0.3 and < 3.5.0, passing HTML containing elements from untrusted sources to DOM manipulation methods (e.g., .html(), .append()) may lead to untrusted code execution. Patch released in jQuery 3.5.0. Remediat...

CVE-2021-39275

CVE-2021-39275 affects Apache HTTP Server (httpd) up to 2.4.48 and earlier. The issue is an out-of-bounds write in ap_escape_quotes() when given malicious input, potentially crashing the server or enabling code execution in some environments. Several connected sources concur this vulnerability ex...

CVE-2018-20685

CVE-2018-20685 affects OpenSSH scp client: scp.c allows remote servers to bypass access restrictions via the filename "." or an empty filename, potentially enabling modification of the client-directory permissions. Multiple advisories confirm this vulnerability and fix paths: Arch Linux ASA-20190...

CVE-2018-15473

OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...

CVE-2019-16905

CVE-2019-16905 affects OpenSSH 7.7–7.9 and 8.x prior to 8.1 when built with the experimental XMSS key type. It describes a pre-authentication integer overflow in XMSS key parsing that can cause memory corruption and local code execution. The XMSS implementation is treated as experimental in all r...

CVE-2021-40438

CVE-2021-40438 is an SSRF flaw in Apache HTTP Server 2.4.x through older revisions where a crafted request URI path can cause mod_proxy to forward the request to an origin server chosen by the remote user. The issue affects Apache httpd 2.4.48 and earlier; the CVSSv3.1 base score is 9.0 (CRITICAL...

CVE-2021-3156

CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...

CVE-2019-20372

NGINX (on Amazon Linux 2) is affected by CVE-2019-20372 when configured with certain error_page settings, enabling HTTP request smuggling. The Amazon Linux 2 ALAS advisory ALAS2NGINX1-2023-004 confirms vulnerable 1.17.x/older configurations and provides patched packages: nginx 1.18.0 and related ...

CVE-2016-10708

OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...

CVE-2021-41773

CVE-2021-41773 is a path traversal vulnerability in Apache HTTP Server 2.4.49 affecting how path normalization maps URLs to files under Alias-like directives. The issue could allow access to files outside configured directories; if CGI scripts are enabled for those paths, remote code execution is...

CVE-2021-25216

CVE-2021-25216 affects BIND: in 64-bit builds it can trigger a buffer over-read, and in 32-bit builds a buffer overflow with potential remote code execution, when GSS-TSIG is enabled. The ISC SPNEGO implementation is being removed from the April releases of BIND 9.11 and 9.16 (and 9.17 already dr...

CVE-2021-42013

Summary: CVE-2021-42013 covers an incomplete fix to CVE-2021-41773 in Apache HTTP Server 2.4.49/2.4.50. Root cause: path traversal vulnerabilities in the 2.4.50 fix could map URLs outside configured directories; if CGI is enabled for aliased paths, remote code execution could occur. Affected vers...

CVE-2016-5195

CVE-2016-5195 (Dirty COW) : A race condition in the Linux kernel’s memory management (mm/gup.c) allows a local user to gain write access to read‑only mappings via a faulty copy‑on‑write handling. Affected: kernel 2.x–4.x prior to 4.8.3. Exploitation was observed in the wild around Oct 2016. Impac...

CVE-2021-34798

CVE-2021-34798 is a vulnerability in Apache HTTP Server where malformed requests may cause a NULL pointer dereference in the httpd core. The issue affects Apache HTTP Server 2.4.48 and earlier, and the resulting crash can lead to a Denial of Service. Multiple connected advisories confirm the same...

CVE-2021-3426

CVE-2021-3426 corresponds to a vulnerability in Python’s pydoc where the getfile feature could be abused to read arbitrary files. The linked sources confirm the issue affects Python versions prior to specific releases (e.g., Python before 3.8.9, 3.9.3, and 3.10.0a7 per the CVE description) and no...

CVE-2021-36160

CVE-2021-36160 affects Apache HTTP Server mod_proxy_uwsgi. A crafted request URI-path can cause mod_proxy_uwsgi to read beyond allocated memory, triggering a DoS. The issue is reported for Apache httpd versions 2.4.30–2.4.48. Public sources in connected documents corroborate the impact as an out-...

CVE-2020-8625

CVE-2020-8625 concerns a buffer overflow in BIND’s SPNEGO/GSS-API security policy implementation. The issue affects BIND versions spanning 9.5.0 up to 9.11.27, 9.12.0 up to 9.16.11, and specific 9.11.3-S1 to 9.11.27-S1 and 9.16.8-S1 to 9.16.11-S1, plus 9.17.0–9.17.1 in development branches. A vul...

CVE-2019-2215

CVE-2019-2215 is a use-after-free in the Android binder driver (binder.c) that enables local privilege escalation from an app to the Linux kernel. The issue is local, with no user interaction required, and exploitation may lead to memory corruption, denial of service, or escalation per the cited ...

CVE-2018-1333

CVE-2018-1333 affects Apache HTTP Server. By specially crafting HTTP/2 requests, workers could be allocated 60 seconds longer than necessary, causing worker exhaustion and denial of service. Affected versions: 2.4.18–2.4.30 and 2.4.33; fixed in 2.4.34. The vulnerability originates from the HTTP/2...

CVE-2020-13938

CVE-2020-13938 affects Apache HTTP Server 2.4.0–2.4.46. The vulnerability allows unprivileged local users to stop the httpd service on Windows. The connected sources confirm the affected product family and the local-access impact, with public advisories referencing Microsoft Windows behavior and ...

CVE-2019-10160

CVE-2019-10160 relates to a security regression in Python where parsing user-supplied URLs could cause leakage of host-related data (cookies, authentication data) by abusing URL components. The issue affects multiple Python releases (2.7, 3.5, 3.6, 3.7 and pre-3.8.0a4–3.8.0b1) and is tied to URL ...

CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

CVE-2020-7656

CVE-2020-7656 affects jQuery versions prior to 1.9.0. The vulnerability arises from the load method failing to strip certain ), enabling cross‑site scripting. Public materials describe PoC/exploitation and public advisories/patch guidance (e.g., upgrade to 1.9.0+). The CVE is documented with an o...

CVE-2021-25215

CVE-2021-25215 affects BIND 9 upstream and downstream builds. The vulnerability is an assertion failure in the named process when handling DNAME-related queries, which can cause named to terminate. Affected versions include BIND 9.0.0–9.11.29, 9.12.0–9.16.13, and specific S1/“Supported Preview” b...

CVE-2019-7317

CVE-2019-7317 is a use-after-free involving png_image_free in libpng. A connected document ties this to the FLTK package, affecting versions less than 1.3.8-1, and states that upgrading to a later FLTK version resolves the issue. If applying this advisory, upgrade FLTK to 1.3.8-1 or newer for rem...

CVE-2021-22555

CVE-2021-22555 is a Linux kernel heap out-of-bounds write vulnerability in net/netfilter/x_tables.c, dating to 2.6.19-rc1. The issue allows a local attacker to gain privileges or cause a DoS via heap memory corruption in the username space. Public sources in the connected docs confirm the vulnera...

CVE-2021-23336

CVE-2021-23336 affects Python CPython across multiple branches (0 and before 3.6.13; 3.7.0 before 3.7.10; 3.8.0 before 3.8.8; 3.9.0 before 3.9.2). The vulnerability is Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs using parameter cloaking with semicolons, causing the pr...

CVE-2021-25219

CVE-2021-25219 affects ISC BIND; a flaw in response processing allows abuse of the lame cache, degrading resolver performance and potentially causing DoS. Affected ranges include BIND 9.3.0–9.11.35, 9.12.0–9.16.21, 9.9.3-S1–9.11.35-S1, 9.16.8-S1–9.16.21-S1, and 9.17.0–9.17.18 (development/joint b...

CVE-2021-25214

CVE-2021-25214 affects BIND’s named when processing a malformed IXFR, causing named to terminate on the next refresh of the transferred zone. Concrete details across connected advisories show affected BIND ranges and the specific fixes: ALT Linux and others report updates that address CVEs 25214/...

CVE-2019-5482

CVE-2019-5482 is a heap buffer overflow in curl/libcurl’s TFTP handler (tftp_receive_packet) affecting curl versions up to 7.65.3. Public advisories detail that a small TFTP blocksize can trigger overflow, potentially enabling DoS or arbitrary code execution. Public fixes exist across distributio...

CVE-2021-43527

CVE-2021-43527 describes a heap overflow in NSS when handling DER-encoded DSA or RSA-PSS signatures. The vulnerability affects NSS versions prior to 3.73 (and 3.68.1 ESR for some configurations) and can impact applications using NSS for signatures in CMS, S/MIME, PKCS#7, or PKCS#12, as well as th...

CVE-2021-3520

CVE-2021-3520 affects the lz4 library and is caused by an integer overflow that can lead to memmove being called with a negative size, resulting in out-of-bounds writes or a crash. Documented impacts emphasize availability (with possible confidentiality/integrity impact). Concrete remediation det...

CVE-2021-41524

CVE-2021-41524 affects Apache HTTP Server (httpd) 2.4.49, where a null pointer dereference during HTTP/2 request processing can allow external sources to cause a DoS. The flaw was introduced with 2.4.49; no public exploit is shown in the documents. Check Point’s November 2021 advisory maps this C...

CVE-2020-12888

CVE-2020-12888 affects the Linux kernel VFIO PCI driver (through 5.6.13) and arises from improper handling of accesses to disabled MMIO space. A local attacker or a guest VM with VFIO access could trigger a denial of service or crash by exploiting writes/reads to disabled memory regions. Connecte...

CVE-2020-28196

CVE-2020-28196 affects MIT Kerberos 5 (krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3. The vulnerability stems from unbounded recursion in the ASN.1 BER decoder (lib/krb5/asn.1/asn1_encode.c) due to no recursion limit for indefinite lengths. This can lead to denial of service due to resource ex...

CVE-2021-29154

CVE-2021-29154 affects the Linux kernel BPF JIT implementation (arch/x86 net/bpf_jit_comp.c and bpf_jit_comp32.c). Connected advisories (e.g., ALAS2KERNEL-5.4-2022-003) confirm a local privilege escalation due to incorrect computation of branch displacements in the BPF JIT, enabling arbitrary cod...

CVE-2016-9841

CVE-2016-9841 is a vulnerability in zlib 1.2.8 related to improper pointer arithmetic in inffast.c that could have context-dependent impact. Connected advisories confirm public details and show remediation by upgrading zlib to a newer version (e.g., 1.2.11) across affected products and distributi...

CVE-2021-41864

CVE-2021-41864 affects the Linux kernel (pre-5.14.12) in prealloc_elems_and_freelist() within kernel/bpf/stackmap.c. An unprivileged local user can trigger an eBPF multiplication overflow, causing an out-of-bounds write and potential memory corruption or system crash. The issue is fixed in Linux ...

CVE-2021-22543

CVE-2021-22543 is described in connected advisories as a local privilege-escalation through KVM and improper handling of VM_IO|VM_PFNMAP VMAs, which can bypass RO checks and allow reading/writing guest memory by a privileged VM operator. Technical details across sources indicate the vulnerability...

CVE-2019-20388

CVE-2019-20388 affects libxml2 2.9.10. The Broadcom advisory BSNSA36819 confirms a memory leak in xmlSchemaValidateStream (xmlschemas.c) that can impact availability (memory exhaustion) when processing XML schemas. Affected component: libxml2’s xmlSchemaValidateStream; root cause relates to a lea...

CVE-2018-0735

CVE-2018-0735 corresponds to a timing side-channel vulnerability in OpenSSL’s ECDSA signature generation. An attacker could exploit variations in signing to recover the private key. Affected: OpenSSL 1.1.0 (1.1.0-1.1.0i) and OpenSSL 1.1.1 (1.1.1) prior to the fixes. Fixes were released in OpenSSL...

CVE-2020-13817

CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

CVE-2021-32399

CVE-2021-32399 affects the Linux kernel’s Bluetooth HCI handling, specifically a race condition in removal of the HCI controller implemented in net/bluetooth/hci_request.c up to version 5.12.2. The connected Astra Linux entry references the same race condition in the Linux kernel, and a dated Lin...