345 matches found
CVE-2021-43976
CVE-2021-43976 affects the Linux kernel, specifically the Marvell mwifiex_usb_recv() function in drivers/net/wireless/marvell/mwifiex/usb.c. A local attacker with access to a crafted USB device can trigger a denial of service (skb_over_panic). The advisory notes the vulnerability exists in kernel...
CVE-2020-2781
CVE-2020-2781 concerns Oracle/OpenJDK Java SE JSSE vulnerability that allows unauthenticated network access to degrade availability in Java SE and Java SE Embedded (client/server deployment). The Chainguard data confirms affected OpenJDK JSSE components and versions, aligning with the CVE descrip...
CVE-2020-13630
CVE-2020-13630 affects SQLite prior to 3.32.0, with a use-after-free in ext/fts3/fts3.c (fts3EvalNextRow) related to the snippet feature. Multiple connected advisories (Astra Linux, BSA, AlmaLinux) confirm the issue in SQLite and reference the same function/file. The provided sources do not quant...
CVE-2020-14579
CVE-2020-14579 affects Oracle Java SE/Embedded (Libraries component) with affected Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. The connected advisories confirm network-remote, unauthenticated access leading to a partial denial of service via multiple protocols, per CVSS 3.1 Base Score 3.7 ...
CVE-2020-2756
CVE-2020-2756 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u251, 8u241, 11.0.6, 14; Java SE Embedded 8u241. An unauthenticated, network-exposed attacker can exploit to cause a partial Denial of Service. Connected advisories show remediation via updating t...
CVE-2020-29573
CVE-2020-29573 affects the GNU C Library (glibc) on x86, where sysdeps/i386/ldbl2mpn.c allows a stack-based buffer overflow when a printf-family input is an 80-bit long double with a non-canonical pattern (example: 0x0004000000000000000000000000000000000004 passed to sprintf). Public notes indica...
CVE-2020-13631
CVE-2020-13631 affects SQLite up to version 3.32.0, where a vulnerability allows renaming a virtual table to the name of one of its shadow tables (related to alter.c and build.c). Connected advisories confirm the issue in SQLite prior to 3.32.0 and note the remediation is to upgrade SQLite to 3.3...
CVE-2019-13115
CVE-2019-13115 affects libssh2 prior to 1.9.0, where kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c can overflow an integer, leading to an out-of-bounds read when processing server packets. The vulnerability could allow a remote attacker controlling a SSH server to disclose...
CVE-2020-27786
CVE-2020-27786 affects the Linux kernel MIDI subsystem (rawmidi) with a use-after-free in the MIDI ioctl handling path. A local attacker with access to issue ioctl commands to MIDI devices could trigger memory corruption, potentially enabling privilege escalation. Public documentation in connecte...
CVE-2021-23239
The CVE-2021-23239 entry concerns the sudoedit personality in sudo up to version 1.9.4 (before 1.9.5). A race condition in sudoedit (sudo_edit.c) can allow a local, unprivileged user to determine directory existence by substituting a user-controlled directory with a symlink to an arbitrary path, ...
CVE-2020-9327
The CVE-2020-9327 entry concerns SQLite 3.31.1. A NULL pointer dereference can be triggered by isAuxiliaryVtabOperator due to generated column optimizations, potentially causing a segmentation fault. The connected Astra Linux security bulletin confirms the same SQLite 3.31.1 issue but provides no...
CVE-2021-29489
Highcharts JS (charting library) versions 8 and earlier are vulnerable to cross-site scripting due to inadequate filtering of the chart options structure for XSS vectors. The vulnerability can allow execution of untrusted script in the end user’s browser if the configuration contains malicious in...
CVE-2020-2755
CVE-2020-2755 is reported in the Oracle Java SE scripting component affecting Java SE 8u241, 11.0.6 and 14 (and Java SE Embedded 8u241). The vulnerability allows an unauthenticated attacker with network access to cause a partial denial of service in Java SE/Java SE Embedded. The CVSS base score i...
CVE-2020-2805
CVE-2020-2805 is an OpenJDK/OpenJDK Libraries issue. The connected Chainguard entry states the flaw resides in the readObject() method of the MethodType class within the Libraries component of OpenJDK, which can allow an untrusted Java applet or application to bypass Java sandbox restrictions. Th...
CVE-2019-19947
CVE-2019-19947 affects the Linux kernel up to version 5.4.6, where the kvaser_usb_leaf.c driver (drivers/net/can/usb/kvaser_usb) leaks information from uninitialized memory to a USB device (CID-da2311a6385c). Connected advisories corroborate this kernel info-leak issue and link it to the Kvaser C...
CVE-2020-14578
CVE-2020-14578 affects Oracle Java SE and Java SE Embedded (Libraries component) with Java SE 7u261 and 8u251; Java SE Embedded 8u251. It is exploitable over a network (multiple protocols) by unauthenticated attackers, including via sandboxed Java Web Start apps, applets, or direct API input, lea...
CVE-2021-23133
CVE-2021-23133 is a race condition in the Linux kernel SCTP sockets (net/sctp/socket.c) prior to 5.12-rc8. If sctp_destroy_sock executes without sock_net(sk)->sctp.addr_wq_lock, an element is removed from the auto_asconf_splist list without proper locking, enabling a local attacker with networ...
CVE-2020-1730
The CVE-2020-1730 vulnerability affects libssh versions before 0.8.9 and before 0.9.4, caused by how AES-CTR (or DES, if enabled) ciphers are handled. If a connection isn’t fully initialized, cleaning up these ciphers on close can crash the server or client, impacting availability. Upgrading to l...
CVE-2019-9169
CVE-2019-9169 affects GNU C Library (glibc) up to 2.29, where proceed_next_node in posix/regexec.c permits a heap-based buffer over-read during a case-insensitive regular-expression match. Impact: potential information disclosure via crafted input; CVSS/assessment in references indicates high/cri...
CVE-2020-12771
CVE-2020-12771 involves the Linux kernel component drivers/md/bcache/btree.c , where the function btree_gc_coalesce may deadlock if a coalescing operation fails. The connected Unity/Nessus entries reproduce: an issue in the kernel up to 5.6.11 with deadlock in the btree GC coalescing path, impact...
CVE-2020-13871
SQLite 3.32.2 is affected by a use-after-free in resetAccumulator (select.c) due to a late parse tree rewrite for window functions. Impact could include a crash or arbitrary code execution. Remediation: upgrade to SQLite 3.32.3 or later (fix upstream).
CVE-2021-43975
CVE-2021-43975 is described in connected material as a Linux kernel vulnerability up to version 5.15.2 where the hw_atl_utils_fw_rpc_wait() function in the aQuantia AQtion Ethernet driver (drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c) allows a local attacker who can introduce a cr...
CVE-2020-15436
The CVE-2020-15436 entry is confirmed by connected sources as a Linux kernel local-use-after-free vulnerability in fs/block_dev.c (pre-5.8). It enables a local attacker to gain elevated privileges or cause a denial of service by abusing improper access to a particular error field. The Linux kerne...
CVE-2019-19052
CVE-2019-19052 is a memory-leak vulnerability in the Linux kernel, specifically in drivers/net/can/usb/gs_usb.c within the gs_can_open() function. The issue allows a denial of service through memory consumption when usb_submit_urb() fails, affecting the kernel up to version before 5.3.11. The rea...
CVE-2020-25672
The CVE-2020-25672 entry refers to a memory-leak vulnerability in the Linux kernel NFC LLCP path (llcp_sock_connect). The issue is described as a memory leak in the NFC LLCP implementation, which can lead to resource exhaustion and denial of service when non-blocking socket operations trigger the...
CVE-2021-22922
CVE-2021-22922 affects curl’s Metalink download flow: when multiple URLs are provided, a content hash mismatch on a breached server is not discarded during download, allowing potentially malicious data to be kept on disk. Public advisories and vendor bulletins confirm patches in patched curl rele...
CVE-2020-8992
CVE-2020-8992 affects the Linux kernel ext4 implementation (ext4_protect_reserved_inode in fs/ext4/block_validity.c) through version 5.5.3. A crafted journal size can cause a denial of service (soft lockup) via a local attack. Connected advisories (e.g., SUSE-SU-2020:1663-1, Ubuntu USN-4419-1, Un...
CVE-2021-22945
Summary: CVE-2021-22945 affects libcurl/curl when sending data to an MQTT server, where in some cases a pointer to freed memory could be reused and freed again. This is a memory-use-after-free/double-free issue in libcurl. What is affected: libcurl/curl (MQTT data transmission scenarios) with vul...
CVE-2021-3483
CVE-2021-3483 refers to a vulnerability in the Linux kernel Nosy driver where a device can be inserted twice into a doubly-linked list, causing a use-after-free when one is removed. This affects versions before 5.12-rc6 and impacts confidentiality, integrity, and availability. The incident is loc...
CVE-2021-28375
The CVE-2021-28375 issue affects the Linux kernel up to 5.11.6, specifically fastrpc_internal_invoke in drivers/misc/fastrpc.c, which does not prevent user-space processes from sending kernel RPC messages. This is a local, privilege-escalation risk (as indicated by related CVE-2019-2308) that cou...
CVE-2021-22923
CVE-2021-22923 affects curl's metalink feature: when downloading a metalink XML with user credentials, those credentials are subsequently passed to each server curls contacts, potentially leaking credentials to multiple endpoints. Technical details across sources confirm this credential exposure ...
CVE-2021-28038
CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...
CVE-2021-26932
CVE-2021-26932 affects Linux kernels 3.2 through 5.10.16 when used with Xen PV backends. The issue arises in grant-mapping error handling during batch hypercalls, where errors can be ignored or misreported, causing improper unmapping and potential downstream impact. Affected components include ar...
CVE-2019-20095
CVE-2019-20095 affects the Linux kernel mwifiex driver (drivers/net/wireless/marvell/mwifiex/cfg80211.c). The description states that certain error-handling paths do not free allocated hostcmd memory, causing a memory leak that can lead to a denial of service. The issue is fixed in kernel version...
CVE-2020-14305
Mode C: CVE-2020-14305 is a Linux kernel vulnerability described in connected documents as an out-of-bounds memory write affecting the Voice Over IP H.323 connection tracking for ipv6 port 1720. An unauthenticated remote attacker could crash the system, causing DoS, with high impact on confidenti...
CVE-2021-28971
The CVE-2021-28971 vulnerability affects the Linux kernel: specifically, intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c can mishandle PEBS status on Haswell-era CPUs, potentially causing a system crash when userspace tools (e.g., perf-fuzzer) access performance events. The issue exists in...
CVE-2020-25671
CVE-2020-25671 is a Linux kernel vulnerability in the NFC LLCP implementation where a refcount leak in llcp_sock_connect() can cause a use-after-free, potentially enabling privilege escalation or system crash via local access. Affected: Linux kernel NFC LLCP path; impact parameter: local attacker...
CVE-2020-25692
CVE-2020-25692 affects OpenLDAP slapd. It is a NULL pointer dereference during a request to rename RDNs, allowing an unauthenticated remote attacker to crash slapd and cause Denial of Service. The fix is OpenLDAP 2.4.55. IBM/Red Hat advisories and the 2020 CVE entry document this issue and its re...
CVE-2019-20636
CVE-2019-20636 affects the Linux kernel prior to 5.4.12. The vulnerability is an out-of-bounds write in drivers/input/input.c via a crafted keycode table in input_set_keycode, enabling a local attacker with root privileges to corrupt memory and potentially execute arbitrary code or cause a denial...
CVE-2020-14372
Summary: CVE-2020-14372 affects grub2 prior to version 2.06. The flaw enables the use of the ACPI command when Secure Boot is enabled, allowing a privileged attacker to craft an SSDT that overwrites the Linux kernel lockdown state in memory. The loaded SSDT is executed by the kernel, defeating Se...
CVE-2020-14155
CVE-2020-14155 concerns the PCRE library: libpcre in PCRE versions prior to 8.44 allows an integer overflow when parsing a large number after a (?C substring. The issue is the result of an input validation/overflow bug in PCRE’s handling of certain regular expressions, potentially enabling memory...
CVE-2021-31440
CVE-2021-31440 affects the Linux kernel, with the vulnerability in the eBPF verifier: improper validation of user-supplied eBPF programs can allow a local attacker to escalate privileges and execute code in kernel context. The issue is rooted in the handling/verification of eBPF programs, leading...
CVE-2021-4044
OpenSSL OpenSSL libssl vulnerability CVE-2021-4044 arises when X509_verify_cert() returns a negative internal error (e.g., OOM). OpenSSL mishandles this, causing SSL_connect/SSL_do_handshake to not signal success and SSL_get_error() to return SSL_ERROR_WANT_RETRY_VERIFY, which is unexpected for m...
CVE-2019-13118
CVE-2019-13118 affects libxslt 1.1.33, where a too-narrow type holding grouping characters in xsl:number can pass an invalid character/length to xsltNumberFormatDecimal, causing a read of uninitialized stack data (stack overflow vulnerability). Connected Apple advisories (HT210351, HT210346, HT21...
CVE-2020-13529
CVE-2020-13529 is a systemd denial-of-service/remote reconfiguration vulnerability tied to DHCP FORCERENEW handling. The connected documents confirm a DHCP FORCERENEW/ACK pairing can allow an attacker to reconfigure a systemd-managed DHCP client. The issue affects systemd components (e.g., system...
CVE-2020-13645
Technical details for CVE-2020-13645 are not provided in the Connected documents. The Initial Description notes a hostname verification issue in GNOME glib-networking (GTlsClientConnection), but there are no product/version specifics beyond the CP4S remediation, so monitor for updates.
CVE-2020-9383
CVE-2020-9383 affects the Linux kernel floppy driver (set_fdc in drivers/block/floppy.c) where the FDC index is not checked for errors before assignment, causing a wait_til_ready out-of-bounds read. Impact per the CVE description: local attacker could cause a denial of service or privilege escala...
CVE-2021-41073
The CVE-2021-41073 issue affects the Linux kernel (affected versions 5.10 to 5.14.6) where loop_rw_iter in fs/io_uring.c can be abused via IORING_OP_PROVIDE_BUFFERS to trigger a use-after-free of a kernel buffer, enabling local privilege escalation. Exploitation relies on reading /proc//maps and ...
CVE-2020-2816
CVE-2020-2816 affects Oracle Java SE JSSE in Java SE 11.0.6 and 14. The vulnerability allows an unauthenticated attacker with network access via HTTPS to compromise Java SE, potentially enabling unauthorized creation, deletion, or modification of data in Java SE‑accessible data. The description n...
CVE-2021-26708
CVE-2021-26708 describes a local privilege-escalation in the Linux kernel prior to 5.10.13 caused by race conditions in AF_VSOCK (net/vmw_vsock/af_vsock.c) related to wrong locking during VSOCK multi-transport changes. The vulnerability can be exploited via use-after-free primitives in the vsock_...