CVE-2018-20685

CVE-2018-20685 affects OpenSSH scp client: scp.c allows remote servers to bypass access restrictions via the filename "." or an empty filename, potentially enabling modification of the client-directory permissions. Multiple advisories confirm this vulnerability and fix paths: Arch Linux ASA-20190...

CVE-2019-6110

CVE-2019-6110 (OpenSSH SCP client) affects OpenSSH 7.9. The vulnerability arises from accepting and displaying arbitrary stderr output from the SCP server, allowing a malicious server or MITM to spoof SCP client output and potentially mask or override transferred files. Connected advisories confi...

CVE-2019-6109

OpenSSH 7.9 contains CVE-2019-6109: missing character encoding in the progress display allows a malicious server/MITM to spoof scp client output by crafting object names (refresh_progress_meter in progressmeter.c). The vulnerability can enable spoofing of file transfer output; related issues incl...

CVE-2022-2068

The Connected documents corroborate CVE-2022-2068 as a real OpenSSL issue: c_rehash can pass certificate filenames to shell commands, enabling local command execution. Fixed in OpenSSL 3.0.4 (affecting 3.0.0–3.0.3), in OpenSSL 1.1.1p (affecting 1.1.1–1.1.1o), and in OpenSSL 1.0.2zf (affecting 1.0...

CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

CVE-2020-12888

CVE-2020-12888 affects the Linux kernel VFIO PCI driver (through 5.6.13) and arises from improper handling of accesses to disabled MMIO space. A local attacker or a guest VM with VFIO access could trigger a denial of service or crash by exploiting writes/reads to disabled memory regions. Connecte...

CVE-2022-45061

CVE-2022-45061 affects Python’s IDNA decoder; an unnecessary quadratic path may cause CPU DoS when processing long hostnames (e.g., in Location headers). Affects Python before 3.11.1; the fix is planned/has been released in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. Affected advisories (e.g., AL...

CVE-2022-35252

CVE-2022-35252 affects curl’s handling of cookies containing control codes; when such cookies are echoed back to a server, the server may return 400 responses, effectively enabling a “sister site” to deny service to other siblings. Public advisories confirm this is fixed in curl updates across se...

CVE-2019-17498

CVE-2019-17498 is an integer overflow in libssh2’s SSH_MSG_DISCONNECT bounds check (packet.c) on v1.9.0 and earlier. This can let a crafted SSH server cause an out-of-bounds memory read, enabling information disclosure or denial of service on the client. Public advisories confirm patches/upgrades...

CVE-2018-0735

CVE-2018-0735 corresponds to a timing side-channel vulnerability in OpenSSL’s ECDSA signature generation. An attacker could exploit variations in signing to recover the private key. Affected: OpenSSL 1.1.0 (1.1.0-1.1.0i) and OpenSSL 1.1.1 (1.1.1) prior to the fixes. Fixes were released in OpenSSL...

CVE-2020-13817

CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

CVE-2019-11068

CVE-2019-11068 affects libxslt up to 1.1.33. The vulnerability arises because xsltCheckRead/xsltCheckWrite can permit access even after a -1 error, enabling protection bypass. According to the linked advisories, this vulnerability has a CVSSv3 base score of 9.8 (NETWORK, LOW attack complexity, NO...

CVE-2022-21476

CVE-2022-21476 affects Oracle Java SE and Oracle GraalVM Enterprise Edition. Vulnerable components include Libraries, JAXP, ImageIO, 2D, JNDI, and serialization-related paths, with exploitation achievable by unauthenticated network access and potentially leading to data confidentiality breach or ...

CVE-2017-3136

CVE-2017-3136 is an assertion-failure denial of service in ISC BIND when handling DNS64 queries with break-dnssec yes. Affected versions span 9.8.0–9.11.1rc1 (exactly as listed: 9.8.0–9.8.8-P1; 9.9.0–9.9.9-P6; 9.9.10b1–9.9.10rc1; 9.10.0–9.10.4-P6; 9.10.5b1–9.10.5rc1; 9.11.0–9.11.0-P3; 9.11.1b1–9....

CVE-2018-20855

CVE-2018-20855 affects Linux kernel before 4.18.7. In mlx5InfiniBand, create_qp_common (mlx5_ib_create_qp_resp) was never initialized, leaking stack memory to userspace. Upstream fix shipped with kernel 4.18.7 (commit 0625b4ba1a5d4703c7fb01c497bd6c156908af00). Mitigation: upgrade to 4.18.7+ or ap...

CVE-2020-12653

CVE-2020-12653 affects the Linux kernel prior to 5.5.4, caused by an incorrect memcpy in the mwifiex_cmd_append_vsie_tlv() function (drivers/net/wireless/marvell/mwifiex/scan.c). This enables a local attacker to gain elevated privileges or cause a denial of service due to a buffer overflow. Conne...

CVE-2020-10690

The CVE-2020-10690 entry affects Linux kernel versions before 5.5. It is caused by a race between the release of ptp_clock and the cdev during resource deallocation, which can free the cdev structure while a high-privileged process holding /dev/ptpX is sleeping. When the underlying device is remo...

CVE-2020-13143

CVE-2020-13143 affects the Linux kernel USB gadget/configfs (drivers/usb/gadget/configfs.c) from 3.16 to 5.6.13. The flaw arises when gadget_dev_desc_UDC_store uses kstrdup and may encounter an internal NUL value, leading to potential out-of-bounds memory access (reported as heap out-of-bounds wr...

CVE-2020-29368

Affected software: Linux kernel up to version prior to 5.7.5 (pre-5.7.5). Vulnerability details: In mm/huge_memory.c, __split_huge_pmd, the copy-on-write CoW implementation can grant unintended write access due to a race in the THP mapcount check. This race condition can lead to local write acces...

CVE-2020-12769

CVE-2020-12769 affects the Linux kernel prior to 5.4.17. The issue is in drivers/spi/spi-dw.c, where concurrent calls to dw_spi_irq and dw_spi_transfer_one can trigger a kernel panic (local exploit). The vulnerability is fixed in Linux kernel 5.4.17 (see ChangeLog-5.4.17). No exploit details are ...

CVE-2021-38160

CVE-2021-38160 affects the Linux kernel “virtio_console” driver. In drivers/char/virtio_console.c, if an untrusted device supplies a buf->len value larger than the destination buffer, data corruption or loss can occur. The issue is fixed in Linux kernel 5.13.4 (ChangeLog-5.13.4). The vendor no...

CVE-2021-4203

CVE-2021-4203 is a Linux kernel use-after-free read flaw in sock_getsockopt() triggered by a race between SO_PEERCRED/SO_PEERGROUPS and listen()/connect(). An authenticated local attacker could crash the system or leak kernel information. The connected IBM advisories document affected products (I...

CVE-2022-21496

CVE-2022-21496 affects Oracle Java SE and Oracle GraalVM Enterprise Edition across multiple components (JNDI, JAXP, Libraries, Hotspot) with listed affected versions. The vulnerability enables network-accessible, unauthenticated attackers to modify or access data (integrity/availability impacts) ...

CVE-2018-17182

Summary : CVE-2018-17182 is a Linux kernel use-after-free vulnerability in the vmacache subsystem. The root cause is that the function vmacache_flush_all mishandles sequence number overflows, allowing a local attacker to trigger a use-after-free via certain thread creation/map/unmap/invalidation/...

CVE-2018-16866

CVE-2018-16866 is a systemd-journald out-of-bounds read vulnerability. The flaw arises in how journald parses log messages that terminate with a colon, allowing a local attacker to disclose process memory data. Affected versions are reported as v221–v239. Public advisories and vendor notes (e.g.,...

CVE-2020-12771

CVE-2020-12771 involves the Linux kernel component drivers/md/bcache/btree.c , where the function btree_gc_coalesce may deadlock if a coalescing operation fails. The connected Unity/Nessus entries reproduce: an issue in the kernel up to 5.6.11 with deadlock in the btree GC coalescing path, impact...

CVE-2019-15098

CVE-2019-15098 affects the Linux kernel driver ath6kl/usb.c (USB wifi driver) up to version 5.2.9. The issue is a NULL pointer dereference caused by an incomplete address in an endpoint descriptor, potentially leading to a crash or denial of service. The connected Nessus/Unity Linux advisories co...

CVE-2024-33602

CVE-2024-33602 affects the glibc nscd netgroup cache. The flaw is caused by the netgroup cache assuming NSS callbacks use in-buffer strings, which can lead to memory corruption when not all strings fit in the provided buffer. The issue was introduced with glibc 2.15 and is present only in the nsc...

CVE-2025-0167

The CVE-2025-0167 issue affects curl (libcurl) and arises when both using a .netrc for credentials and following HTTP redirects. The root cause, as described across connected documents, is that the netrc entry can omit login and password (or a default entry omits both), which may allow the passwo...

CVE-2022-21443

CVE-2022-21443 is an Oracle Java SE/GraalVM EE vulnerability affecting the Libraries component. Affected: Oracle Java SE 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM EE 20.3.5, 21.3.1, 22.0.0.2. Exploitation is network-based and can lead to a partial denial of service, with unauthenticated a...

CVE-2021-38199

CVE-2021-38199 concerns the Linux kernel’s NFSv4 client. The vulnerability arises from incorrect connection-setup ordering in fs/nfs/nfs4client.c, which can be triggered by remote NFSv4 servers during trunking detection, potentially causing a denial of service by hanging mounts. Connected advisor...

CVE-2017-7657

CVE-2017-7657 affects Eclipse Jetty: transfer-encoding chunk size parsing could overflow an integer, causing large chunks to be treated as smaller ones and enabling a fake pipelined request that bypasses intermediary authorization. Affected versions include Jetty 9.2.x and older, 9.3.x (all confi...

CVE-2022-32206

CVE-2022-32206 affects curl

CVE-2022-32208

CVE-2022-32208 affects curl when performing FTP transfers secured by krb5 prior to version 7.84.0. The vulnerability arises from how message verification failures are handled during krb5-secured FTP transfers, enabling a man-in-the-middle to go unnoticed and potentially inject data to the client....

CVE-2018-6485

CVE-2018-6485 is an integer overflow in posix_memalign within glibc (memalign implementation) for versions 2.26 and earlier, which could cause a heap area to be too small and lead to heap corruption. The NVD CVSSv3/base score is 9.8 (CRITICAL) with network attack vector, no user interaction. Affe...

CVE-2022-32207

CVE-2022-32207 affects curl: when saving cookies, alt-svc and HSTS data, the final rename can widen target file permissions, exposing updates to more users. Affected versions are curl before 7.84.0; remediation is to upgrade to 7.84.0 or newer (as indicated by multiple advisories).

CVE-2017-10355

CVE-2017-10355 is documented across multiple openJDK/OpenJDK-derived advisories (CentOS, Debian, Amazon, IBM, etc.) as a networking vulnerability in the FtpClient component of OpenJDK’s Java SE/Java SE Embedded. Technical details in connected sources specify that the FtpClient did not set default...

CVE-2021-3753

CVE-2021-3753 describes a race in the Linux kernel’s vt_k_ioctl() (vt_ioctl.c) that may cause an out-of-bounds read in vt as vc_mode write access is not protected by a lock. Impact is listed as data confidentiality; exploitation details are not provided in the supplied documents. Connected source...

CVE-2020-11884

CVE-2020-11884 affects the Linux kernel on s390x (versions 4.19–5.6.7). The issue is a race in enable_sacf_uaccess (arch/s390/lib/uaccess.c) that fails to protect against a concurrent page table upgrade (CID-3f777e19d171), potentially allowing code execution or a crash. The initial documents do n...

CVE-2021-38201

The CVE affects the Linux kernel, specifically net/sunrpc/xdr.c, where an out-of-bounds slab access (xdr_set_page_base) could be triggered by many NFS 4.2 READ_PLUS operations, allowing remote denial-of-service. Affected: Linux kernel versions prior to 5.13.4. Root cause: slab-out-of-bounds acces...

CVE-2019-18683

CVE-2019-18683 affects the Linux kernel’s V4L2 vivid driver (drivers/media/platform/vivid). The issue arises from wrong mutex locking in functions vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and related kthreads, causing multiple race conditions dur...

CVE-2017-10102

CVE-2017-10102 is a remotely exploitable issue in Oracle Java SE and Java SE Embedded (RMI subcomponent) affecting Java SE 6u151, 7u141, 8u131 and Java SE Embedded 8u131. A remote attacker could compromise the target via API data handling over network access, potentially taking over the Java runt...

CVE-2017-10135

CVE-2017-10135 is a timing-channel vulnerability in the PKCS#8 implementation of the JCE component of OpenJDK/OpenJDK-derived JREs. Public sources in the dataset describe it as a covert timing channel flaw that could enable a remote attacker to glean information about the private key via timing a...

CVE-2022-32205

CVE-2022-32205 affects curl and can cause denial of service when a malicious server serves a large number of Set-Cookie headers. curl

CVE-2017-10115

CVE-2017-10115 is a covert timing-channel vulnerability in the DSA implementation of the JCE in OpenJDK/OpenJRE/JRockit, affecting Java SE 6u151, 7u141, 8u131 and related packages (e.g., OpenJDK 7 on Debian/Ubuntu, RHEL/CentOS, Arch Linux advisories). A remote attacker could potentially exploit t...

CVE-2017-10345

CVE-2017-10345 affects Oracle Java SE/Embedded/JRockit serialization. The vulnerability allows an unauthenticated attacker with network access to compromise the target, potentially causing a partial denial of service; exploitation is difficult and may require human interaction. Affected versions ...

CVE-2017-10087

CVE-2017-10087 is a vulnerability in Oracle Java SE/Java SE Embedded Libraries affecting Java SE 6u151, 7u141, and 8u131, and Java SE Embedded 8u131. The issue is an access-control bypass in the Libraries component that could allow a network-facilitated, unauthenticated attacker to take control o...

CVE-2017-10281

CVE-2017-10281 affects Oracle/OpenJDK components (Java SE, Java SE Embedded, JRockit) with the Serialization subcomponent. The vulnerability is exploitable remotely via network protocols and can be triggered by sandboxed Web Start/Applet use or by supplying data to APIs, potentially causing parti...

CVE-2017-10295

CVE-2017-10295 affects OpenJDK (Java SE/Java SE Embedded) Networking: HttpURLConnection/HttpsURLConnection failed to detect newline characters in URLs, enabling potential HTTP header injection via attacker-provided URLs. Public notices in connected docs show affected package openjdk-7/openjdk-8 w...