29 matches found
CVE-2024-28757
The CVE-2024-28757 entry concerns libexpat up to version 2.6.1, where XML External Entity (XXE) processing can be triggered when isolated external parsers are used (XML_ExternalEntityParserCreate). The impact is denial of service or resource exhaustion (availability impact: HIGH) with CVSS v3.1 b...
CVE-2024-6387
CVE-2024-6387 is a remote code-execution vulnerability in OpenSSH’s server (sshd) caused by a race condition in a signal handler that may run after a client fails to authenticate within LoginGraceTime. The issue is exploitable by an unauthenticated, remote attacker on glibc-based Linux systems, p...
CVE-2021-44228
CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...
CVE-2023-52433
CVE-2023-52433 refers to a Linux kernel issue in netfilter nft_set_rbtree where new elements within a single transaction may expire before the transaction ends. To avoid a commit path walking over an already released object, the code skips sync garbage collection (GC) for those elements during th...
CVE-2024-7254
CVE-2024-7254 describes a stack overflow DoS in parsers when handling untrusted Protocol Buffers data with deeply nested SGROUP/group structures. The root cause is unbounded recursion when parsing unknown fields (DiscardUnknownFieldsParser) or Java Protobuf Lite against nested groups or map field...
CVE-2023-38709
CVE-2023-38709 describes HTTP response splitting in the core of Apache HTTP Server caused by faulty input validation. It affects Apache HTTP Server up to version 2.4.58; multiple advisories (e.g., Astra Linux, AlmaLinux, Alpine Linux) note that upgrading to 2.4.64 fixes the issue. Some sources in...
CVE-2021-3156
CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...
CVE-2024-39884
CVE-2024-39884 affects Apache HTTP Server (notably 2.4.60 and older) where legacy content-type based configuration (e.g., AddType) could cause source code disclosure for indirectly requested files, potentially exposing local content (e.g., PHP scripts being served). Affected vendors consistently ...
CVE-2024-24795
CVE-2024-24795 (httpd) describes HTTP response splitting in multiple Apache HTTP Server modules when malicious response headers can be injected into backend applications, enabling HTTP desynchronization. The vulnerability is mitigated by upgrading to Apache HTTP Server 2.4.59, as indicated across...
CVE-2024-34397
GLib vulnerability CVE-2024-34397: a GDBus signal-subscription spoofing flaw allows non-trusted local users on shared systems to inject spoofed D-Bus signals, potentially making a GDBus client misbehave (application-dependent impact). Affected: GLib’s GDBus-based clients; vulnerable in GLib up to...
CVE-2020-13817
CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...
CVE-2021-28165
The CVE-2021-28165 issue affects Eclipse Jetty versions 7.2.2–9.4.38, 10.0.0.alpha0–10.0.1, and 11.0.0.alpha0–11.0.1, where handling a large invalid TLS frame can cause CPU usage to reach 100%, leading to resource exhaustion. The underlying cause is described as abnormal processing after receivin...
CVE-2024-39689
Certifi-2024-39689 involves insufficient verification of data authenticity via the GlobalTrust root certificate. The issue stems from Certifi removing GLOBALTRUST roots in 2024.7.04, in line with Mozilla’s trust-store removals prompted by long-running compliance issues. Broadcom/BSNSA36222 confir...
CVE-2024-34750
CVE-2024-34750 affects Apache Tomcat across multiple lines of the 9.x, 10.x, and 11.x series, where improper handling of HTTP/2 streams leads to miscounting active streams and the use of an infinite timeout, allowing connections to remain open. Root cause: during HTTP/2 processing, Tomcat fails t...
CVE-2024-6119
OpenSSL CVE-2024-6119 causes a denial of service when applications perform certificate name checks (e.g., TLS server name validation). The issue stems from reading an invalid memory address during name comparison (e.g., otherName in X.509) and may terminate the process. Multiple connected advisor...
CVE-2023-36054
MIT Kerberos 5 (krb5) contains a vulnerability CVE-2023-36054 where lib/kadm5/kadm_rpc_xdr.c frees an uninitialized pointer due to improper validation between n_key_data and the key_data array. A remote authenticated user can trigger a kadmind crash. Affected versions include krb5 before 1.20.2 a...
CVE-2024-47554
CVE-2024-47554 affects Apache Commons IO. An Uncontrolled Resource Consumption issue in XmlStreamReader may cause high CPU use when processing malicious input. Vulnerable version range: 2.0 <= v
CVE-2024-28752
CVE-2024-28752 is a SSRF vulnerability in Apache CXF’s Aegis DataBinding. Affected CXF versions are those before 4.0.4, 3.6.3, and 3.5.8; the issue enables SSRF-style attacks on web services that take at least one parameter. Other data bindings (including default) are not impacted. Remediation: u...
CVE-2024-8096
The CVE-2024-8096 issue affects curl’s TLS OCSP stapling verification, where an OCSP response that signals an error other than revoked (e.g., unauthorized) may be treated as valid. This can allow invalid certificates to be accepted when curl uses OCSP stapling, depending on the TLS backend (notab...
CVE-2024-29131
CVE-2024-29131 describes an out-of-bounds write in Apache Commons Configuration, affecting 2.x releases prior to 2.10.1. Fedora advisories and Fedora/OS update entries confirm 2.10.1 as the fixed version. The connected docs provide the fix version but do not include symptom details, exploitation ...
CVE-2025-0167
The CVE-2025-0167 issue affects curl (libcurl) and arises when both using a .netrc for credentials and following HTTP redirects. The root cause, as described across connected documents, is that the netrc entry can omit login and password (or a default entry omits both), which may allow the passwo...
CVE-2024-38286
The CVE-2024-38286 entry describes an Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat that, under certain configurations, allows an attacker to trigger an OutOfMemoryError by abusing the TLS handshake. Affected versions include Tomcat 11.0.0-M1 through 11.0.0-M...
CVE-2024-0565
CVE-2024-0565 affects the Linux kernel CIFS (SMB) client: receive_encrypted_standard in fs/smb/client/smb2ops.c contains an out-of-bounds read caused by an integer underflow in memcpy length, leading to denial of service. Connected advisories consistently reference this CVE in kernel CIFS decrypt...
CVE-2025-27820
CVE-2025-27820 affects Apache HttpClient 5.4.x, where a PSL validation logic bug disables domain checks, impacting cookie management and hostname verification. Root cause: PSL validation flaw in 5.4.x. Impact: as described, with potential weaknesses in hostname verification and cookie handling; C...
CVE-2023-2953
CVE-2023-2953: OpenLDAP contains a null pointer dereference in ber_memalloc_x(); affected OpenLDAP versions prior to the patched release are vulnerable. Connected advisories confirm a security update to OpenLDAP is available (e.g., OpenLDAP security update notes and Linux distro advisories), with...
CVE-2024-49761
CVE-2024-49761 affects the Ruby ecosystem via the REXML XML toolkit. The vulnerability exists in the REXML gem before 3.3.9, where parsing an XML containing hex numeric character references (&#x...;) with many digits can cause a ReDoS. Ruby 3.2+ is not affected; Ruby 3.1 is the affected maintaine...
CVE-2024-52533
GLib (GNOME GLib) is affected by CVE-2024-52533 due to an off-by-one error in gio/gsocks4aproxy.c, where SOCKS4_CONN_MSG_LEN does not account for a trailing NUL, causing a buffer overflow in versions before 2.82.1. The issue stems from an insufficient buffer size in SOCKS4_CONN_MSG_LEN. A fix has...
CVE-2024-26633
CVE-2024-26633 affects the Linux kernel’s ip6_tunnel code, specifically the NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim(). Syzbot reported that frag_off could be read before enough bytes were pulled into skb->head, causing reads of uninitialized or garbage data. The issue is exposed...
CVE-2024-1351
CVE-2024-1351 (MongoDB TLS peer cert validation bypass) Affected product: MongoDB Server (versions affected as per CVE description): v7.0 before or including 7.0.5; v6.0 before or including 6.0.13; v5.0 before or including 5.0.24; v4.4 before or including 4.4.28. Root cause: When TLS is enabled, ...