26 matches found
CVE-2021-44228
CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...
CVE-2024-40896
CVE-2024-40896 affects libxml2 prior to 2.11.9, 2.12 prior to 2.12.9, and 2.13 prior to 2.13.3. The SAX parser can emit events for external entities even when custom SAX handlers try to override content (via checked), enabling classic XXE attacks. Connected sources reiterate the same vulnerabilit...
CVE-2023-37920
CVE-2023-37920 affects the Python Certifi package: Certifi before 2023.07.22 includes the e-Tugra root certificates, which were removed in 2023.07.22 due to security concerns. The vulnerability is documented with high/critical impact in CVSS vectors across sources, and advisories across multiple ...
CVE-2022-2047
CVE-2022-2047 affects Eclipse Jetty: vulnerable in Jetty 9.4.0–9.4.46, 10.0.0–10.0.9, and 11.0.0–11.0.9. The HttpURI class misparses the authority segment of an HTTP URI, treating certain invalid inputs as a hostname, which can cause failures in a proxy scenario. Connected documents provide exact...
CVE-2018-20836
CVE-2018-20836 : A race condition in the Linux kernel before 4.20, specifically in drivers/scsi/libsas/sas_expander.c (smp_task_timedout() vs smp_task_done()), can lead to a use-after-free. Affected: Linux kernel versions prior to 4.20. Impact is described as high by CVSS. The provided documents ...
CVE-2020-29569
CVE-2020-29569 describes a use-after-free in the Linux kernel PV block backend (blkback) when Xen is used, where the kernel thread handler may not reset ring->xenblkd to NULL if the frontend toggles between connect/disconnect, allowing a misbehaving guest to trigger a dom0 crash. The issue aff...
CVE-2020-29374
CVE-2020-29374 affects the Linux kernel and was fixed in 5.7.3. It concerns the get_user_pages (gup) implementation used for copy-on-write pages: when handling read operations, it may grant unintended write access, risking information disclosure or data corruption (COW cross-process leakage). Sev...
CVE-2022-2048
CVE-2022-2048 concerns the Eclipse Jetty HTTP/2 server. The bug occurs when handling an invalid HTTP/2 request, where the error path fails to properly clean up active connections and associated resources. This can lead to a denial of service due to resource exhaustion, rendering the server unable...
CVE-2022-27776
CVE-2022-27776 is a curl vulnerability where credentials could be leaked during HTTP redirects to the same host on a different port. Root cause: insufficiently protected credentials in redirect handling. Impact: potential exposure of authentication or cookie headers. Affected: curl/libcurl across...
CVE-2020-12464
CVE-2020-12464 is a Linux kernel use-after-free in the USB core path. The vulnerability stems from usb_sg_cancel in drivers/usb/core/message.c where a transfer can occur without a proper reference, enabling a local attacker to potentially crash or execute code. Connected documents confirm this is...
CVE-2025-0725
CVE-2025-0725 affects libcurl when performing automatic gzip decompression with CURLOPT_ACCEPT_ENCODING using zlib 1.2.0.3 or older. A attacker-controlled integer overflow can cause a buffer overflow during decompression. Connected advisories (ALAS/Amazon/Linux and Debian/CVE trackers) confirm th...
CVE-2023-5178
CVE-2023-5178 is a use-after-free vulnerability in the NVMe over Fabrics over TCP subsystem of the Linux kernel, specifically nvmet_tcp_free_crypto in drivers/nvme/target/tcp.c. The logical bug can lead to use-after-free and double-free conditions, with potential remote code execution or local pr...
CVE-2021-3772
CVE-2021-3772 affects the Linux kernel SCTP stack: a blind attacker who knows IPs/ports and can spoof packets can kill an existing SCTP association by sending invalid chunks. The connected advisories confirm the issue and point to a patch in the Linux kernel (commit 32f8807a48ae55be0e76880cfe8607...
CVE-2024-50602
CVE-2024-50602 affects libexpat prior to 2.6.4. There is a crash in XML_ResumeParser when XML_StopParser can stop/suspend an unstarted parser. Affected: expat library used by various products; root cause is improper handling of parser state. Impact is a crash (DoS potential) as described in linke...
CVE-2025-0167
The CVE-2025-0167 issue affects curl (libcurl) and arises when both using a .netrc for credentials and following HTTP redirects. The root cause, as described across connected documents, is that the netrc entry can omit login and password (or a default entry omits both), which may allow the passwo...
CVE-2024-33602
CVE-2024-33602 affects the glibc nscd netgroup cache. The flaw is caused by the netgroup cache assuming NSS callbacks use in-buffer strings, which can lead to memory corruption when not all strings fit in the provided buffer. The issue was introduced with glibc 2.15 and is present only in the nsc...
CVE-2022-36946
The CVE-2022-36946 issue affects nfqnl_mangle in net/netfilter/nfnetlink_queue.c of the Linux kernel (through 5.18.14). When nf_queue verdicts include a one-byte nfta_payload attribute, skb_pull can encounter a negative skb->len, enabling a remote attacker to trigger a denial of service (panic...
CVE-2020-25645
Summary: CVE-2020-25645 describes a confidentiality flaw in the Linux kernel’s GENEVE tunnel code when IPsec is used to encrypt traffic for the tunnel’s UDP port. In kernels before 5.9-rc7, traffic between two Geneve endpoints may be left unencrypted, allowing an attacker between the endpoints to...
CVE-2022-27774
CVE-2022-27774 affects curl. The vulnerability is described as an insufficiently protected credentials issue where credentials could be leaked during HTTP(S) redirects when authentication is involved, potentially leaking to other hosts across different protocols or ports. Connected advisories sho...
CVE-2022-22576
CVE-2022-22576 is an improper authentication vulnerability in curl 7.33.0 through 7.82.0 that may allow reuse of OAuth2-authenticated connections without confirming the credentials used for the transfer, affecting SASL-enabled protocols (SMPTP(S), IMAP(S), POP3(S), LDAP(S) via OpenLDAP). The root...
CVE-2022-27775
Curl contains an information‑disclosure flaw (CVE-2022-27775) in versions 7.65.0–7.82.0 where an IPv6 address from the pool could be reused with a different zone id, enabling potential leakage through connection reuse. Affected platforms in connected advisories indicate curl/libcurl fixes have be...
CVE-2023-38426
The CVE-2023-38426 issue affects the Linux kernel prior to 6.3.4, specifically ksmbd’s SMB2 path where an out-of-bounds read occurs in smb2_find_context_vals if create_context’s name_len exceeds the tag length. Public references (kernel commit and ChangeLog-6.3.4) confirm the vulnerability contex...
CVE-2023-32257
CVE-2023-32257 affects the Linux kernel ksmbd (the in-kernel SMB server). The vulnerability stems from lack of proper locking when processing SMB2_SESSION_SETUP and SMB2_LOGOFF, enabling an attacker to execute code in the kernel context. The initial description documents the root cause and impact...
CVE-2023-38432
CVE-2023-38432 affects the Linux kernel prior to 6.3.10. The KSMBD SMB2 server (fs/smb/server/smb2misc.c) does not validate the relationship between the SMB command payload size and RFC1002 length, causing an out-of-bounds read. Impact: potential information disclosure or crash as stated by affec...
CVE-2023-38428
CVE-2023-38428 affects the Linux kernel (ksmbd) where fs/ksmbd/smb2pdu.c does not properly validate the UserName value because it ignores the address of the security buffer, causing an out-of-bounds read. The public description confirms the issue exists in kernels before 6.3.4. The connected docs...
CVE-2024-36958
CVE-2024-36958 affects the Linux kernel NFSD component: nfsd4_encode_fattr4() can crash due to args.acl being used after lack of initialization, leading to an unconditional kfree() path. The documented impact is local access with potential availability degradation (CVSS: Local, Availability High)...