11 matches found
CVE-2018-15473
OpenSSH vulnerability CVE-2018-15473 affects OpenSSH up to version 7.7, where the server may enumerate valid usernames by returning different responses for invalid authentication attempts due to not delaying bailout until after the request packet is parsed (auth2-gss.c, auth2-hostbased.c, auth2-p...
CVE-2016-10708
OpenSSH sshd before 7.4 is vulnerable to a denial of service caused by a NULL pointer dereference when processing an out-of-sequence NEWKEYS message (kex.c/packet.c). This affects the OpenSSH server; exploitation leads to daemon crash as demonstrated by Honggfuzz. Affected products include OpenSS...
CVE-2018-6485
CVE-2018-6485 is an integer overflow in posix_memalign within glibc (memalign implementation) for versions 2.26 and earlier, which could cause a heap area to be too small and lead to heap corruption. The NVD CVSSv3/base score is 9.8 (CRITICAL) with network attack vector, no user interaction. Affe...
CVE-2020-27216
CVE-2020-27216 affects Eclipse Jetty in Unix-like environments across versions 1.0–9.4.32.v20200930, 10.0.0.alpha1–10.0.0.beta2, and 11.0.0.alpha1–11.0.0.beta2O. It describes a race condition where the system temporary directory is shared among users, allowing a collocated user to observe the cre...
CVE-2017-10053
CVE-2017-10053 is an OpenJDK/OpenJDK 2D JPEGImageReader vulnerability. The issue affects Java SE components (Java SE, Java SE Embedded, JRockit) with affected versions including Java 6u151, 7u141, 8u131 (and 8u131 for Java SE Embedded; JRockit R28.3.14). The vulnerability could allow an unauthent...
CVE-2018-19931
CVE-2018-19931 affects the GNU Binutils Binary File Descriptor library (libbfd) as shipped in Binutils
CVE-2018-2826
CVE-2018-2826 affects Oracle Java SE Libraries in Java SE 10. The vulnerability allows an unauthenticated network-based attacker to compromise Java SE, with potential takeover of the Java Runtime, per the description. CVSS 3.1 indicates HIGH impact (C, I, A HIGH) with NETWORK attack vector and re...
CVE-2018-19932
CVE-2018-19932 affects GNU Binutils libbfd. The issue is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. Public docs describe it as a vulnerability in binutils through 2.31 with potential stability/denial effects; remediation quoted in connected sources is ...
CVE-2018-2825
CVE-2018-2825 concerns Oracle Java SE Libraries with affected Java SE 10, allowing network-based attacks that may compromise confidentiality, integrity, and availability; the exploitation requires user interaction. The connected documents largely discuss IBM-specific advisories (IBM i, Netcool Ag...
CVE-2018-20002
CVE-2018-20002 affects GNU Binutils’ BFD library (libbfd); the _bfd_generic_read_minisymbols function leaks memory when processing crafted ELF files, causing DoS via memory consumption. Documented in multiple sources (Binutils 2.31, nm demonstration). Impact is a denial of service with potential ...
CVE-2016-6904
CVE-2016-6904 affects NetApp VASA Provider for Clustered Data ONTAP prior to 7.0P1. A web server accepts plain text authentication, enabling an unauthenticated attacker to obtain authentication credentials. Impact: credential disclosure and potential access to protected data/interfaces. Exploitat...