Lucene search
K

132 matches found

CVE
CVE
added 2014/09/24 6:0 p.m.2911 views

CVE-2014-6271

CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...

10CVSS9.9AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2017/04/11 12:0 a.m.2252 views

CVE-2016-1908

OpenSSH CVE-2016-1908 affects the OpenSSH client before 7.2, where cookie generation for untrusted X11 forwarding can be mishandled when the local X server lacks the SECURITY extension. This could allow remote X11 clients to trigger a fallback to trusted forwarding, bypassing intended access cont...

9.8CVSS9AI score0.13736EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.1525 views

CVE-2016-5387

CVE-2016-5387 affects Apache httpd prior to 2.4.25, where RFC 3875 compliance allows untrusted HTTP_PROXY data to influence outbound proxy selection via a crafted Proxy header (the httpoxy issue). Public docs indicate the issue arises from the HTTP_PROXY environment variable being exposed to appl...

8.1CVSS8AI score0.55724EPSS
CVE
CVE
added 2014/09/25 1:0 a.m.1331 views

CVE-2014-7169

CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...

10CVSS8.4AI score0.9994EPSS
In wild
CVE
CVE
added 2014/06/07 2:0 p.m.1170 views

CVE-2014-3153

The CVE-2014-3153 issue affects the Linux kernel futex_requeue path (kernel/futex.c) through version 3.14.5. A local unprivileged user can exploit FUTEX_REQUEUE with two identical futex addresses to gain privileges or modify waiter state, causing potential privilege escalation and memory impact. ...

7.8CVSS6.5AI score0.37233EPSS
In wild
CVE
CVE
added 2016/05/05 6:0 p.m.1090 views

CVE-2016-3715

Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...

5.8CVSS6.3AI score0.75383EPSS
In wild
CVE
CVE
added 2016/05/05 6:0 p.m.1090 views

CVE-2016-3718

ImageMagick is affected by CVE-2016-3718: the HTTP and FTP coders can be abused to perform server-side request forgery via a crafted image. Affected lines: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. The vulnerability allows an attacker to induce the server to make HTTP/FTP requests when ...

5.5CVSS6.7AI score0.76897EPSS
In wild
CVE
CVE
added 2014/04/15 10:0 a.m.905 views

CVE-2013-5704

CVE-2013-5704 concerns the Apache HTTP Server mod_headers trailer-header bypass vulnerability. The issue arises when a client places headers in the trailer portion of a chunked request, potentially bypassing RequestHeader unset directives and allowing header manipulation after header processing. ...

5CVSS5.7AI score0.60205EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.780 views

CVE-2016-3427

CVE-2016-3427 is an unspecified vulnerability in Oracle Java SE (affecting 6u113, 7u99, 8u77) and JRockit, tied to the Java Management Extensions (JMX) component. Exploitation can affect confidentiality, integrity, and availability via JMX-related vectors; the issue is described as an unspecified...

10CVSS6.8AI score0.92334EPSS
In wild
CVE
CVE
added 2014/05/07 10:0 a.m.604 views

CVE-2014-0196

CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...

6.9CVSS6.3AI score0.22475EPSS
In wild
CVE
CVE
added 2016/05/16 10:0 a.m.542 views

CVE-2015-4643

CVE-2015-4643 is an integer overflow in PHP’s FTP extension (ftp_genlist in ext/ftp/ftp.c). A long LIST reply from an FTP server can trigger a heap-based buffer overflow, potentially allowing code execution. Affected PHP versions: before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10. The v...

9.8CVSS8.9AI score0.16948EPSS
CVE
CVE
added 2016/09/28 10:0 a.m.516 views

CVE-2016-2776

CVE-2016-2776 describes a denial-of-service in ISC BIND where a crafted DNS query leads to an assertion failure in buffer.c while building responses, causing named to exit. Affected products/versions include BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3. The root ca...

7.8CVSS6.4AI score0.89482EPSS
CVE
CVE
added 2015/12/16 3:0 p.m.476 views

CVE-2015-8000

CVE-2015-8000 affects ISC BIND 9.x (before 9.9.8-P2 and 9.10.x before 9.10.3-P2). A flaw in db.c parsing incoming responses allows remote DoS via a malformed class attribute, causing an assertion failure and daemon exit. F5’s advisory notes vulnerability presence in BIG-IP family components that ...

5CVSS6.7AI score0.5469EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.472 views

CVE-2014-3581

Apache HTTP Server vulnerability CVE-2014-3581 affects the mod_cache component (cache_util.c) in the httpd 2.4.x line, before 2.4.11. An empty Content-Type header can trigger a NULL pointer dereference in cache_merge_headers_out, leading to a denial of service (application crash). Public advisori...

5CVSS6.2AI score0.13451EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.453 views

CVE-2016-5385

CVE-2016-5385 affects PHP up to 7.0.8, where PHP did not protect against the HTTP_PROXY namespace clash, potentially allowing a remote attacker to redirect a script’s outbound HTTP traffic to an attacker‑controlled proxy via a crafted Proxy header. Public analyses reference CGI/CGI‑like environme...

8.1CVSS8AI score0.50427EPSS
CVE
CVE
added 2014/01/02 11:0 a.m.435 views

CVE-2013-5211

CVE-2013-5211 affects ntpd’s monlist functionality. ntpd before 4.2.7p26 allows remote attackers to cause a DoS via forged REQ_MON_GETLIST and REQ_MON_GETLIST_1 requests (traffic amplification). Public advisories confirm exploitation in the wild and recommend upgrading ntp to 4.2.7p26 or newer (e...

5CVSS5.7AI score0.97549EPSS
CVE
CVE
added 2016/06/20 12:0 a.m.358 views

CVE-2016-2177

OpenSSL vulnerability CVE-2016-2177 arises from pointer arithmetic used for heap-buffer boundary checks in OpenSSL 1.0.2h and earlier, which could allow a remote attacker to trigger a denial of service (integer overflow and crash) due to unexpected malloc behavior. Affected components include s3_...

9.8CVSS8.3AI score0.44505EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.330 views

CVE-2016-5388

The CVE-2016-5388 issue affects Apache Tomcat (CGI Servlet enabled) where Proxy header handling exposes HTTP_PROXY data to CGI scripts, enabling redirection of outbound requests to a attacker-controlled proxy (httpoxy). Public advisories across multiple distributions confirm Tomcat 7.x up to 7.0....

8.1CVSS6.8AI score0.50896EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.323 views

CVE-2016-2182

CVE-2016-2182 affects the BN_bn2dec() path in OpenSSL (OpenSSL before 1.1.0). The BN_div_word() return value is not reliably checked, enabling an out-of-bounds write that could crash the app or lead to other impact via processing large BIGNUMs. Several advisories (Android OpenSSL bulletin, Linux ...

9.8CVSS9.1AI score0.44218EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.303 views

CVE-2022-21499

CVE-2022-21499: KGDB/KDB can read/write kernel memory if lockdown is triggered; attacker with serial-port access could trigger debugger. Connected advisories reiter the risk and note the need to ensure lockdown mode is respected, but do not specify a patched version or remediation beyond that. Th...

6.7CVSS7AI score0.00612EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.283 views

CVE-2015-3329

CVE-2015-3329 describes multiple stack-based buffer overflows in PHP’s Phar handling (phar_set_inode in phar_internal.h) that allow remote code execution via crafted length values in tar, phar, or ZIP archives. Affected PHP releases are 5.4.40 and earlier (5.4.x), 5.5.x prior to 5.5.24, and 5.6.x...

7.5CVSS8AI score0.38434EPSS
CVE
CVE
added 2016/03/13 6:0 p.m.276 views

CVE-2016-1950

CVE-2016-1950 is a real NSS vulnerability: a heap-based buffer overflow in the ASN.1 DER parser allows remote code execution via crafted data in X.509 certificates. Affected NSS releases include 3.19.2.3 and 3.20.x, and 3.21.x before 3.21.1; it affects Mozilla Firefox up to 45.0 and Firefox ESR 3...

8.8CVSS7.9AI score0.04192EPSS
CVE
CVE
added 2016/08/06 8:0 p.m.276 views

CVE-2016-6197

CVE-2016-6197 affects the OverlayFS implementation (fs/overlayfs/dir.c) in the Linux kernel before 4.6. The flaw allows a local user to cause a denial of service (system crash) by a rename that specifies a self-hardlink, due to incomplete verification of the upper dentry during unlink/rename. Exp...

5.5CVSS5.4AI score0.00486EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.270 views

CVE-2015-4024

The CVE-2015-4024 entry describes an algorithmic complexity DoS in PHP’s multipart HTTP POST handling (multipart_buffer_headers in main/rfc1867.c). Attackers can cause high CPU usage with specially crafted form data, affecting PHP versions prior to 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5....

5CVSS7.3AI score0.50129EPSS
CVE
CVE
added 2015/11/13 2:0 a.m.246 views

CVE-2015-8126

CVE-2015-8126 concerns libpng buffer overflows in png_set_PLTE and png_get_PLTE caused by improper bounds checks. Affected ranges include libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Exploitation via a small bit-...

7.5CVSS7.9AI score0.10339EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.243 views

CVE-2015-3330

CVE-2015-3330 affects PHP when running under Apache httpd 2.4.x; the php_handler in sapi/apache2handler/sapi_apache2.c can be invoked by pipelined HTTP requests to cause a denial of service or possibly arbitrary code execution due to a deconfigured interpreter. Affected families are PHP versions ...

6.8CVSS8.1AI score0.14077EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.234 views

CVE-2016-2181

OpenSSL CVE-2016-2181 affects the Datagram TLS (DTLS) replay protection: a flaw in the replay window handling could cause legitimate packets to be dropped when a crafted sequence number is used, enabling a remote attacker to cause DoS. Upstream fixes were released (e.g., OpenSSL 1.0.2.x and 1.0.1...

7.5CVSS8.3AI score0.22634EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.234 views

CVE-2016-3598

CVE-2016-3598 concerns an unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 within the Libraries component that could allow remote attackers to affect confidentiality, integrity, and availability via sandbox-related bypasses. The issue is described as a sandbox restrictio...

9.6CVSS7.8AI score0.0669EPSS
CVE
CVE
added 2016/08/01 12:0 a.m.232 views

CVE-2016-2180

CVE-2016-2180 refers to an out-of-bounds read in the TS_OBJ_print_bio() function of the OpenSSL X.509 Time-Stamp Protocol (TSP) implementation. A remote attacker could crash the application by supplying a crafted time-stamp file that is mishandled by the openssl ts tool. The connected advisories ...

7.5CVSS8.1AI score0.28533EPSS
CVE
CVE
added 2015/12/06 12:0 a.m.227 views

CVE-2015-3195

CVE-2015-3195 affects OpenSSL’s ASN.1/TASN_DEC implementation mishandling errors from malformed X509_ATTRIBUTE data, enabling remote attackers to read memory of a CMS/PKCS#7 process. Public records show impact across multiple OpenSSL lines prior to updates: 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 bef...

5.3CVSS6.3AI score0.38709EPSS
CVE
CVE
added 2015/03/30 10:0 a.m.225 views

CVE-2015-1351

The CVE-2015-1351 issue concerns PHP’s OPcache extension (zend_shared_alloc.c: _zend_shared_memdup). A use-after-free in PHP 5.6.7 and earlier can allow remote denial of service or potentially other impact via unknown vectors. The F5 advisory confirms the vulnerability and indicates affected PHP/...

7.5CVSS7.7AI score0.08707EPSS
CVE
CVE
added 2016/06/20 12:0 a.m.225 views

CVE-2016-2178

OpenSSL CVE-2016-2178: The dsa_sign_setup path in OpenSSL up to version 1.0.2h can process DSA signing in a non-constant-time way, enabling a local attacker to recover a private DSA key via a timing side-channel. Several advisories note this alongside other OpenSSL fixes and generally recommend u...

5.5CVSS7.2AI score0.01174EPSS
CVE
CVE
added 2016/06/09 4:0 p.m.222 views

CVE-2016-4448

CVE-2016-4448 is a format-string vulnerability in libxml2 (pre-2.9.4). The connected F5 advisory confirms libxml2 is the vulnerable component across multiple BIG-IP products and lists specific BIG-IP families/versions as vulnerable, with a table guiding upgrades to non‑vulnerable releases. Impact...

10CVSS9.5AI score0.07039EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.222 views

CVE-2016-7039

CVE-2016-7039 affects the Linux kernel IP stack up to version 4.8.2. An attacker can trigger the GRO path with large crafted packets (e.g., VLAN header packets), causing stack consumption and a possible panic/DoS; this is related to CVE-2016-8666. Nessus/UTSA advisories for Unity Linux reference ...

7.8CVSS7.8AI score0.07613EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.220 views

CVE-2016-6302

CVE-2016-6302 affects OpenSSL: an under-specified/under-checked length condition in TLS session ticket handling can cause an out-of-bounds read (DoS) when SHA-512 is used for ticket HMAC. Public details in 2016 advisory set; openssl fixes moved to 1.0.2.i-1 (and newer). Remediation: upgrade OpenS...

7.5CVSS7.3AI score0.26441EPSS
CVE
CVE
added 2016/05/23 10:0 a.m.217 views

CVE-2016-4913

The CVE-2016-4913 issue affects the Linux kernel (fs/isofs/rock.c) and concerns get_rock_ridge_filename mishandling of NM (alternate name) entries containing a NUL character. A local attacker mounting a crafted isofs filesystem could read kernel memory due to this information leak. The vulnerabil...

7.8CVSS7.4AI score0.00512EPSS
CVE
CVE
added 2016/04/25 2:0 p.m.215 views

CVE-2016-4054

CVE-2016-4054: A remote code execution vulnerability in Squid related to processing Edge Side Includes (ESI) responses. The issue appears in Squid 3.x (pre-3.5.17) and 4.x (pre-4.0.9) per the initial entry; connected advisories confirm ESI-related buffer/validation flaws and exposures when Squid ...

8.1CVSS8.7AI score0.77559EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.212 views

CVE-2016-2179

OpenSSL CVE-2016-2179: The DTLS implementation could exhaust memory by accepting many crafted DTLS sessions due to unprocessed, out-of-order handshake messages. This memory-DoS vectors arises from DTLS queue handling in d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. Public advisories (...

7.5CVSS8.2AI score0.26559EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.206 views

CVE-2016-4470

CVE-2016-4470 affects the Linux kernel keyring handling: in key_reject_and_link() an uninitialized pointer may be dereferenced after an error, enabling a local attacker to trigger a denial of service (system crash) via crafted keyctl request2. Connected advisories confirm this is a kernel issue w...

5.5CVSS5.8AI score0.00582EPSS
CVE
CVE
added 2016/02/08 2:0 a.m.204 views

CVE-2013-4312

The CVE-2013-4312 issue affects the Linux kernel prior to 4.4.1, where a local attacker could bypass per-process file-descriptor limits by sending descriptors over a local UNIX domain socket before closing them, causing memory exhaustion and potential denial of service. The root cause is the hand...

6.2CVSS5.7AI score0.006EPSS
CVE
CVE
added 2014/12/12 6:0 p.m.200 views

CVE-2014-8134

CVE-2014-8134 affects the Linux kernel’s KVM paravirt code path (arch/x86/kernel/kvm.c, paravirt_ops_setup) through version 3.18. The root cause is an improper paravirt_enabled setting for KVM guest kernels, which could allow a guest user to bypass ASLR via a crafted application that reads a 16‑b...

3.3CVSS5.4AI score0.00703EPSS
CVE
CVE
added 2017/07/21 2:0 p.m.200 views

CVE-2015-5219

CVE-2015-5219 affects the Network Time Protocol (NTP) SNTP components, specifically the sntp utility, prior to version 4.2.7p366. The root cause is an incorrect type conversion in the ULOGTOD function (precision → double) which can cause a crafted NTP packet to trigger an infinite loop in sntp, l...

7.5CVSS7.1AI score0.05839EPSS
CVE
CVE
added 2016/03/13 6:0 p.m.197 views

CVE-2016-1960

CVE-2016-1960 is a vulnerability in Mozilla Firefox’s HTML5 parser (nsHtml5TreeBuilder) involving an integer underflow that enables a use-after-free scenario when parsing end tags in a foreign fragment context (SVG). Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; exploitation can l...

8.8CVSS7.6AI score0.31046EPSS
CVE
CVE
added 2017/01/30 9:0 p.m.197 views

CVE-2016-2518

CVE-2016-2518 affects NTP ntpd: MATCH_ASSOC() can trigger an out-of-bounds reference when handling addpeer with a large hmode. Affected versions are ntpd before 4.2.8p9 and 4.3.x before 4.3.92. Impact is a potential crash/denial of service via crafted packets. Mitigation: upgrade to fixed release...

5.3CVSS6.2AI score0.15081EPSS
CVE
CVE
added 2017/08/07 8:0 p.m.196 views

CVE-2015-7691

CVE-2015-7691 affects ntpd’s crypto_xmit handling in NTP 4.2.x (before 4.2.8p4) and 4.3.x (before 4.3.77). The flaw arises from incomplete validation of autokey operations in crafted packets, allowing a remote attacker to crash ntpd (denial of service). This is tied to an incomplete fix of CVE-20...

7.5CVSS7.8AI score0.07103EPSS
CVE
CVE
added 2017/08/07 8:0 p.m.196 views

CVE-2015-7701

CVE-2015-7701 involves a memory leak in ntpd’s CRYPTO_ASSOC when autokey is enabled. Affected: ntpd in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. Impact: potential denial of service due to memory exhaustion. Remediation: upgrade to fixed ntp releases (e.g., 4.2.8p4+ or 4.3.77+); or disable...

7.5CVSS8.2AI score0.06519EPSS
CVE
CVE
added 2017/01/30 9:0 p.m.194 views

CVE-2015-7977

CVE-2015-7977 : ntpd/nptdsp (NTP) vulnerability where processing of the ntpdc reslist command could cause a NULL pointer dereference and crash ntpd. This is triggered by large restriction lists. Affects ntpd/ntpdc in NTP 4.2.x leading up to 4.2.8p6 and 4.3.x prior to 4.3.90. Remediation: upgrade ...

5.9CVSS6.3AI score0.06295EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.189 views

CVE-2016-0695

CVE-2016-0695 is discussed across multiple connected sources as a vulnerability in OpenJDK/OpenJRE components (Serialization, Hotspot, RMI/JMX deserialization, JAXP surrogate handling, and DS A signatures). The issue enables potential confidentiality breaches and sandbox bypass mechanics, with th...

5.9CVSS6.6AI score0.03397EPSS
CVE
CVE
added 2016/05/11 9:0 p.m.189 views

CVE-2016-3710

CVE-2016-3710 : A bounds-checking flaw in QEMU’s VGA module (VBE read/write via I/O ports) allows a privileged guest to modify banked video memory and execute arbitrary code on the host with QEMU process privileges. Root cause: out-of-bounds read/write in VGA bank access. Impact: potential host c...

8.8CVSS8.7AI score0.00916EPSS
CVE
CVE
added 2016/08/02 4:0 p.m.188 views

CVE-2016-5403

CVE-2016-5403 affects QEMU’s virtio path (virtqueue_pop in hw/virtio/virtio.c). A local guest OS administrator can cause a denial of service via unbounded memory allocation by submitting virtqueue requests without waiting for completion, potentially crashing the QEMU process. Public postings acro...

5.5CVSS5.9AI score0.0052EPSS
Total number of security vulnerabilities132