Lucene search
K

188 matches found

CVE
CVE
added 2016/01/14 12:0 a.m.3481 views

CVE-2016-0777

CVE-2016-0777 pertains to an information leak and buffer overflow in OpenSSH client roaming (roaming_bytes reading memory) affecting OpenSSH 5.x, 6.x, and 7.x prior to 7.1p2. Exploitation would allow a remote server to obtain memory contents (e.g., private keys) via a roaming request. Connected d...

6.5CVSS6.4AI score0.63468EPSS
CVE
CVE
added 2017/04/11 12:0 a.m.2251 views

CVE-2016-1908

OpenSSH CVE-2016-1908 affects the OpenSSH client before 7.2, where cookie generation for untrusted X11 forwarding can be mishandled when the local X server lacks the SECURITY extension. This could allow remote X11 clients to trigger a fallback to trusted forwarding, bypassing intended access cont...

9.8CVSS9AI score0.13736EPSS
CVE
CVE
added 2016/01/14 12:0 a.m.2056 views

CVE-2016-0778

CVE-2016-0778 affects the OpenSSH client roaming feature. The root cause is improper bounds handling in roaming_read/roaming_write in roaming_common.c, enabling a heap-based buffer overflow when certain proxy/forward options are used. This can cause a denial of service or potentially arbitrary co...

8.1CVSS7.3AI score0.2037EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.1524 views

CVE-2016-5387

CVE-2016-5387 affects Apache httpd prior to 2.4.25, where RFC 3875 compliance allows untrusted HTTP_PROXY data to influence outbound proxy selection via a crafted Proxy header (the httpoxy issue). Public docs indicate the issue arises from the HTTP_PROXY environment variable being exposed to appl...

8.1CVSS8AI score0.55724EPSS
CVE
CVE
added 2016/05/05 6:0 p.m.1090 views

CVE-2016-3715

Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...

5.8CVSS6.3AI score0.75383EPSS
In wild
CVE
CVE
added 2016/05/05 6:0 p.m.1090 views

CVE-2016-3718

ImageMagick is affected by CVE-2016-3718: the HTTP and FTP coders can be abused to perform server-side request forgery via a crafted image. Affected lines: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. The vulnerability allows an attacker to induce the server to make HTTP/FTP requests when ...

5.5CVSS6.7AI score0.76897EPSS
In wild
CVE
CVE
added 2016/04/21 10:0 a.m.780 views

CVE-2016-3427

CVE-2016-3427 is an unspecified vulnerability in Oracle Java SE (affecting 6u113, 7u99, 8u77) and JRockit, tied to the Java Management Extensions (JMX) component. Exploitation can affect confidentiality, integrity, and availability via JMX-related vectors; the issue is described as an unspecified...

10CVSS6.8AI score0.92334EPSS
In wild
CVE
CVE
added 2015/01/28 7:0 p.m.597 views

CVE-2015-0235

CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...

10CVSS7.7AI score0.94859EPSS
In wild
CVE
CVE
added 2016/05/16 10:0 a.m.542 views

CVE-2015-4643

CVE-2015-4643 is an integer overflow in PHP’s FTP extension (ftp_genlist in ext/ftp/ftp.c). A long LIST reply from an FTP server can trigger a heap-based buffer overflow, potentially allowing code execution. Affected PHP versions: before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10. The v...

9.8CVSS8.9AI score0.16948EPSS
CVE
CVE
added 2016/09/28 10:0 a.m.515 views

CVE-2016-2776

CVE-2016-2776 describes a denial-of-service in ISC BIND where a crafted DNS query leads to an assertion failure in buffer.c while building responses, causing named to exit. Affected products/versions include BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3. The root ca...

7.8CVSS6.4AI score0.89482EPSS
CVE
CVE
added 2015/12/16 3:0 p.m.476 views

CVE-2015-8000

CVE-2015-8000 affects ISC BIND 9.x (before 9.9.8-P2 and 9.10.x before 9.10.3-P2). A flaw in db.c parsing incoming responses allows remote DoS via a malformed class attribute, causing an assertion failure and daemon exit. F5’s advisory notes vulnerability presence in BIG-IP family components that ...

5CVSS6.7AI score0.5469EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.453 views

CVE-2016-5385

CVE-2016-5385 affects PHP up to 7.0.8, where PHP did not protect against the HTTP_PROXY namespace clash, potentially allowing a remote attacker to redirect a script’s outbound HTTP traffic to an attacker‑controlled proxy via a crafted Proxy header. Public analyses reference CGI/CGI‑like environme...

8.1CVSS8AI score0.50427EPSS
CVE
CVE
added 2014/01/02 11:0 a.m.434 views

CVE-2013-5211

CVE-2013-5211 affects ntpd’s monlist functionality. ntpd before 4.2.7p26 allows remote attackers to cause a DoS via forged REQ_MON_GETLIST and REQ_MON_GETLIST_1 requests (traffic amplification). Public advisories confirm exploitation in the wild and recommend upgrading ntp to 4.2.7p26 or newer (e...

5CVSS5.7AI score0.97549EPSS
CVE
CVE
added 2016/06/20 12:0 a.m.358 views

CVE-2016-2177

OpenSSL vulnerability CVE-2016-2177 arises from pointer arithmetic used for heap-buffer boundary checks in OpenSSL 1.0.2h and earlier, which could allow a remote attacker to trigger a denial of service (integer overflow and crash) due to unexpected malloc behavior. Affected components include s3_...

9.8CVSS8.3AI score0.44505EPSS
CVE
CVE
added 2016/07/19 1:0 a.m.328 views

CVE-2016-5388

The CVE-2016-5388 issue affects Apache Tomcat (CGI Servlet enabled) where Proxy header handling exposes HTTP_PROXY data to CGI scripts, enabling redirection of outbound requests to a attacker-controlled proxy (httpoxy). Public advisories across multiple distributions confirm Tomcat 7.x up to 7.0....

8.1CVSS6.8AI score0.50896EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.323 views

CVE-2016-2182

CVE-2016-2182 affects the BN_bn2dec() path in OpenSSL (OpenSSL before 1.1.0). The BN_div_word() return value is not reliably checked, enabling an out-of-bounds write that could crash the app or lead to other impact via processing large BIGNUMs. Several advisories (Android OpenSSL bulletin, Linux ...

9.8CVSS9.1AI score0.44218EPSS
CVE
CVE
added 2024/12/24 6:48 p.m.318 views

CVE-2022-21505

CVE-2022-21505: In the Linux kernel IMA, enabling appraisal with ima_appraise=log can bypass lockdown on systems where Secure Boot is disabled or unavailable. IMA blocks ima_appraise=log via boot params when Secure Boot is enabled, but this protection does not cover lockdown used without Secure B...

6.7CVSS7AI score0.002EPSS
CVE
CVE
added 2016/07/03 9:0 p.m.314 views

CVE-2016-4997

CVE-2016-4997 affects the Linux kernel netfilter IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE handling in 32/64-bit compatibility paths prior to 4.6.3, enabling local privilege escalation or memory-corruption-based denial of service when a crafted offset is supplied via in-container root access. Ex...

7.8CVSS7.5AI score0.05676EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.303 views

CVE-2022-21499

CVE-2022-21499: KGDB/KDB can read/write kernel memory if lockdown is triggered; attacker with serial-port access could trigger debugger. Connected advisories reiter the risk and note the need to ensure lockdown mode is respected, but do not specify a patched version or remediation beyond that. Th...

6.7CVSS7AI score0.00612EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.297 views

CVE-2014-0207

CVE-2014-0207 affects the PHP fileinfo extension’s handling of Composite Document Format (CDF) files. The vulnerability is in the cdf_read_short_sector() function (cdf.c) when used with PHP builds prior to 5.4.30 and 5.5.x prior to 5.5.14, where insufficient boundary checks allow a remote attacke...

6.5CVSS8.9AI score0.16853EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.294 views

CVE-2014-3479

CVE-2014-3479 affects the Fileinfo component in PHP (cdf_check_stream_offset in cdf.c) and can trigger a remote denial of service (application crash) by crafting a CDF stream offset. It is tied to PHP versions before 5.4.30 and 5.5.x before 5.5.14 due to incorrect sector-size data. The issue is d...

4.3CVSS8.9AI score0.14927EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.290 views

CVE-2014-3480

The CVE-2014-3480 entry concerns a flaw in the cdf_count_chain function of cdf.c used by PHP’s Fileinfo component. The issue stems from inadequate validation of sector-count data in CDF files, enabling a remote attacker to trigger a denial of service (application crash) by supplying a crafted CDF...

6.5CVSS8.9AI score0.11481EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.282 views

CVE-2015-3329

CVE-2015-3329 describes multiple stack-based buffer overflows in PHP’s Phar handling (phar_set_inode in phar_internal.h) that allow remote code execution via crafted length values in tar, phar, or ZIP archives. Affected PHP releases are 5.4.40 and earlier (5.4.x), 5.5.x prior to 5.5.24, and 5.6.x...

7.5CVSS8AI score0.38434EPSS
CVE
CVE
added 2014/07/09 10:0 a.m.280 views

CVE-2014-3487

CVE-2014-3487 is a vulnerability in PHP’s Fileinfo (cdf_read_property_info in cdf.c) where the Fileinfo component fails to validate a stream offset in CDF files. A crafted CDF file can cause a DoS (application crash) on PHP builds using file before 5.19, specifically affecting PHP 5.4.30 and 5.5....

4.3CVSS8.8AI score0.14927EPSS
CVE
CVE
added 2016/03/13 6:0 p.m.276 views

CVE-2016-1950

CVE-2016-1950 is a real NSS vulnerability: a heap-based buffer overflow in the ASN.1 DER parser allows remote code execution via crafted data in X.509 certificates. Affected NSS releases include 3.19.2.3 and 3.20.x, and 3.21.x before 3.21.1; it affects Mozilla Firefox up to 45.0 and Firefox ESR 3...

8.8CVSS7.9AI score0.04192EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.270 views

CVE-2015-4024

The CVE-2015-4024 entry describes an algorithmic complexity DoS in PHP’s multipart HTTP POST handling (multipart_buffer_headers in main/rfc1867.c). Attackers can cause high CPU usage with specially crafted form data, affecting PHP versions prior to 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5....

5CVSS7.3AI score0.50129EPSS
CVE
CVE
added 2015/08/14 6:0 p.m.251 views

CVE-2015-1819

The CVE-2015-1819 entry is supported by connected data showing a deterministic DoS in libxml2 via XML Entity Expansion (XEE) during XML parsing, causing memory exhaustion. Amazon Linux 2 advisory ALAS2-2019-1220 explicitly groups CVE-2015-1819 with several libxml2 DoS/memory-related CVEs and inst...

5CVSS6.5AI score0.0634EPSS
CVE
CVE
added 2015/11/13 2:0 a.m.246 views

CVE-2015-8126

CVE-2015-8126 concerns libpng buffer overflows in png_set_PLTE and png_get_PLTE caused by improper bounds checks. Affected ranges include libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Exploitation via a small bit-...

7.5CVSS7.9AI score0.10339EPSS
CVE
CVE
added 2015/06/09 6:0 p.m.243 views

CVE-2015-3330

CVE-2015-3330 affects PHP when running under Apache httpd 2.4.x; the php_handler in sapi/apache2handler/sapi_apache2.c can be invoked by pipelined HTTP requests to cause a denial of service or possibly arbitrary code execution due to a deconfigured interpreter. Affected families are PHP versions ...

6.8CVSS8.1AI score0.14077EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.240 views

CVE-2014-8559

CVE-2014-8559 is tied to the Linux kernel up to version 3.17.2, where the d_walk function in fs/dcache.c fails to properly preserve the semantics of rename_lock. This can allow a local attacker to cause a denial of service via a deadlock and system hang. The connected advisories state that the is...

5.5CVSS5.2AI score0.00738EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.234 views

CVE-2016-2181

OpenSSL CVE-2016-2181 affects the Datagram TLS (DTLS) replay protection: a flaw in the replay window handling could cause legitimate packets to be dropped when a crafted sequence number is used, enabling a remote attacker to cause DoS. Upstream fixes were released (e.g., OpenSSL 1.0.2.x and 1.0.1...

7.5CVSS8.3AI score0.22634EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.234 views

CVE-2016-3598

CVE-2016-3598 concerns an unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 within the Libraries component that could allow remote attackers to affect confidentiality, integrity, and availability via sandbox-related bypasses. The issue is described as a sandbox restrictio...

9.6CVSS7.8AI score0.0669EPSS
CVE
CVE
added 2016/08/01 12:0 a.m.232 views

CVE-2016-2180

CVE-2016-2180 refers to an out-of-bounds read in the TS_OBJ_print_bio() function of the OpenSSL X.509 Time-Stamp Protocol (TSP) implementation. A remote attacker could crash the application by supplying a crafted time-stamp file that is mishandled by the openssl ts tool. The connected advisories ...

7.5CVSS8.1AI score0.28533EPSS
CVE
CVE
added 2015/12/06 12:0 a.m.227 views

CVE-2015-3195

CVE-2015-3195 affects OpenSSL’s ASN.1/TASN_DEC implementation mishandling errors from malformed X509_ATTRIBUTE data, enabling remote attackers to read memory of a CMS/PKCS#7 process. Public records show impact across multiple OpenSSL lines prior to updates: 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 bef...

5.3CVSS6.3AI score0.38709EPSS
CVE
CVE
added 2015/10/04 8:0 p.m.225 views

CVE-2014-9751

CVE-2014-9751 affects the Network Time Protocol daemon (ntpd) in Linux/OS X builds of NTP 4.x prior to 4.2.8p1. The read_network_packet function fails to correctly identify IPv6 loopback (::1) sources, allowing remote attackers to spoof restricted packets and potentially disrupt or manipulate ntp...

6.8CVSS7.2AI score0.04532EPSS
CVE
CVE
added 2015/03/30 10:0 a.m.225 views

CVE-2015-1351

The CVE-2015-1351 issue concerns PHP’s OPcache extension (zend_shared_alloc.c: _zend_shared_memdup). A use-after-free in PHP 5.6.7 and earlier can allow remote denial of service or potentially other impact via unknown vectors. The F5 advisory confirms the vulnerability and indicates affected PHP/...

7.5CVSS7.7AI score0.08707EPSS
CVE
CVE
added 2016/06/20 12:0 a.m.225 views

CVE-2016-2178

OpenSSL CVE-2016-2178: The dsa_sign_setup path in OpenSSL up to version 1.0.2h can process DSA signing in a non-constant-time way, enabling a local attacker to recover a private DSA key via a timing side-channel. Several advisories note this alongside other OpenSSL fixes and generally recommend u...

5.5CVSS7.2AI score0.01174EPSS
CVE
CVE
added 2016/06/09 4:0 p.m.222 views

CVE-2016-4448

CVE-2016-4448 is a format-string vulnerability in libxml2 (pre-2.9.4). The connected F5 advisory confirms libxml2 is the vulnerable component across multiple BIG-IP products and lists specific BIG-IP families/versions as vulnerable, with a table guiding upgrades to non‑vulnerable releases. Impact...

10CVSS9.5AI score0.07039EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.222 views

CVE-2016-7039

CVE-2016-7039 affects the Linux kernel IP stack up to version 4.8.2. An attacker can trigger the GRO path with large crafted packets (e.g., VLAN header packets), causing stack consumption and a possible panic/DoS; this is related to CVE-2016-8666. Nessus/UTSA advisories for Unity Linux reference ...

7.8CVSS7.8AI score0.07613EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.220 views

CVE-2016-6302

CVE-2016-6302 affects OpenSSL: an under-specified/under-checked length condition in TLS session ticket handling can cause an out-of-bounds read (DoS) when SHA-512 is used for ticket HMAC. Public details in 2016 advisory set; openssl fixes moved to 1.0.2.i-1 (and newer). Remediation: upgrade OpenS...

7.5CVSS7.3AI score0.26441EPSS
CVE
CVE
added 2016/04/25 2:0 p.m.214 views

CVE-2016-4054

CVE-2016-4054: A remote code execution vulnerability in Squid related to processing Edge Side Includes (ESI) responses. The issue appears in Squid 3.x (pre-3.5.17) and 4.x (pre-4.0.9) per the initial entry; connected advisories confirm ESI-related buffer/validation flaws and exposures when Squid ...

8.1CVSS8.7AI score0.77559EPSS
CVE
CVE
added 2016/09/16 12:0 a.m.212 views

CVE-2016-2179

OpenSSL CVE-2016-2179: The DTLS implementation could exhaust memory by accepting many crafted DTLS sessions due to unprocessed, out-of-order handshake messages. This memory-DoS vectors arises from DTLS queue handling in d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c. Public advisories (...

7.5CVSS8.2AI score0.26559EPSS
CVE
CVE
added 2016/07/03 9:0 p.m.209 views

CVE-2016-4998

CVE-2016-4998 affects the Linux kernel netfilter IPT_SO_SET_REPLACE handling. The vulnerability allows a local attacker (e.g., with container/root access) to trigger an out-of-bounds read and potentially leak kernel heap memory or cause a Denial of Service by supplying a crafted offset that cross...

7.1CVSS7AI score0.01885EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.206 views

CVE-2016-4470

CVE-2016-4470 affects the Linux kernel keyring handling: in key_reject_and_link() an uninitialized pointer may be dereferenced after an error, enabling a local attacker to trigger a denial of service (system crash) via crafted keyctl request2. Connected advisories confirm this is a kernel issue w...

5.5CVSS5.8AI score0.00582EPSS
CVE
CVE
added 2016/02/08 2:0 a.m.204 views

CVE-2013-4312

The CVE-2013-4312 issue affects the Linux kernel prior to 4.4.1, where a local attacker could bypass per-process file-descriptor limits by sending descriptors over a local UNIX domain socket before closing them, causing memory exhaustion and potential denial of service. The root cause is the hand...

6.2CVSS5.7AI score0.006EPSS
CVE
CVE
added 2015/10/04 8:0 p.m.204 views

CVE-2014-9750

CVE-2014-9750 concerns ntpd with Autokey authentication. The root cause is an error in ntp_crypto.c where a packet extension field’s length value is not properly validated, allowing a remote attacker to either leak sensitive information from ntpd’s process memory or crash the daemon via a malform...

5.8CVSS6.8AI score0.06135EPSS
CVE
CVE
added 2015/10/21 9:0 p.m.199 views

CVE-2015-4819

CVE-2015-4819: An unspecified vulnerability in Oracle MySQL Server affecting 5.5.44 and earlier and 5.6.25 and earlier, located in the Client programs component. It has complete impact on confidentiality, integrity, and availability. The IBM Guardium bulletin (CVE reference list) documents this C...

7.2CVSS5.1AI score0.0045EPSS
CVE
CVE
added 2016/03/13 6:0 p.m.197 views

CVE-2016-1960

CVE-2016-1960 is a vulnerability in Mozilla Firefox’s HTML5 parser (nsHtml5TreeBuilder) involving an integer underflow that enables a use-after-free scenario when parsing end tags in a foreign fragment context (SVG). Affects Firefox before 45.0 and Firefox ESR 38.x before 38.7; exploitation can l...

8.8CVSS7.6AI score0.31046EPSS
CVE
CVE
added 2017/01/30 9:0 p.m.197 views

CVE-2016-2518

CVE-2016-2518 affects NTP ntpd: MATCH_ASSOC() can trigger an out-of-bounds reference when handling addpeer with a large hmode. Affected versions are ntpd before 4.2.8p9 and 4.3.x before 4.3.92. Impact is a potential crash/denial of service via crafted packets. Mitigation: upgrade to fixed release...

5.3CVSS6.2AI score0.15081EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.189 views

CVE-2016-0695

CVE-2016-0695 is discussed across multiple connected sources as a vulnerability in OpenJDK/OpenJRE components (Serialization, Hotspot, RMI/JMX deserialization, JAXP surrogate handling, and DS A signatures). The issue enables potential confidentiality breaches and sandbox bypass mechanics, with th...

5.9CVSS6.6AI score0.03397EPSS
Total number of security vulnerabilities188