210 matches found
CVE-2018-10892
CVE-2018-10892 : In Docker/Moby, the default OCI Linux spec (oci/defaults_linux.go) from 1.11 to current does not block /proc/acpi pathnames. This allows a container to affect host hardware state (e.g., enabling/disabling Bluetooth, changing keyboard brightness) by targeting /proc/acpi, represent...
CVE-2020-9490
CVE-2020-9490 affects Apache HTTP Server versions 2.4.20–2.4.43. A specially crafted value for the Cache-Digest header in an HTTP/2 request could cause a crash when the server subsequently attempts to HTTP/2 PUSH a resource. Mitigation for unpatched servers is to disable HTTP/2 PUSH via H2Push of...
CVE-2020-25717
CVE-2020-25717 affects Samba: an authenticated user mapping domain users to local users can lead to privilege escalation. Public references in Connected documents confirm this is a Samba issue (no exploit details provided here). Several advisories and vendor notes indicate patches or updated pack...
CVE-2018-3639
CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...
CVE-2019-9514
CVE-2019-9514 corresponds to an HTTP/2 vulnerability where an attacker floods a peer by sending HEADERS frames, causing unbounded memory growth and potential DoS. Public details in connected advisories show affected stacks include Go HTTP/2 implementations and Go-based tools, with remediation via...
CVE-2016-7103
CVE-2016-7103 is a cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0, exploitable via the closeText parameter of the Dialog widget. The issue allows remote script/HTML injection. Remediation per connected documents is to upgrade to jQuery UI 1.12.0 or later (fixed version).
CVE-2016-6662
CVE-2016-6662 affects MySQL-derived products (MySQL, MariaDB, Percona Server) across multiple branches, allowing local users to bypass protections by setting general_log_file to a my.cnf configuration. The underlying flaw enables arbitrary configuration by non-privileged users and can be leverage...
CVE-2020-10711
The CVE-2020-10711 entry concerns a NULL pointer dereference in the Linux kernel SELinux subprocess during CIPSO category bitmap import. Affected are kernel versions before 5.7; processing the CIPSO restricted bitmap tag in cipso_v4_parsetag_rbm sets a security attribute indicating the bitmap exi...
CVE-2016-2124
CVE-2016-2124 is a Samba SMB1 authentication flaw. The vulnerability lets an attacker retrieve plaintext passwords sent over the wire, even when Kerberos may be required. Connected sources confirm Samba SMB1 handling is at issue, with advisories across Red Hat, Amazon Linux 2/ALAS, Alpine and Clo...
CVE-2020-14364
Vulnerability: CVE-2020-14364 affects the USB emulator in QEMU before 5.2.0. Root cause: an out-of-bounds read/write when processing USB packets, specifically if USBDevice 'setup_len' exceeds data_buf[4096] in do_token_in/do_token_out. Impact: a guest user could crash the QEMU process (DoS) or po...
CVE-2018-10237
CVE-2018-10237 affects Google Guava 11.0–24.x before 24.1.1. Unbounded memory allocation occurs during Java serialization of AtomicDoubleArray and GWT serialization of CompoundOrdering, enabling potential denial-of-service via memory exhaustion. Root cause is eager allocation without checks on cl...
CVE-2018-1000807
CVE-2018-1000807 concerns Python-pyOpenSSL before 17.5.0, with a CWE-416 Use-After-Free in X509 object handling that can lead to denial of service or remote code execution. The vulnerability is reported as fixed in 17.5.0. Connected sources (SUSE-SU-2024:1626-1; SUSE-SU-2024:3749-1; OSV entries) ...
CVE-2019-9515
CVE-2019-9515 concerns an HTTP/2 settings flood that can cause memory/CPU exhaustion. Arista’s security advisory (Security Advisory 0043) states the vulnerability is in Go’s gRPC HTTP/2 usage and can affect TerminAttr, OpenConfig, CVP, and certain Wi‑Fi OpenConfig-enabled components when enabled....
CVE-2018-1000808
CVE-2018-1000808 affects Python Cryptographic Authority pyopenssl prior to 17.5.0, describing a CWE-401 use-after-free in PKCS#12 Store handling that can lead to a Denial of Service when memory is constrained. The issue arises when loading/reloading certificates from PKCS#12, potentially triggere...
CVE-2020-10756
CVE-2020-10756 is a concrete vulnerability in the QEMU SLiRP networking (libslirp) implementation. The issue is an out-of-bounds read in icmp6_send_echoreply() when replying to ICMP echo requests, enabling a guest to leak host memory and cause information disclosure. Affected component/version: l...
CVE-2018-7536
CVE-2018-7536 affects Django: vulnerable in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The issue is a denial-of-service caused by catastrophic backtracking in two regular expressions used by django.utils.html.urlize() (one regex in 1.8.x). The urlize() function underpins...
CVE-2018-10903
The CVE-2018-10903 issue affects python-cryptography versions >=1.9.0 and
CVE-2023-2088
CVE-2023-2088 affects OpenStack components (Cinder/Nova) due to an inconsistency between Cinder and Nova. A remote, authenticated attacker can detach a volume from Cinder, with the highest impact on confidentiality. Public details in connected docs confirm a vulnerability arising from OpenStack s...
CVE-2020-27827
CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...
CVE-2020-14355
Summary of CVE-2020-14355 : Multiple buffer overflow vulnerabilities were found in the QUIC image decoding path of SPICE, affecting both client and server components (spice-gtk, spice-server, and shared spice-common code). The flaws could allow a remote attacker to send crafted QUIC messages that...
CVE-2020-1711
CVE-2020-1711 affects the QEMU iSCSI Block driver: an out-of-bounds heap buffer access in iscsi_co_block_status() when processing iSCSI server responses for LBA status. A remote attacker could crash QEMU or potentially execute code with host-QEMU privileges, via a crafted response from the iSCSI ...
CVE-2018-10915
CVE-2018-10915 affects libpq: the PostgreSQL client library may fail to reset internal state between connections, enabling untrusted host/hostaddr parameters to bypass client-side security and potentially enable access to higher-privilege connections or related SQL-injection impacts via PQescape(...
CVE-2021-3656
CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...
CVE-2017-7481
CVE-2017-7481 affects Ansible before versions 2.3.1.0 and 2.4.0.0, where lookup-plugin results could be marked unsafe, allowing code execution via jinja2 if an attacker controls lookup() results. The description and connected advisories confirm the vulnerability originates from unsafe lookup resu...
CVE-2018-2562
CVE-2018-2562 affects the MySQL Server component (Partition subcomponent) of Oracle MySQL. Affected versions include 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.19 and earlier. The vulnerability allows a low-privileged, network-attacker with access via multiple protocols to cause a hang or cr...
CVE-2019-10192
CVE-2019-10192 is a heap-buffer overflow in Redis HyperLogLog used by SETRANGE. Affected: Redis HyperLogLog in 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. By corrupting a hyperloglog, an attacker can cause Redis to write up to 3 bytes beyond the end of a heap-allocated buffer. Imp...
CVE-2019-11291
CVE-2019-11291 affects Pivotal RabbitMQ: 3.7.x before 3.7.20, 3.8.x before 3.8.1, and RabbitMQ for PCF (1.16.x before 1.16.7, 1.17.x before 1.17.4). The underlying issue is improper sanitization of input in the federation and shovel endpoints, enabling a remote authenticated attacker with adminis...
CVE-2019-11287
CVE-2019-11287 affects Pivotal RabbitMQ and RabbitMQ for Pivotal Platform web management plugin. Versions 3.7.x before 3.7.21, 3.8.x before 3.8.1, and 1.16.x before 1.16.7 and 1.17.x before 1.17.4 are vulnerable. The vulnerability allows a crafted X-Reason HTTP header to inject a malicious Erlang...
CVE-2018-2767
CVE-2018-2767 affects Oracle MySQL Server (subcomponent: Server: Security: Encryption). Affected are MySQL Server versions 5.5.60 and earlier, 5.6.40 and earlier, and 5.7.22 and earlier. The vulnerability allows a low-privilege attacker who can reach the server over multiple network protocols to ...
CVE-2018-2755
CVE-2018-2755 affects Oracle MySQL Server (Server: Replication) and is present in supported MySQL/MariaDB branches up to specific prior versions: 5.5.59 and earlier, 5.6.39 and earlier, and 5.7.21 and earlier. The issue allows takeover of MySQL Server and requires logon with user interaction; imp...
CVE-2019-16786
Waitress (Python WSGI server) before version 1.4.0 exposed an HTTP request-smuggling vulnerability related to Transfer-Encoding. If a request’s Transfer-Encoding header was not finalised as chunked, Waitress could ignore the header and fall back to Content-Length, potentially allowing HTTP pipeli...
CVE-2019-10193
CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...
CVE-2015-3456
The CVE-2015-3456 VENOM issue affects QEMU’s Floppy Disk Controller emulation (FDC), also used by VirtualBox and other virtualization stacks in Xen 4.5.x and earlier and KVM. The vulnerability is a buffer/out-of-bounds condition in the FDC where certain commands (notably FD_CMD_READ_ID and FD_CMD...
CVE-2019-16785
Summary: The vulnerability CVE-2019-16785 affects Waitress (Python WSGI server) up to v1.3.1. It relates to RFC7230’s line-termination rule: Waitress may treat messages inconsistently when a proxy uses LF vs CRLF, enabling HTTP request smuggling/splitting. Impact is the front-end and back-end par...
CVE-2018-2668
CVE-2018-2668 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Affected: 5.5.58 and earlier; 5.6.38 and earlier; 5.7.20 and earlier. Description across sources: a low-privilege, network-accessible attacker can exploit via multiple protocols to cause a hang or ...
CVE-2020-10753
CVE-2020-10753 affects Red Hat Ceph Storage RadosGW (Ceph Object Gateway). A newline in a CORS ExposeHeader tag in the CORS configuration can inject HTTP headers into responses, enabling header injection during CORS requests. The issue is reported for Ceph RGW in versions 3.x and 4.x (with relate...
CVE-2020-1739
CVE-2020-1739 affects Ansible (2.7.16 and earlier, 2.8.8 and earlier, 2.9.5 and earlier). The flaw arises when a password is supplied to the svn module via the password argument, causing the password to be echoed into the svn command line and readable by other users on the same node by inspecting...
CVE-2018-16876
CVE-2018-16876 affects Ansible prior to versions 2.5.14, 2.6.11, and 2.7.5, exposing information via information disclosure in vvv+ mode when no_log is enabled. The issue is a data leakage vulnerability, confirmed across multiple advisories (e.g., RHSA-2019-0564/0590 and related distributions) an...
CVE-2019-14900
CVE-2019-14900 affects Hibernate ORM prior to 5.3.18, 5.4.18, and 5.5.0.Beta1. The flaw is a SQL injection in the JPA Criteria API implementation that can permit unsanitized literals in the SELECT or GROUP BY clauses, enabling an attacker to access unauthorized information. The connected document...
CVE-2018-2813
CVE-2018-2813 is reported in the F5 AWS advisory as a MySQL Server (subcomponent: Server: DDL) vulnerability. Affected are Oracle MySQL/MariaDB lineage versions 5.5.59 and prior, 5.6.39 and prior, and 5.7.21 and prior. The issue: a low-privileged attacker with network access can compromise MySQL ...
CVE-2018-10875
CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...
CVE-2018-10855
CVE-2018-10855 affects Ansible: versions 2.5 prior to 2.5.5 and 2.4 prior to 2.4.5 do not honor the no_log flag for failed tasks, which can cause sensitive data passed to a task to be exposed in logs and on the user’s terminal when the task fails. Red Hat advisories (RHSA-2018:1948, RHSA-2019:005...
CVE-2018-2640
The CVE refers to CVE-2018-2640 in the MySQL/MariaDB family: the vulnerability is in the MySQL Server component (Server: Optimizer) and affects multiple supported branches (5.5.x, 5.6.x, 5.7.x) with ability for a network‑accessible, low‑privileged attacker to cause a hang or crash (DOS). Public a...
CVE-2018-2817
CVE-2018-2817 affects the MySQL/MariaDB server stack (MySQL Server component; subcomponents such as DDL/InnoDB/Optimizer) across multiple product lines. Affected versions include MySQL/MariaDB releases prior to upstream fixes (e.g., 5.5.x, 5.6.x, 5.7.x families as cited in the documents). Impact ...
CVE-2019-14846
CVE-2019-14846 affects Ansible Engine where all 2.x lines up to 2.8.5 (and similar older branches) could disclose credentials because plugins logging at DEBUG level log sensitive data. The flaw does not affect Ansible modules (they run in a separate process). Public docs show multiple vendors/adv...
CVE-2021-3930
CVE-2021-3930 concerns an off-by-one error in the SCSI device emulation of QEMU during MODE SELECT handling in mode_sense_page() when page is MODE_PAGE_ALLS (0x3f). The vulnerability can allow a malicious guest to crash QEMU, causing a denial of service. Affected software is QEMU (various release...
CVE-2017-10268
CVE-2017-10268 affects Oracle MySQL Server (Server: Replication) with affected versions 5.5.57 and earlier, 5.6.37 and earlier, and 5.7.19 and earlier. The vulnerability allows a high-privilege attacker with logon to the infrastructure where MySQL Server executes to compromise the server, potenti...
CVE-2015-6815
CVE-2015-6815 affects QEMU with e1000 NIC emulation. The process_tx_desc path in hw/net/e1000.c improperly handles transmit descriptor data, enabling a remote attacker within the local network to trigger an infinite loop and guest crash (Denial of Service). This vulnerability is tied to QEMU befo...
CVE-2018-2622
CVE-2018-2622 affects MySQL Server (Server: DDL) with affected versions 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.20 and earlier. It allows a network-based attacker with low privileges to cause a hang or complete denial-of-service. Multiple connected advisories (ALAS-2018-969, CentOS/CESA-2...
CVE-2019-14905
The CVE-2019-14905 issue affects Ansible Engine’s nxos_file_copy module, where the filename parameter could be crafted to inject OS commands on NXOS devices. This is a local attack with potential confidentiality, integrity, and availability impacts as described (loss of confidentiality, etc.). Af...