31 matches found
CVE-2014-3470
CVE-2014-3470 is an OpenSSL vulnerability where the ssl3_send_client_key_exchange in s3_clnt.c can trigger a NULL certificate value when using anonymous ECDH cipher suites, leading to a denial-of-service via NULL pointer dereference and client crash. Affected OpenSSL versions are before 0.9.8za, ...
CVE-2023-48795
CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...
CVE-2014-0160
CVE-2014-0160 (Heartbleed) is an information-disclosure vulnerability in OpenSSL’s TLS/DTLS heartbeat implementation. Affected: OpenSSL 1.0.1 before 1.0.1g. Root cause: improper handling of the Heartbeat extension (d1_both.c, t1_lib.c) leading to a buffer over-read, enabling an attacker to read m...
CVE-2012-1823
CVE-2012-1823 affects PHP when run as CGI (php-cgi). The issue is that sapi/cgi/cgi_main.c mishandles query strings without an =, enabling remote code execution by passing command-line options in the query. Affected PHP versions include 5.3.x up to 5.3.12 and 5.4.x up to 5.4.2, with exploitation ...
CVE-2012-0053
CVE-2012-0053 affects Apache HTTP Server 2.2.x up to 2.2.21. The flaw in protocol.c during 400 error page construction can reveal HTTPOnly cookie values via long/malformed headers with crafted scripts. Remediation per advisories: upgrade to 2.2.22 or later (e.g., httpd 2.2.22).
CVE-2023-3961
Samba (smbd) is affected by CVE-2023-3961 due to insufficient sanitization of client pipe names for Unix domain sockets, enabling a path traversal that could let a client connect as root to sockets outside the private directory. Exploitation details are not provided beyond this risk, but multiple...
CVE-2012-0031
CVE-2012-0031 affects Apache HTTP Server 2.2.21 and earlier, specifically scoreboard.c. The vulnerability allows local users to cause a denial of service (daemon crash during shutdown) or potentially other unspecified impact by modifying a type field in a shared scoreboard Memory segment, which l...
CVE-2014-0224
CVE-2014-0224 describes an OpenSSL ChangeCipherSpec (CCS) handling flaw that can enable a Man-in-the-Middle to force use of weak key material in TLS/SSL sessions, allowing traffic decryption or modification between vulnerable client and server. The initial OpenSSL disclosures specify affected ser...
CVE-2020-14318
CVE-2020-14318 is a Samba security issue: a missing handle permissions check in ChangeNotify could allow an authenticated user to access file/directory information that should be restricted. Connected documents confirm Samba as the affected product and specify the vulnerable component/function (C...
CVE-2023-4091
CVE-2023-4091 affects Samba, where the acl_xattr VFS module can allow an SMB client to truncate files to zero bytes even when opened with read-only access. This occurs when acl_xattr:ignore system acls = yes and the client uses an OVERWRITE create disposition, bypassing kernel permissions checks....
CVE-2020-10730
CVE-2020-10730 affects the Samba AD DC LDAP Server (ASQ, VLV, and paged_results) with a NULL pointer dereference/use-after-free in affected builds prior to 4.10.17, 4.11.11, and 4.12.4. The root cause is in handling certain LDAP controls in the AD DC LDAP server, with the issue also present in th...
CVE-2021-44141
CVE-2021-44141 affects Samba. All versions prior to 4.15.5 are vulnerable to a server-symlink race that lets a malicious client determine existence of files/dirs outside the exported share, with SMB1 and UNIX extensions enabled required for exploitation. The issue is mitigated by upgrading to a f...
CVE-2019-14907
Summary (CVE-2019-14907) : Samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12, and 4.11.x before 4.11.5 have a flaw where, if log level is set to 3 or higher, a client string obtained after a failed character conversion can be printed during NTLMSSP negotiation. In the Samba AD DC this may...
CVE-2021-3670
The CVE-2021-3670 issue concerns the Samba ldb LDAP server: MaxQueryDuration is not honoured in the AD DC LDAP path, allowing potential denial-of-service by overloading LDAP. Affected: Samba’s ldb/LDAP component; root cause is LDAP query duration not being enforced. Impact: DoS via excessive LDAP...
CVE-2023-42669
Samba CVE-2023-42669 describes denial of service via the rpcecho development server. The vulnerability stems from an RPC function that can be blocked indefinitely because rpcecho runs with a single worker in the main RPC task, allowing calls to sleep for a specified duration and block, potentiall...
CVE-2012-0876
The CVE-2012-0876 issue affects the Expat XML parser (xmlparse.c) prior to version 2.1.0, where hash initialization is not salted to prevent hash collisions. This enables context-dependent attackers to trigger collision-based DoS via XML files with many identical identifiers. References and downs...
CVE-2023-34968
CVE-2023-34968 refers to Samba Spotlight mdssvc RPC path disclosure, where the server-side absolute path of shares/files is exposed in search results. Connected sources confirm this is a Samba issue in the Spotlight path return handling and list it among related CVEs (e.g., CVEs 2022-2127, 2023-3...
CVE-2023-3347
Samba SMB2 packet signing was not enforced when server signing is required, enabling potential tampering of SMB2 traffic and compromising data integrity. The CVE affects Samba and has multiple advisories (e.g., ALMAS/Errata entries) linking to CVE-2023-3347. Connected documents indicate remediati...
CVE-2011-3045
CVE-2011-3045 describes an integer signedness error in libpng’s png_inflate (pngrutil.c) affecting libpng before 1.4.10beta01. The vulnerability, cited as used in Google Chrome before 17.0.963.83 and other products, can cause a denial of service (application crash) or potentially allow arbitrary ...
CVE-2020-10685
CVE-2020-10685 affects Ansible Engine versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, and Ansible Tower up to 3.6.3, when using vault-decrypting modules (assemble, script, unarchive, win_copy, aws_s3, copy). A temporary directory is created in /tmp and left unencrypted; on ...
CVE-2022-26148
Grafana (through 7.3.4) integrated with Zabbix contains a credentials disclosure flaw: the Zabbix password and URL can be exposed by inspecting api_jsonrpc.php in the HTML source after login/registration, enabling an attacker with access to the app to obtain sensitive Zabbix credentials. Root cau...
CVE-2012-0247
CVE-2012-0247 affects ImageMagick 6.7.5-7 and earlier. The vulnerability allows remote attackers to cause memory corruption and potentially execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0. Connected advisories document that patches exist acros...
CVE-2014-0221
The CVE concerns OpenSSL: the function dtls1_get_message_fragment in d1_both.c is vulnerable to a DoS via an invalid DTLS handshake. Affected are OpenSSL binaries prior to 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. In practice, a remote attacker can trigger recursion and a client cras...
CVE-2012-1938
CVE-2012-1938 affects Mozilla's browser engine and is described in the MiracleLinux AXSA:2012-857 advisory as multiple vulnerabilities in Firefox (and related components) that could allow memory corruption and remote code execution. Specifically, it impacts Mozilla Firefox before 13.0, Thunderbir...
CVE-2012-4406
OpenStack Swift prior to 1.7.0 is vulnerable: it uses the pickle loads function to serialize/deserialize metadata in memcached, enabling remote code execution via a crafted pickle object. Public advisories (RHSA-2012:1379) note that a fix exists but is not enabled by default; remediation involves...
CVE-2022-2447
CVE-2022-2447 affects OpenStack Keystone. A time lag (up to one hour) between policy revocation and actual revocation could let a remote administrator maintain access longer than expected. Related advisories (e.g., Ubuntu USN-7926-1) reference this CVE and indicate that updates are available; app...
CVE-2012-0037
The CVE-2012-0037 issue affects Redland Raptor (libraptor) and is triggered when parsing RDF/XML with an XXE declaration. The vulnerability allows user-assisted remote attackers to read arbitrary files via crafted RDF documents, as observed in libraptor versions used by OpenOffice/LibreOffice lin...
CVE-2012-0248
CVE-2012-0248 affects ImageMagick 6.7.5-7 and earlier, enabling remote DoS (infinite loop/hang) via a crafted image whose IFD contains IOP tags referencing the start of the IDF. The connected sources confirm the affected version range and the attack vector is remote, with impact limited to denial...
CVE-2012-0260
CVE-2012-0260 affects ImageMagick prior to 6.7.6-3: the JPEGWarningHandler in coders/jpeg.c can be triggered by a crafted JPEG with specific restart marker sequences, causing memory consumption DoS. Affected versions are ImageMagick before 6.7.6-3; remediation is to upgrade to a fixed release (6....
CVE-2012-1798
CVE-2012-1798 affects ImageMagick prior to 6.7.6-3. The TIFFGetEXIFProperties function in coders/tiff.c allows a remote attacker to trigger a denial of service via a crafted EXIF IFD in a TIFF image, causing an out-of-bounds read and crash. The vulnerability context is consistent with reports tha...
CVE-2013-4280
CVE-2013-4280 affects RedHat vsdm 4.9.6 with an insecure temporary file vulnerability. The vulnerability’s impact is limited to integrity (I:H) with no confidentiality or availability impact per CVSS. It is a local-attack, low-complexity issue without required user interaction. Connected Nessus d...