CVE-2014-0160

CVE-2014-0160 (Heartbleed) is an information-disclosure vulnerability in OpenSSL’s TLS/DTLS heartbeat implementation. Affected: OpenSSL 1.0.1 before 1.0.1g. Root cause: improper handling of the Heartbeat extension (d1_both.c, t1_lib.c) leading to a buffer over-read, enabling an attacker to read m...

CVE-2014-6271

CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...

CVE-2014-7169

CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...

CVE-2023-4911

CVE-2023-4911 is a buffer overflow in the GNU C Library ld.so when processing GLIBC_TUNABLES, enabling local privilege escalation via malicious GLIBC_TUNABLES values when launching binaries with SUID. Affected: glibc, with versions older than 2.38-6 (per CBLMARINER:34733) and older listings notin...

CVE-2021-3560

CVE-2021-3560 – Polkit local privilege escalation : A flaw in polkit allows a local unprivileged process to bypass credential checks for D-Bus requests, enabling privilege escalation to root. Technical details across connected sources show the issue arises when a requesting process disconnects fr...

CVE-2019-9636

CVE-2019-9636 overview Python 2.7.x (up to 2.7.16) and Python 3.x (up to 3.7.2) are affected by improper handling of Unicode encoding during NFKC normalization, exposing information such as cookies and credentials cached for a hostname. The vulnerable components are urllib.parse.urlsplit and urll...

CVE-2021-3621

SSSD is affected by CVE-2021-3621. The sssctl command (logs-fetch and cache-expire) is vulnerable to shell command injection, enabling an attacker to trick root (e.g., via sudo) into running a crafted sssctl command to gain root privileges. Advisories from Astra Linux, Debian LTS, Gentoo and Amaz...

CVE-2019-10160

CVE-2019-10160 relates to a security regression in Python where parsing user-supplied URLs could cause leakage of host-related data (cookies, authentication data) by abusing URL components. The issue affects multiple Python releases (2.7, 3.5, 3.6, 3.7 and pre-3.8.0a4–3.8.0b1) and is tied to URL ...

CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

CVE-2020-25717

CVE-2020-25717 affects Samba: an authenticated user mapping domain users to local users can lead to privilege escalation. Public references in Connected documents confirm this is a Samba issue (no exploit details provided here). Several advisories and vendor notes indicate patches or updated pack...

CVE-2018-3639

CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...

CVE-2019-14816

CVE-2019-14816 is a Linux kernel heap-based buffer overflow in the mwifiex (Marvell) wifi driver that affects all versions up to, but excluding, 5.3. It enables a local attacker to crash the system or potentially execute arbitrary code via the Marvell wifi chip driver; affected scope is the kerne...

CVE-2019-14287

CVE-2019-14287 affects sudo before 1.8.28. An attacker with a Runas ALL sudoer account can bypass policy blacklists and session PAM modules and cause incorrect logging by invoking sudo with a crafted user ID (example: sudo -u $((0xffffffff))). This corresponds to a local privilege-escalation flaw...

CVE-2018-13405

CVE-2018-13405 involves the Linux kernel inode_init_owner() logic where, in a scenario with an SGID directory and a writably user who is not in that group, a local user could create a plain file with the SGID group ownership and executable bits, effectively escalating privileges. Connected docume...

CVE-2018-10858

The connected documents confirm CVE-2018-10858 is a heap-buffer overflow in Samba client handling of extra-long filenames in directory listings, enabling arbitrary code execution on a Samba client. Affected versions include Samba before 4.6.16, 4.7.9, and 4.8.4. Mitigation/patches: updates to fix...

CVE-2019-14835

The CVE-2019-14835 entry describes a buffer overflow in Linux kernel vhost functionality (virtqueue buffers translated to IOVs) during VM live migration. A privileged guest user could pass descriptors with invalid length while migration is underway, potentially causing a host privilege escalation...

CVE-2015-0235

CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...

CVE-2018-10237

CVE-2018-10237 affects Google Guava 11.0–24.x before 24.1.1. Unbounded memory allocation occurs during Java serialization of AtomicDoubleArray and GWT serialization of CompoundOrdering, enabling potential denial-of-service via memory exhaustion. Root cause is eager allocation without checks on cl...

CVE-2021-4154

CVE-2021-4154 is a Linux kernel use-after-free in cgroup v1 parsing (cgroup1_parse_param) that allows local privilege escalation via the fsconfig parameter, potentially enabling container breakout and system DoS. Affected component: kernel/cgroup/cgroup-v1.c in the Linux kernel. Root cause: use-a...

CVE-2022-0435

CVE-2022-0435 is a Linux kernel TIPc stack overflow issue. The vulnerability occurs in TIPc domain record handling when a peer sends a domain with more than 64 members, enabling a remote attacker with access to the TIPc network to crash the system and potentially escalate privileges. Connected ad...

CVE-2018-5390

CVE-2018-5390 (SegmentSmack) affects Linux kernels 4.9+ where specially crafted TCP packets can trigger expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue(), potentially exhausting CPU and causing DoS. The Citrix advisory corroborates that TCP reassembly issues can lead to CPU sa...

CVE-2022-0330

CVE-2022-0330 affects the Linux kernel i915 GPU driver. The root cause is a missing GPU TLB flush in the i915 driver, enabling a local attacker to cause a denial of service or privilege escalation by running code on the GPU. Public documents from connected sources confirm the flaw and its associa...

CVE-2017-7525

CVE-2017-7525 is a deserialization flaw in jackson-databind enabling code execution via ObjectMapper.readValue on versions before 2.6.7.1, 2.7.9.1, or 2.8.9. Astra Linux notes extend the issue to versions before 2.8.10 and 2.9.1, and newer advisories reference mitigations/updates. Remediation vis...

CVE-2021-3634

CVE-2021-3634 affects libssh

CVE-2017-12196

CVE-2017-12196 affects Undertow when using Digest authentication. The vulnerability exists because Undertow does not ensure that the URI in the Authorization header matches the HTTP request line, enabling a MITM-like scenario to access content. Affected are Undertow releases prior to 1.4.18.SP1, ...

CVE-2020-27827

CVE-2020-27827 concerns Open vSwitch where specially crafted LLDP packets can trigger memory allocation issues during handling of optional TLVs, leading to a denial of service and impacting availability. The connected documents provide various advisories (e.g., AlmaLinux, Gentoo GLSA) that refere...

CVE-2019-10126

CVE-2019-10126 affects the Linux kernel Marvell mwifiex wireless kernel driver. The issue is a heap-based buffer overflow in mwifiex_uap_parse_tail_ies (drivers/net/wireless/marvell/mwifiex/ie.c) that can lead to memory corruption. Public documents in the Connected set identify the affected compo...

CVE-2019-10161

Summary: CVE-2019-10161 affects libvirt’s libvirtd server in vulnerable releases prior to 4.10.1 and 5.4.1. The virDomainSaveImageGetXMLDesc() API could be invoked by read-only clients with access to the libvirtd socket, specifying an arbitrary path that would be accessed with the permissions of ...

CVE-2018-10915

CVE-2018-10915 affects libpq: the PostgreSQL client library may fail to reset internal state between connections, enabling untrusted host/hostaddr parameters to bypass client-side security and potentially enable access to higher-privilege connections or related SQL-injection impacts via PQescape(...

CVE-2022-27666

CVE-2022-27666 describes a heap buffer overflow in IPsec ESP transformation code (net/ipv4/esp4.c and net/ipv6/esp6.c) that can allow a local user to overwrite kernel heap objects and may lead to local privilege escalation. Connected advisories confirm kernel patches are available (e.g., AlmaLinu...

CVE-2021-3677

CVE-2021-3677 is a memory disclosure flaw in PostgreSQL. A purpose-crafted query can read arbitrary server-memory bytes. In default configurations, any authenticated database user can trigger the attack without creating objects; if max_worker_processes=0, known variants are infeasible, though und...

CVE-2018-7750

CVE-2018-7750 affects Paramiko’s SSH server transport.py: before fixes, it did not verify that authentication completed before processing other requests (e.g., channel-open), enabling a customized SSH client to bypass authentication. Affected series include 1.17.6 and earlier in 1.x, 1.18.x befor...

CVE-2017-7481

CVE-2017-7481 affects Ansible before versions 2.3.1.0 and 2.4.0.0, where lookup-plugin results could be marked unsafe, allowing code execution via jinja2 if an attacker controls lookup() results. The description and connected advisories confirm the vulnerability originates from unsafe lookup resu...

CVE-2019-10167

CVE-2019-10167 affects libvirt’s virConnectGetDomainCapabilities() API. The vulnerability arises from an emulatorbin argument that libvirt v1.2.19+ uses to probe domain capabilities; read‑only clients could supply an arbitrary path, causing libvirtd to execute a crafted executable with libvirtd’s...

CVE-2019-3888

CVE-2019-3888 describes an information exposure in Undertow prior to 2.0.21 where Connectors.executeRootHandler logs the HttpServerExchange object at ERROR level via UndertowLogger.REQUEST_LOGGER.undertowRequestFailed, potentially exposing plain text credentials in log files. Connected documents ...

CVE-2018-10897

CVE-2018-10897 affects reposync, a component of yum-utils. The vulnerability arises from improper path sanitization in remote repository configuration files, enabling a directory traversal that could allow copying files outside the destination directory. If reposync runs with elevated privileges,...

CVE-2021-3609

CVE-2021-3609 is a local privilege-escalation flaw in the Linux kernel CAN BCM subsystem. A race in net/can/bcm.c between bcm_rx_handler() and bcm_release() can free bcm_op/bcm_sock structures while the handler runs, enabling use-after-free and root access. Public advisories consistently describe...

CVE-2018-16881

CVE-2018-16881 affects rsyslog’s imptcp module. An attacker can send a specially crafted TCP message to imptcp, causing the daemon to crash (DoS). Vulnerable in rsyslog versions before 8.27.0; upgrade to 8.27.0+ to remediate. Some advisories (e.g., MiracleLinux AXSA) reference an integer overflow...

CVE-2018-10930

CVE-2018-10930 affects GlusterFS server: an authenticated attacker can misuse RPC gfs3_rename_req to write outside the gluster volume. Affected product variant shown in connected docs is PowerKVM 3.1; remediation provided via updates to GlusterFS (e.g., Red Hat/CentOS advisories and Debian LTS no...

CVE-2019-10168

The CVE-2019-10168 issue affects the libvirt APIs virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU. Versions affected are libvirt 4.x before 4.10.1 and 5.x before 5.4.1. libvirt will execute the program specified by the emulator argument during domain capability probing. Read-on...

CVE-2019-10166

Summary: CVE-2019-10166 affects libvirt. Affected versions: libvirt 4.x up to before 4.10.1 and 5.x up to before 5.4.1. Root cause: The virDomainManagedSaveDefineXML API was exposed to read‑only clients, enabling modification of managed save state files. Impact: If a privileged user created a man...

CVE-2018-10875

CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...

CVE-2018-10855

CVE-2018-10855 affects Ansible: versions 2.5 prior to 2.5.5 and 2.4 prior to 2.4.5 do not honor the no_log flag for failed tasks, which can cause sensitive data passed to a task to be exposed in logs and on the user’s terminal when the task fails. Red Hat advisories (RHSA-2018:1948, RHSA-2019:005...

CVE-2022-2078

CVE-2022-2078 is a Linux kernel vulnerability in nft_set_desc_concat_parse() that can trigger a buffer overflow, leading to denial of service and possibly code execution. The linked AstraEU/IBM advisories reiterate the same function and impact, describing local access requirements and potential f...

CVE-2020-25657

CVE-2020-25657 affects all released versions of the Python m2crypto library. The vulnerability arises from Bleichenbacher timing attacks in the RSA decryption API when processing valid PKCS#1 v1.5 ciphertext, with confidentiality as the highest threat. Connected documents tie the CVE to m2crypto,...

CVE-2021-3501

CVE-2021-3501 affects Linux kernels prior to 5.12. The vulnerability arises from the KVM API: the internal.ndata value is mapped to an array index and can be updated by a user process at any time, enabling an out-of-bounds write. Documented impact is data integrity and system availability. A patc...

CVE-2018-11806

CVE-2018-11806 affects QEMU where the SLiRP networking back-end (mbuf.c) can perform a heap-based buffer overflow when reassembling fragmented datagrams. The described impact in the connected documents includes a potential host compromise via arbitrary code execution or denial of service due to a...

CVE-2021-3620

CVE-2021-3620 is a disclosure vulnerability in Ansible Engine's ansible-connection module where sensitive information such as the Ansible user credentials is exposed in traceback messages. The issue is documented across multiple sources (IBM Spectrum Fusion HCI bulletin, Debian LTS advisory, and ...

CVE-2018-5344

CVE-2018-5344 : The Linux kernel vulnerability affects the driver code at drivers/block/loop.c, where improper lo_release serialization can lead to a use-after-free in __lock_acquire. This can cause a local denial of service (system crash) and may have unspecified other impact. The description in...

CVE-2018-1088

CVE-2018-1088 affects GlusterFS 3.x via the snapshot scheduler: an unauthenticated client could exploit the scheduler to mount shared storage and escalate privileges by scheduling a malicious cronjob via a symlink. The issue is tied to a regression/regression-related chain (CVE-2018-1112) in patc...