474 matches found
CVE-2017-15115
CVE-2017-15115: Linux kernel prior to 4.14 allows local users to trigger a denial of service (use-after-free in sctp_do_peeloff in net/sctp/socket.c) via crafted system calls. Impact is system crash; no explicit exploit details provided in the documents beyond this. The IBM bulletin references th...
CVE-2017-17805
CVE-2017-17805 affects the Linux kernel prior to 4.14.8. The Salsa20 cipher implementation (crypto/salsa20_generic.c and arch/x86/crypto/salsa20_glue.c) mishandles zero-length inputs, allowing a local attacker to use the AF_ALG-based skcipher interface to trigger uninitialized memory free and ker...
CVE-2014-2497
Summary of CVE-2014-2497 : The gdImageCreateFromXpm() function in libgd (libgd2) could dereference a NULL pointer when processing an XPM file with a crafted color table, leading to a denial of service (crash). Affected in PHP up to 5.4.26 and earlier. Public references and advisories confirm this...
CVE-2017-13078
CVE-2017-13078 is part of the KRACK family impacting WPA2. A attacker in Wi‑Fi range could reinstall the GTK during the 4‑way handshake, replaying frames to clients. Apple addresses this via security updates (e.g., HT208221/HT208222) for macOS High Sierra/Sierra and related AirPort firmware; exac...
CVE-2017-13082
CVE-2017-13082 is one of the KRACK-class WPA2 flaws. Android/Arch/Debian/CentOS references describe an issue where a retransmitted FT Reassociation Request can reinstall the PTK during processing, enabling a nearby attacker to replay, decrypt, or spoof frames. Impact described across sources incl...
CVE-2011-4127
The CVE-2011-4127 entry is supported by connected advisory data that details the vulnerability in the Linux kernel prior to 3.2.2. Affected component: SG_IO ioctl handling in the kernel (SG_IO ioctls not properly restricted). Root cause: insufficient restriction of SG_IO commands, allowing a loca...
CVE-2009-1185
CVE-2009-1185 affects udev before 1.4.1, which does not verify NETLINK message origin from kernel space, enabling a local user to gain privileges by sending a crafted NETLINK message. Public references show PoC/exploit activity (e.g., Metasploit module, Exploit-DB entries) and multiple advisories...
CVE-2017-13087
CVE-2017-13087 affects WPA/WPA2 (WPA2) implementations in wpa_supplicant/wpa and is part of the KRACK family. The issue is a GTK reinstallation triggered when processing a Wireless Network Management Sleep Mode Response frame, allowing an attacker within radio range to replay frames between APs a...
CVE-2012-0444
CVE-2012-0444 describes a heap-based memory corruption vulnerability in the libvorbis Ogg Vorbis parser that could allow remote code execution or a crash when processing crafted Ogg Vorbis files. Affected products across Mozilla ecosystem (Firefox, Thunderbird, Seamonkey and related XULRunner/Ice...
CVE-2018-16873
CVE-2018-16873 is a Go go get remote code execution vulnerability (GOPATH mode) where a malicious package import path can cause the parent directory to be treated as a Git repository root, leading to execution of commands from the repository’s config if it contains malicious directives. Connected...
CVE-2013-0753
CVE-2013-0753 is a Use‑after‑free vulnerability in Mozilla Firefox’s XMLSerializer.serializeToStream, affecting Firefox before 18.0 (and ESR/Thunderbird/SeaMonkey variants) and allowing remote code execution via crafted content. The issue is exploitable as part of Firefox 17.x lineage; Metasploit...
CVE-2013-4002
CVE-2013-4002 affects the Xerces2 Java XML parser. XMLScanner.java in Xerces2 Java Parser before 2.12.0 (as used in various JREs and Oracle/Jakarta distributions) could allow remote denial of service via vectors related to XML attribute names. IBM and other vendors document DoS impact on affected...
CVE-2016-5772
CVE-2016-5772 : A double free in the PHP WDDX extension (php_wddx_process_data in wddx.c) allows remote attackers to crash the application or potentially execute arbitrary code via crafted XML in wddx_deserialize. Affected PHP versions: before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8. Re...
CVE-2009-2625
CVE-2009-2625 affects Apache Xerces2-Java (XML parser used by JRE/JDK) where parsing a malformed XML with systems DTD identifiers can cause DoS (hangs), via a vulnerability in SYSTEM handling in Xerces2 Java. Connected advisories confirm public fixes: Debian libxerces2-java updates (DSA-1984-1) a...
CVE-2013-0758
CVE-2013-0758 affects Mozilla Firefox (pre-18.0), Firefox ESR (pre-10.0.12 and pre-17.0.2), Thunderbird (pre-17.0.2, including ESR 10.x pre-10.0.12 and pre-17.0.2), and SeaMonkey (pre-2.15). It allows remote attackers to execute arbitrary JavaScript with chrome privileges due to improper interact...
CVE-2015-5300
CVE-2015-5300 (NTP panic-threshold bypass) is detailed in connected advisory from F5 for BIG-IP products, describing a vulnerability in ntpd where the threshold for the -g option is not correctly enforced. An attacker controlling NTP traffic could cause ntpd to step the clock to an arbitrary valu...
CVE-2015-8126
CVE-2015-8126 concerns libpng buffer overflows in png_set_PLTE and png_get_PLTE caused by improper bounds checks. Affected ranges include libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Exploitation via a small bit-...
CVE-2018-19542
CVE-2018-19542 affects JasPer 2.0.14. The vulnerability is a NULL pointer dereference in jp2_decode (libjasper/jp2/jp2_dec.c) that leads to a denial of service. The connected documents confirm the issue and cite unpatched status on several Red Hat releases (RHEL 6/7/8) via Nessus entries, but do ...
CVE-2017-13086
CVE-2017-13086 affects WPA/WPA2, specifically the TDLS handshake where the TDLS PeerKey (TPK) can be reinstalled. The root cause is key reinstallation during the TDLS handshake, enabling an attacker within radio range to replay, decrypt, or spoof frames. This vulnerability is documented across mu...
CVE-2017-13088
CVE-2017-13088 is part of the KRACK family affecting WPA/WPA2 (802.11) where reinstallation of the Integrity Group Temporal Key (IGTK) can occur while processing a Wireless Network Management Sleep Mode Response frame. The flaw enables an attacker within radio range to replay frames between APs a...
CVE-2011-1083
The CVE-2011-1083 issue affects the Linux kernel epoll implementation (epoll_ctl/epoll_create) as shipped in 2.6.37.2 and earlier. Local attackers can cause CPU denial of service by crafting a user-space application that creates and manages epoll file descriptors, exploiting improper traversal of...
CVE-2009-2408
CVE-2009-2408 affects Mozilla NSS up to 3.12.2/Firefox up to 3.0.12/ Thunderbird up to 2.0.0.22 and SeaMonkey up to 1.1.17. The issue is improper handling of a '\0' character in the domain name present in the certificate subject’s Common Name (CN) field of an X.509 certificate. This enables a man...
CVE-2013-1861
CVE-2013-1861 affects MariaDB SQL branches (5.5.x up to 5.5.30, 5.3.x up to 5.3.13, 5.2.x up to 5.2.15, 5.1.x up to 5.1.68) and Oracle MySQL (5.1.69 and earlier, 5.5.31 and earlier, 5.6.11 and earlier). The vulnerability allows remote DoS (crash) via a crafted geometry feature with a large number...
CVE-2010-1321
CVE-2010-1321 affects MIT Kerberos 5’s GSS-API library (krb5) in kg_accept_krb5/accept_sec_context.c. The flaw permits remote authenticated users to cause a denial of service via an AP-REQ with a missing authenticator checksum, triggering a NULL pointer dereference and daemon crash. Affected are ...
CVE-2018-16874
CVE-2018-16874 affects Go’s go get in GOPATH mode when the import path contains curly braces, enabling an arbitrary filesystem write and potential code execution. The vulnerability is documented for Go <1.10.6 and
CVE-2018-18873
CVE-2018-18873 affects JasPer 2.0.14 with a NULL pointer dereference in ras_putdatastd (ras_enc.c), which can cause a crash. The Connected documents confirm the vulnerability and its presence in JasPer 2.0.14 but do not provide a specific patch version or remediation details in the supplied mater...
CVE-2015-3195
CVE-2015-3195 affects OpenSSL’s ASN.1/TASN_DEC implementation mishandling errors from malformed X509_ATTRIBUTE data, enabling remote attackers to read memory of a CMS/PKCS#7 process. Public records show impact across multiple OpenSSL lines prior to updates: 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 bef...
CVE-2012-5612
CVE-2012-5612 describes a heap-based buffer overflow in Oracle MySQL 5.5.19–5.5.28 and MariaDB 5.5.28a (and possibly other versions), enabling remote authenticated users to cause memory corruption, crash the server, and potentially execute arbitrary code. The vulnerability is exploited via a vari...
CVE-2009-3231
CVE-2009-3231 affects PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14. When LDAP authentication is used with anonymous binds, an remote attacker could authenticate with an empty password, bypassing authentication. The issue is documented in multiple sources (e.g., PostgreSQL release notes for 8...
CVE-2014-0181
The CVE-2014-0181 issue affects the Linux kernel Netlink implementation prior to 3.14.1, where there is no authorization based on the opener of a Netlink socket. This can allow a local user to bypass intended access restrictions and modify network configurations by using a Netlink socket for the ...
CVE-2021-45082
CVE-2021-45082 affects Cobbler prior to 3.3.1. The issue resides in templar.py, where the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring (only lines starting with #import are blocked). This could enable unintended module ...
CVE-2010-5298
CVE-2010-5298 – OpenSSL race condition in ssl3_read_bytes (s3_pkt.c) . OpenSSL versions up to 1.0.1g are affected when SSL_MODE_RELEASE_BUFFERS is enabled, enabling a remote attacker to inject data across sessions or cause a denial of service (use-after-free and parsing error) over an SSL connect...
CVE-2017-17806
CVE-2017-17806 affects the Linux kernel before 4.14.8. The HMAC implementation (crypto/hmac.c) does not validate that the underlying hash algorithm is unkeyed, allowing a local attacker who can use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and SHA-3 (CONFIG_CRYPTO_SHA3) to tri...
CVE-2017-17558
Technical details about CVE-2017-17558 are not publicly provided in the supplied documents. Monitor for official advisories for affected products, impact, and mitigations; no concrete exploit information or patch details are available here.
CVE-2011-4516
CVE-2011-4516 affects JasPer, specifically the heap-based buffer overflow in the function jpc_cox_getcompparms (libjasper/jpc/jpc_cs.c) within JasPer 1.900.1. A crafted value in a COD (coding style default) marker segment of a JPEG2000 file can cause remote code execution or memory corruption, po...
CVE-2010-4258
The CVE-2010-4258 issue affects the Linux kernel versions prior to 2.6.36.2. The do_exit function in kernel/exit.c mishandles a KERNEL_DS get_fs value, bypassing access_ok checks and enabling local privilege escalation by overwriting arbitrary kernel memory. Exploitation vectors include use of th...
CVE-2015-5219
CVE-2015-5219 affects the Network Time Protocol (NTP) SNTP components, specifically the sntp utility, prior to version 4.2.7p366. The root cause is an incorrect type conversion in the ULOGTOD function (precision → double) which can cause a crafted NTP packet to trigger an infinite loop in sntp, l...
CVE-2014-4943
CVE-2014-4943 affects the Linux kernel up to 3.15.6, specifically the PPPoL2TP feature in net/l2tp/l2tp_ppp.c. The vulnerability arises from data-structure differences between an l2tp socket and an inet socket, enabling local privilege escalation. Public details in connected sources include PoC/e...
CVE-2018-19539
CVE-2018-19539 (JasPer 2.0.14) : An access violation in libjasper/base/jas_image.c:jas_image_readcmpt can cause a denial of service. Affected component is jas_image_readcmpt in JasPer 2.0.14; root cause is an access violation leading to crash/DoS. Public remediation/fix details are not provided i...
CVE-2009-2698
CVE-2009-2698 affects the Linux kernel UDP implementation (net/ipv4/udp.c and net/ipv6/udp.c) prior to 2.6.19. Local users can gain privileges or cause a denial of service (NULL pointer dereference/system crash) via UDP socket use with MSG_MORE. Oracle Linux/MiracleLinux advisories reference this...
CVE-2012-5829
CVE-2012-5829 is a heap-based buffer overflow in the nsWindow::OnExposeEvent function affecting Mozilla Firefox before 17.0, Firefox ESR before 10.0.11, Thunderbird before 17.0, Thunderbird ESR before 10.0.11, and SeaMonkey before 2.14. Connected documents confirm this vulnerability across multip...
CVE-2018-10195
CVE-2018-10195 affects lrzsz prior to 0.12.21~rc. The issue stems from an incorrect length check in zsdata that can cause a size_t wraparound, potentially leaking information to the receiving side. Public sources consistently describe an information leak risk and, in distributions, a fix/update i...
CVE-2012-1717
CVE-2012-1717 is an unspecified local confidentiality vulnerability in the Java Runtime Environment affecting Oracle JRE 7u4 and earlier, 6u32 and earlier, 5u35 and earlier, and 1.4.2_37 and earlier, related to printing on Solaris/Linux. Connected documents (including IBM BigInsights/InfoSphere a...
CVE-2018-19541
CVE-2018-19541 : A heap-based buffer over-read of size 8 exists in the function jas_image_depalettize (libjasper/base/jas_image.c) in JasPer, affecting versions from 1.900.8 up to 2.0.16 listed in the Initial document. The vulnerability can cause a crash and may enable memory access issues. The C...
CVE-2015-7976
CVE-2015-7976 affects the ntpq saveconfig command in the NTP reference implementation (ntpd/ntpq) across multiple 4.x branches (e.g., 4.1.2, 4.2.x prior to 4.2.8p6, and 4.3.x). The underlying flaw is that saveconfig does not properly filter special characters in filenames, enabling an attacker to...
CVE-2015-5194
CVE-2015-5194: ntpd’s log_config_command in ntp_parser.y allows remote attackers to crash ntpd via crafted logconfig commands. Affected are ntpd before 4.2.7p42; remediation is to upgrade to a fixed version (4.2.7p42+). Connected advisories from F5/IBM detail affected products and patch guidance ...
CVE-2014-0221
The CVE concerns OpenSSL: the function dtls1_get_message_fragment in d1_both.c is vulnerable to a DoS via an invalid DTLS handshake. Affected are OpenSSL binaries prior to 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. In practice, a remote attacker can trigger recursion and a client cras...
CVE-2022-27239
CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...
CVE-2013-6501
CVE-2013-6501 affects PHP before 5.6.7 where the default soap.wsdl_cache_dir in php.ini-production and php.ini-development points to /tmp, enabling local users to perform WSDL injection by creating a predictable file name used by get_sdl in ext/soap/php_sdl.c. Consequence described as easier loca...
CVE-2018-18584
CVE-2018-18584 affects libmspack and cabextract. In mspack/cab.h, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write (before 0.8alpha for libmspack and before 1.8 for cabextract). Remediation involves upgrading to fixed versions (e.g....