Search
Total
6831 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25122 | 3 Apache, Debian, Oracle | 9 Tomcat, Debian Linux, Agile Plm and 6 more | 2022-02-07 | 5.0 MEDIUM | 7.5 HIGH |
| When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. | |||||
| CVE-2021-26691 | 4 Apache, Debian, Fedoraproject and 1 more | 6 Http Server, Debian Linux, Fedora and 3 more | 2022-02-07 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | |||||
| CVE-2021-23336 | 6 Debian, Djangoproject, Fedoraproject and 3 more | 10 Debian Linux, Django, Fedora and 7 more | 2022-02-07 | 4.0 MEDIUM | 5.9 MEDIUM |
| The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. | |||||
| CVE-2020-27216 | 6 Apache, Debian, Eclipse and 3 more | 19 Beam, Debian Linux, Jetty and 16 more | 2022-02-07 | 4.4 MEDIUM | 7.0 HIGH |
| In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. | |||||
| CVE-2021-46142 | 4 Debian, Fedoraproject, Opensuse and 1 more | 7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more | 2022-02-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. | |||||
| CVE-2021-46141 | 4 Debian, Fedoraproject, Opensuse and 1 more | 7 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 4 more | 2022-02-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. | |||||
| CVE-2022-0368 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Factory and 1 more | 2022-02-02 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2008-0166 | 3 Canonical, Debian, Openssl | 3 Ubuntu Linux, Debian Linux, Openssl | 2022-02-02 | 7.8 HIGH | N/A |
| OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys. | |||||
| CVE-2015-7977 | 8 Canonical, Debian, Fedoraproject and 5 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2022-02-01 | 4.3 MEDIUM | 5.9 MEDIUM |
| ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | |||||
| CVE-2019-3842 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2022-01-31 | 4.4 MEDIUM | 7.0 HIGH |
| In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any". | |||||
| CVE-2018-16865 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2022-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | |||||
| CVE-2018-16864 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2022-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | |||||
| CVE-2018-15688 | 4 Canonical, Debian, Redhat and 1 more | 9 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 6 more | 2022-01-31 | 5.8 MEDIUM | 8.8 HIGH |
| A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. | |||||
| CVE-2018-15686 | 4 Canonical, Debian, Oracle and 1 more | 4 Ubuntu Linux, Debian Linux, Communications Cloud Native Core Network Function Cloud Native Environment and 1 more | 2022-01-31 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. | |||||
| CVE-2018-1049 | 4 Canonical, Debian, Redhat and 1 more | 11 Ubuntu Linux, Debian Linux, Enterprise Linux and 8 more | 2022-01-31 | 4.3 MEDIUM | 5.9 MEDIUM |
| In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted. | |||||
| CVE-2017-18078 | 3 Debian, Opensuse, Systemd Project | 3 Debian Linux, Leap, Systemd | 2022-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file. | |||||
| CVE-2013-4394 | 2 Debian, Systemd Project | 2 Debian Linux, Systemd | 2022-01-31 | 5.9 MEDIUM | N/A |
| The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters." | |||||
| CVE-2013-4391 | 2 Debian, Systemd Project | 2 Debian Linux, Systemd | 2022-01-31 | 7.5 HIGH | N/A |
| Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow. | |||||
| CVE-2013-4327 | 3 Canonical, Debian, Systemd Project | 3 Ubuntu Linux, Debian Linux, Systemd | 2022-01-31 | 6.9 MEDIUM | N/A |
| systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. | |||||
| CVE-2016-10195 | 2 Debian, Libevent Project | 2 Debian Linux, Libevent | 2022-01-31 | 7.5 HIGH | 9.8 CRITICAL |
| The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read. | |||||
| CVE-2016-10197 | 2 Debian, Libevent Project | 2 Debian Linux, Libevent | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname. | |||||
| CVE-2016-10196 | 3 Debian, Libevent Project, Mozilla | 5 Debian Linux, Libevent, Firefox and 2 more | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. | |||||
| CVE-2016-5384 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2022-01-31 | 4.6 MEDIUM | 7.8 HIGH |
| fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. | |||||
| CVE-2020-15999 | 5 Debian, Fedoraproject, Freetype and 2 more | 5 Debian Linux, Fedora, Freetype and 2 more | 2022-01-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-33912 | 2 Debian, Libspf2 Project | 2 Debian Linux, Libspf2 | 2022-01-26 | 9.3 HIGH | 9.8 CRITICAL |
| libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not. | |||||
| CVE-2013-4969 | 4 Canonical, Debian, Puppet and 1 more | 4 Ubuntu Linux, Debian Linux, Puppet Enterprise and 1 more | 2022-01-24 | 2.1 LOW | N/A |
| Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. | |||||
| CVE-2022-23094 | 3 Debian, Fedoraproject, Libreswan | 3 Debian Linux, Fedora, Libreswan | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6. | |||||
| CVE-2021-45085 | 2 Debian, Gnome | 2 Debian Linux, Epiphany | 2022-01-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list. | |||||
| CVE-2001-0554 | 9 Debian, Freebsd, Ibm and 6 more | 11 Debian Linux, Freebsd, Aix and 8 more | 2022-01-21 | 10.0 HIGH | N/A |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | |||||
| CVE-2021-45088 | 2 Debian, Gnome | 2 Debian Linux, Epiphany | 2022-01-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page. | |||||
| CVE-2021-45087 | 2 Debian, Gnome | 2 Debian Linux, Epiphany | 2022-01-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title. | |||||
| CVE-2021-45086 | 2 Debian, Gnome | 2 Debian Linux, Epiphany | 2022-01-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js. | |||||
| CVE-2018-1056 | 3 Advancemame, Canonical, Debian | 3 Advancecomp, Ubuntu Linux, Debian Linux | 2022-01-21 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. | |||||
| CVE-2021-3506 | 3 Debian, Linux, Netapp | 20 Debian Linux, Linux Kernel, Cloud Backup and 17 more | 2022-01-21 | 5.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-45949 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2022-01-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). | |||||
| CVE-2021-45944 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2022-01-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). | |||||
| CVE-2022-20698 | 3 Canonical, Clamav, Debian | 3 Ubuntu Linux, Clamav, Debian Linux | 2022-01-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. | |||||
| CVE-2010-5312 | 2 Debian, Jquery | 2 Debian Linux, Jquery Ui | 2022-01-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. | |||||
| CVE-2021-37529 | 2 Debian, Fig2dev Project | 2 Debian Linux, Fig2dev | 2022-01-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent). | |||||
| CVE-2021-37530 | 2 Debian, Fig2dev Project | 2 Debian Linux, Fig2dev | 2022-01-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. | |||||
| CVE-2021-38173 | 2 Debian, Digint | 2 Debian Linux, Btrbk | 2022-01-19 | 7.5 HIGH | 9.8 CRITICAL |
| Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. | |||||
| CVE-2020-27745 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2022-01-17 | 6.8 MEDIUM | 9.8 CRITICAL |
| Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | |||||
| CVE-2020-12693 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2022-01-17 | 5.1 MEDIUM | 8.1 HIGH |
| Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user. | |||||
| CVE-2021-4008 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-01-14 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4010 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-01-14 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4009 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-01-14 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2021-4011 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2022-01-14 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2022-22707 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2022-01-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. | |||||
| CVE-2021-3842 | 3 Debian, Fedoraproject, Nltk | 3 Debian Linux, Fedora, Nltk | 2022-01-12 | 5.0 MEDIUM | 7.5 HIGH |
| nltk is vulnerable to Inefficient Regular Expression Complexity | |||||
| CVE-2021-46144 | 2 Debian, Roundcube | 2 Debian Linux, Roundcube | 2022-01-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences. | |||||