Max CVSS 10.0 Min CVSS 1.9 Total Count227
IDCVSSSummaryLast (major) updatePublished
CVE-2019-3813 5.4
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
04-02-2019 - 13:29 04-02-2019 - 13:29
CVE-2016-10741 4.7
In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of
01-02-2019 - 11:29 01-02-2019 - 11:29
CVE-2017-18360 4.9
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
31-01-2019 - 04:29 31-01-2019 - 04:29
CVE-2019-6977 6.8
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This c
26-01-2019 - 21:29 26-01-2019 - 21:29
CVE-2019-6706 5.0
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
23-01-2019 - 14:29 23-01-2019 - 14:29
CVE-2019-2537 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacke
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2534 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2531 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2529 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged at
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2507 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged a
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2503 3.8
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low p
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2482 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2481 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged a
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-2455 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attac
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2018-20721 7.5
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
16-01-2019 - 09:29 16-01-2019 - 09:29
CVE-2019-6133 4.4
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin
11-01-2019 - 09:29 11-01-2019 - 09:29
CVE-2018-6179 4.3
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a cra
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6178 4.3
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6175 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6174 6.8
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6173 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6172 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6170 6.8
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6169 4.3
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6167 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6166 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6165 4.3
Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6164 4.3
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6163 4.3
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6162 6.8
Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6160 4.3
JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6158 5.1
A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6153 6.8
A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-6151 6.8
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2019-5489 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af
07-01-2019 - 12:29 07-01-2019 - 12:29
CVE-2018-16884 6.7
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container
18-12-2018 - 17:29 18-12-2018 - 17:29
CVE-2018-18245 3.5
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
17-12-2018 - 10:29 17-12-2018 - 10:29
CVE-2018-20169 7.2
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
17-12-2018 - 02:29 17-12-2018 - 02:29
CVE-2018-20145 5.0
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.
13-12-2018 - 15:29 13-12-2018 - 15:29
CVE-2018-20103 5.0
An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaus
12-12-2018 - 12:29 12-12-2018 - 12:29
CVE-2018-20102 5.0
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-
12-12-2018 - 12:29 12-12-2018 - 12:29
CVE-2018-18397 2.1
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that fil
12-12-2018 - 05:29 12-12-2018 - 05:29
CVE-2018-9568 7.2
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi
06-12-2018 - 09:29 06-12-2018 - 09:29
CVE-2018-19608 1.9
Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.
05-12-2018 - 17:29 05-12-2018 - 17:29
CVE-2018-18843 7.5
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.
04-12-2018 - 18:29 04-12-2018 - 18:29
CVE-2018-17976 4.0
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via Epic change descriptions.
04-12-2018 - 18:29 04-12-2018 - 18:29
CVE-2018-17975 5.0
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.
04-12-2018 - 18:29 04-12-2018 - 18:29
CVE-2018-17939 5.0
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.
04-12-2018 - 18:29 04-12-2018 - 18:29
CVE-2018-6152 6.8
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to pote
04-12-2018 - 12:29 04-12-2018 - 12:29
CVE-2018-19854 1.9
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sens
04-12-2018 - 11:29 04-12-2018 - 11:29
CVE-2018-6982 4.9
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.
04-12-2018 - 09:29 04-12-2018 - 09:29
CVE-2018-6981 7.2
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below co
04-12-2018 - 09:29 04-12-2018 - 09:29
CVE-2018-19824 4.6
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.
03-12-2018 - 12:29 03-12-2018 - 12:29
CVE-2018-16863 9.3
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript d
03-12-2018 - 12:29 03-12-2018 - 12:29
CVE-2018-19788 9.0
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
03-12-2018 - 01:29 03-12-2018 - 01:29
CVE-2018-14637 6.8
The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.
30-11-2018 - 08:29 30-11-2018 - 08:29
CVE-2018-16862 2.1
A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data
26-11-2018 - 14:29 26-11-2018 - 14:29
CVE-2018-19407 4.9
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
20-11-2018 - 19:29 20-11-2018 - 19:29
CVE-2018-14658 5.8
A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack
13-11-2018 - 14:29 13-11-2018 - 14:29
CVE-2018-14657 4.3
A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.
13-11-2018 - 14:29 13-11-2018 - 14:29
CVE-2018-14655 3.5
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfull
13-11-2018 - 14:29 13-11-2018 - 14:29
CVE-2018-19200 5.0
An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.
12-11-2018 - 10:29 12-11-2018 - 10:29
CVE-2018-19199 7.5
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
12-11-2018 - 10:29 12-11-2018 - 10:29
CVE-2018-19198 7.5
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
12-11-2018 - 10:29 12-11-2018 - 10:29
CVE-2018-9516 7.2
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e
07-11-2018 - 06:29 06-11-2018 - 12:29
CVE-2018-9363 7.2
In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne
07-11-2018 - 06:29 06-11-2018 - 12:29
CVE-2018-0734 4.3
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.
30-10-2018 - 08:29 30-10-2018 - 08:29
CVE-2018-18690 4.9
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_
26-10-2018 - 14:29 26-10-2018 - 14:29
CVE-2018-14625 4.4
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gath
10-09-2018 - 09:29 10-09-2018 - 09:29
CVE-2018-5391 7.8
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments
06-09-2018 - 17:29 06-09-2018 - 17:29
CVE-2018-10902 4.6
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi
21-08-2018 - 15:29 21-08-2018 - 15:29
CVE-2018-5546 7.2
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A maliciou
17-08-2018 - 08:29 17-08-2018 - 08:29
CVE-2018-14574 5.8
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
07-08-2018 - 21:29 03-08-2018 - 13:29
CVE-2018-10894 5.5
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
01-08-2018 - 13:29 01-08-2018 - 13:29
CVE-2018-10883 4.9
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
30-07-2018 - 12:29 30-07-2018 - 12:29
CVE-2017-18344 2.1
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID
26-07-2018 - 15:29 26-07-2018 - 15:29
CVE-2018-10881 4.9
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
26-07-2018 - 14:29 26-07-2018 - 14:29
CVE-2018-10879 6.1
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
26-07-2018 - 14:29 26-07-2018 - 14:29
CVE-2018-10878 6.1
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
26-07-2018 - 14:29 26-07-2018 - 14:29
CVE-2018-0618 3.5
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
26-07-2018 - 13:29 26-07-2018 - 13:29
CVE-2018-13988 4.3
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
25-07-2018 - 19:29 25-07-2018 - 19:29
CVE-2018-13796 4.3
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
12-07-2018 - 14:29 12-07-2018 - 14:29
CVE-2016-9604 2.1
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
11-07-2018 - 09:29 11-07-2018 - 09:29
CVE-2018-13405 4.6
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a me
06-07-2018 - 10:29 06-07-2018 - 10:29
CVE-2018-12910 7.5
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
05-07-2018 - 14:29 05-07-2018 - 14:29
CVE-2018-12327 7.5
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whet
20-06-2018 - 10:29 20-06-2018 - 10:29
CVE-2018-1120 3.5
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w
20-06-2018 - 09:29 20-06-2018 - 09:29
CVE-2018-5848 4.6
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS
12-06-2018 - 16:29 12-06-2018 - 16:29
CVE-2018-5803 4.9
In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.
12-06-2018 - 12:29 12-06-2018 - 12:29
CVE-2018-12232 7.1
In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment t
12-06-2018 - 08:29 12-06-2018 - 08:29
CVE-2018-1118 2.1
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel
10-05-2018 - 18:29 10-05-2018 - 18:29
CVE-2017-18267 4.3
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
10-05-2018 - 11:29 10-05-2018 - 11:29
CVE-2018-1130 4.9
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
10-05-2018 - 09:29 10-05-2018 - 09:29
CVE-2018-10940 4.9
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
09-05-2018 - 13:29 09-05-2018 - 13:29
CVE-2018-10768 5.0
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are no
06-05-2018 - 19:29 06-05-2018 - 19:29
CVE-2018-10767 5.0
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will l
06-05-2018 - 19:29 06-05-2018 - 19:29
CVE-2018-10733 4.3
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
04-05-2018 - 13:29 04-05-2018 - 13:29
CVE-2018-10322 4.9
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
24-04-2018 - 02:29 24-04-2018 - 02:29
CVE-2018-8781 7.2
The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissi
23-04-2018 - 15:29 23-04-2018 - 15:29
CVE-2018-4117 4.3
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-1094 7.1
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system
01-04-2018 - 23:29 01-04-2018 - 23:29
CVE-2018-1092 7.1
The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and
01-04-2018 - 23:29 01-04-2018 - 23:29
CVE-2017-18255 4.6
The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by
31-03-2018 - 13:29 31-03-2018 - 13:29
CVE-2017-18232 2.1
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
15-03-2018 - 00:29 15-03-2018 - 00:29
CVE-2018-7537 5.0
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due t
09-03-2018 - 15:29 09-03-2018 - 15:29
CVE-2018-7536 5.0
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expr
09-03-2018 - 15:29 09-03-2018 - 15:29
CVE-2018-7995 4.7
** DISPUTED ** Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_inte
09-03-2018 - 10:29 09-03-2018 - 10:29
CVE-2018-7757 2.1
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy
08-03-2018 - 09:29 08-03-2018 - 09:29
CVE-2018-7740 4.9
The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages syste
07-03-2018 - 03:29 07-03-2018 - 03:29
CVE-2017-18221 4.9
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.
07-03-2018 - 03:29 07-03-2018 - 03:29
CVE-2018-5730 5.5
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string w
06-03-2018 - 15:29 06-03-2018 - 15:29
CVE-2018-5729 6.5
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to th
06-03-2018 - 15:29 06-03-2018 - 15:29
CVE-2017-18208 4.9
The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.
01-03-2018 - 00:29 01-03-2018 - 00:29
CVE-2017-18174 7.5
In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.
11-02-2018 - 13:29 11-02-2018 - 13:29
CVE-2018-1000026 6.8
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear
09-02-2018 - 18:29 09-02-2018 - 18:29
CVE-2017-18079 7.2
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is va
29-01-2018 - 00:29 29-01-2018 - 00:29
CVE-2018-5950 4.3
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
23-01-2018 - 11:29 23-01-2018 - 11:29
CVE-2018-5344 4.6
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.
12-01-2018 - 04:29 12-01-2018 - 04:29
CVE-2017-17805 7.2
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service
20-12-2017 - 18:29 20-12-2017 - 18:29
CVE-2017-17450 4.6
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data s
06-12-2017 - 19:29 06-12-2017 - 19:29
CVE-2017-0861 4.6
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
16-11-2017 - 18:29 16-11-2017 - 18:29
CVE-2017-9725 9.3
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.
21-09-2017 - 11:29 21-09-2017 - 11:29
CVE-2017-10661 7.6
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel q
19-08-2017 - 14:29 19-08-2017 - 14:29
CVE-2017-7533 6.9
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_han
05-08-2017 - 12:29 05-08-2017 - 12:29
CVE-2015-3243 2.1
rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.
25-07-2017 - 14:29 25-07-2017 - 14:29
CVE-2017-8797 7.8
The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering
02-07-2017 - 13:29 02-07-2017 - 13:29
CVE-2017-1000379 7.2
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-9242 4.9
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via craft
26-05-2017 - 21:29 26-05-2017 - 21:29
CVE-2017-9077 7.2
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 10:29 19-05-2017 - 10:29
CVE-2017-9076 7.2
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related i
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9075 7.2
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related is
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-9074 7.2
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly
19-05-2017 - 03:29 19-05-2017 - 03:29
CVE-2017-7495 2.1
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by
15-05-2017 - 14:29 15-05-2017 - 14:29
CVE-2016-10200 6.9
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a s
10-05-2017 - 21:29 07-03-2017 - 16:59
CVE-2017-8890 7.2
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.
10-05-2017 - 12:29 10-05-2017 - 12:29
CVE-2016-7429 4.3
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface
09-05-2017 - 21:29 13-01-2017 - 11:59
CVE-2017-7889 7.2
The mm subsystem in the Linux kernel through 4.10.10 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation acces
21-04-2017 - 13:40 16-04-2017 - 20:59
CVE-2017-7616 2.1
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap op
14-04-2017 - 13:06 10-04-2017 - 10:59
CVE-2017-2671 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (pani
11-04-2017 - 15:05 05-04-2017 - 02:59
CVE-2016-7097 3.6
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permission
07-04-2017 - 21:59 16-10-2016 - 17:59
CVE-2017-2647 7.2
The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_sea
04-04-2017 - 12:02 31-03-2017 - 00:59
CVE-2017-6462 4.6
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
29-03-2017 - 14:31 27-03-2017 - 13:59
CVE-2017-6464 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
29-03-2017 - 14:14 27-03-2017 - 13:59
CVE-2017-6463 4.0
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
29-03-2017 - 14:14 27-03-2017 - 13:59
CVE-2017-7187 7.2
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl
23-03-2017 - 13:51 20-03-2017 - 10:59
CVE-2017-6951 4.9
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
21-03-2017 - 14:56 16-03-2017 - 14:59
CVE-2016-10166 7.5
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.
16-03-2017 - 15:11 15-03-2017 - 11:59
CVE-2016-9806 7.2
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes send
07-03-2017 - 21:59 28-12-2016 - 02:59
CVE-2017-6001 7.6
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: thi
01-03-2017 - 21:59 18-02-2017 - 16:59
CVE-2017-5970 5.0
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invali
28-02-2017 - 21:59 14-02-2017 - 01:59
CVE-2015-1158 10.0
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trigger data corruption for reference-counted strings v
23-02-2017 - 21:59 26-06-2015 - 06:59
CVE-2017-5551 3.6
The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid pro
09-02-2017 - 16:53 06-02-2017 - 01:59
CVE-2017-2596 4.9
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mish
07-02-2017 - 14:33 06-02-2017 - 01:59
CVE-2016-10147 4.9
crypto/mcryptd.c in the Linux kernel before 4.8.15 allows local users to cause a denial of service (NULL pointer dereference and system crash) by using an AF_ALG socket with an incompatible algorithm, as demonstrated by mcryptd(md5).
23-01-2017 - 21:59 18-01-2017 - 16:59
CVE-2017-2584 3.6
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, f
18-01-2017 - 10:26 14-01-2017 - 21:59
CVE-2016-9576 7.2
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-af
17-01-2017 - 21:59 28-12-2016 - 02:59
CVE-2016-7042 4.9
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a deni
06-01-2017 - 22:00 16-10-2016 - 17:59
CVE-2016-6893 6.8
Cross-site request forgery (CSRF) vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access
06-01-2017 - 22:00 02-09-2016 - 10:59
CVE-2016-10088 6.9
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of ser
06-01-2017 - 22:00 30-12-2016 - 13:59
CVE-2014-7975 4.9
The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss
06-01-2017 - 22:00 13-10-2014 - 06:55
CVE-2014-3496 10.0
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in
06-01-2017 - 22:00 20-06-2014 - 10:55
CVE-2015-0293 5.0
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY me
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0292 7.5
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corru
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0289 5.0
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0288 5.0
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) v
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0287 5.0
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial o
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0286 5.0
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2015-0209 6.8
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corrup
02-01-2017 - 21:59 19-03-2015 - 18:59
CVE-2016-9685 4.9
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.
30-12-2016 - 21:59 28-12-2016 - 02:59
CVE-2016-9588 2.1
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
30-12-2016 - 21:59 28-12-2016 - 02:59
CVE-2016-6213 4.7
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) via MS_BIND mount system calls, as demonstrated by
30-12-2016 - 21:59 28-12-2016 - 02:59
CVE-2015-1159 4.3
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
30-12-2016 - 21:59 26-06-2015 - 06:59
CVE-2015-0232 6.8
The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) v
30-12-2016 - 21:59 27-01-2015 - 15:04
CVE-2015-0231 7.5
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call th
30-12-2016 - 21:59 27-01-2015 - 15:03
CVE-2014-9427 7.5
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins wit
30-12-2016 - 21:59 02-01-2015 - 21:59
CVE-2014-8142 7.5
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call th
30-12-2016 - 21:59 20-12-2014 - 06:59
CVE-2012-5519 7.2
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary
27-12-2016 - 21:59 19-11-2012 - 19:55
CVE-2015-2775 7.6
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
23-12-2016 - 21:59 13-04-2015 - 10:59
CVE-2013-5211 5.0
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 20
21-12-2016 - 21:59 02-01-2014 - 09:59
CVE-2016-9566 7.2
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.
16-12-2016 - 14:10 15-12-2016 - 17:59
CVE-2016-8645 4.9
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_
02-12-2016 - 22:27 27-11-2016 - 22:59
CVE-2015-8830 7.2
Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of
30-11-2016 - 22:01 02-05-2016 - 06:59
CVE-2015-8970 4.9
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer der
29-11-2016 - 09:55 27-11-2016 - 22:59
CVE-2016-4913 7.2
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have
28-11-2016 - 15:21 23-05-2016 - 06:59
CVE-2015-8839 1.9
Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized h
28-11-2016 - 14:49 02-05-2016 - 06:59
CVE-2015-5590 7.5
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a l
28-11-2016 - 14:34 19-01-2016 - 00:59
CVE-2015-5589 10.0
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (seg
28-11-2016 - 14:34 16-05-2016 - 06:59
CVE-2013-7205 6.4
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and earlier allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long str
28-11-2016 - 14:10 15-01-2014 - 11:08
CVE-2013-7108 5.5
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (
28-11-2016 - 14:10 15-01-2014 - 11:08
CVE-2013-4152 6.8
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF at
28-11-2016 - 14:09 23-01-2014 - 16:55
CVE-2004-1019 10.0
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free
25-10-2016 - 21:59 10-01-2005 - 00:00
CVE-2014-7970 4.9
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in bo
16-06-2016 - 09:34 13-10-2014 - 06:55
CVE-2013-0331 4.0
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
13-06-2016 - 19:25 19-03-2013 - 10:55
CVE-2013-0330 4.0
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
13-06-2016 - 19:24 19-03-2013 - 10:55
CVE-2013-0329 7.5
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.
13-06-2016 - 18:01 19-03-2013 - 10:55
CVE-2013-0328 4.3
Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13-06-2016 - 11:47 19-03-2013 - 10:55
CVE-2013-0327 6.8
Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.
13-06-2016 - 11:45 19-03-2013 - 10:55
CVE-2013-1855 4.3
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) character
28-09-2015 - 12:28 19-03-2013 - 18:55
CVE-2013-1854 5.0
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input
28-09-2015 - 12:00 19-03-2013 - 18:55
CVE-2013-1857 4.3
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characte
28-09-2015 - 11:56 19-03-2013 - 18:55
CVE-2013-2035 4.4
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with
17-01-2015 - 21:59 28-08-2013 - 19:55
CVE-2014-0233 6.5
Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.
17-11-2014 - 12:24 16-11-2014 - 06:59
CVE-2014-0164 2.1
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information b
30-06-2014 - 14:32 05-05-2014 - 13:06
CVE-2014-0188 7.5
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary
24-04-2014 - 15:06 24-04-2014 - 10:55
CVE-2014-0003 7.5
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
19-04-2014 - 00:45 21-03-2014 - 00:38
CVE-2013-4330 6.8
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.
26-03-2014 - 00:50 04-10-2013 - 13:55
CVE-2013-4287 4.3
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote at
05-03-2014 - 23:47 17-10-2013 - 19:55
CVE-2014-1878 5.0
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service (segmentation f
28-02-2014 - 13:27 28-02-2014 - 10:13
CVE-2012-4466 5.0
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the
11-02-2014 - 23:39 25-04-2013 - 19:55
CVE-2013-0155 6.4
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass inte
13-01-2014 - 23:22 13-01-2013 - 17:55
CVE-2013-2547 2.1
The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information fr
03-01-2014 - 23:46 15-03-2013 - 16:55
CVE-2013-0263 5.1
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack
18-11-2013 - 23:44 08-02-2013 - 15:55
CVE-2012-4464 5.0
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainte
26-08-2013 - 23:27 25-04-2013 - 19:55
CVE-2013-0333 7.5
lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct S
05-06-2013 - 23:24 30-01-2013 - 07:00
CVE-2013-0276 4.3
ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.
05-06-2013 - 23:24 12-02-2013 - 20:55
CVE-2013-0262 4.3
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that
14-05-2013 - 23:34 08-02-2013 - 15:55
CVE-2012-4522 5.0
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
03-05-2013 - 23:20 24-11-2012 - 15:55
CVE-2012-3465 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web scri
10-04-2013 - 23:30 10-08-2012 - 06:34
CVE-2012-3464 4.3
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HT
10-04-2013 - 23:30 10-08-2012 - 06:34
CVE-2012-5371 5.0
Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)
07-03-2013 - 23:10 28-11-2012 - 08:03
CVE-2013-0162 2.1
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
01-03-2013 - 00:00 01-03-2013 - 00:40
CVE-2012-3463 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the pr
06-02-2013 - 23:57 10-08-2012 - 06:34
CVE-2012-3424 5.0
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attac
06-02-2013 - 23:57 08-08-2012 - 06:26
CVE-2012-2695 7.5
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certai
06-02-2013 - 23:55 22-06-2012 - 10:55
CVE-2012-2694 4.3
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which a
06-02-2013 - 23:55 22-06-2012 - 10:55
CVE-2012-2661 5.0
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct
06-02-2013 - 23:55 22-06-2012 - 10:55
CVE-2012-2660 6.4
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which a
06-02-2013 - 23:55 22-06-2012 - 10:55
Back to Top Mark selected
Back to Top