CVE-2019-9213

Public exploit
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
Max CVSS
5.5
EPSS Score
0.08%
Published
2019-03-05
Updated
2022-10-12

CVE-2018-15473

Public exploit
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Max CVSS
5.3
EPSS Score
2.36%
Published
2018-08-17
Updated
2023-02-23

CVE-2014-7816

Public exploit
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI.
Max CVSS
5.0
EPSS Score
4.58%
Published
2014-12-01
Updated
2015-03-04

CVE-2013-4124

Public exploit
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Max CVSS
5.0
EPSS Score
97.04%
Published
2013-08-06
Updated
2018-10-30

CVE-2010-1429

Public exploit
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
Max CVSS
5.0
EPSS Score
0.57%
Published
2010-04-28
Updated
2023-02-13

CVE-2010-1428

Known exploited
Public exploit
Used for ransomware
The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.
Max CVSS
5.0
EPSS Score
0.88%
Published
2010-04-28
Updated
2017-08-17
CISA KEV Added
2022-05-25

CVE-2010-0738

Known exploited
Public exploit
Used for ransomware
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Max CVSS
5.0
EPSS Score
97.33%
Published
2010-04-28
Updated
2023-02-13
CISA KEV Added
2022-05-25

CVE-2009-1386

Public exploit
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Max CVSS
5.0
EPSS Score
6.51%
Published
2009-06-04
Updated
2024-02-07

CVE-2001-1013

Public exploit
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
Max CVSS
5.0
EPSS Score
3.63%
Published
2001-09-12
Updated
2017-12-19
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
Max CVSS
5.0
EPSS Score
0.05%
Published
2024-03-21
Updated
2024-03-21
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-03-21
Updated
2024-03-21
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-12
Updated
2024-02-21
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
Max CVSS
5.0
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Max CVSS
5.9
EPSS Score
0.04%
Published
2024-03-06
Updated
2024-03-07
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-12
Updated
2024-02-27
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-03-11
Updated
2024-03-28
A flaw was found in OpenShift. The existing Cross-Site Request Forgery (CSRF) protections in place do not properly protect GET requests, allowing for the creation of WebSockets via CSRF.
Max CVSS
5.4
EPSS Score
0.04%
Published
2024-02-16
Updated
2024-02-16
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-11
Updated
2024-02-22
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-12
Updated
2024-03-19
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
Max CVSS
5.9
EPSS Score
0.06%
Published
2024-01-31
Updated
2024-03-08
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-03-25
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-17
Updated
2024-01-24
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-17
Updated
2024-01-24
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-12
Updated
2024-01-18
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-03-07
872 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!