Vulnerabilities (CVE)

Filtered by CWE-755
Total 493 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28631 1 Comrak Project 1 Comrak 2024-02-28 N/A 9.8 CRITICAL
comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with `parse_document`. This AST can then be converted to HTML via `html::format_document_with_plugins`. However, the HTML formatting code assumes that the AST is well-formed. For example, many AST notes contain `[u8]` fields which the formatting code assumes is valid UTF-8 data. Several bugs can be triggered if this is not the case. Version 0.17.0 contains adjustments to the AST, storing strings instead of unvalidated byte arrays. Users are advised to upgrade. Users unable to upgrade may manually validate UTF-8 correctness of all data when assigning to `&[u8]` and `Vec<u8>` fields in the AST. This issue is also tracked as `GHSL-2023-049`.
CVE-2023-27595 1 Cilium 1 Cilium 2024-02-28 N/A 9.8 CRITICAL
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In version 1.13.0, when Cilium is started, there is a short period when Cilium eBPF programs are not attached to the host. During this period, the host does not implement any of Cilium's featureset. This can cause disruption to newly established connections during this period due to the lack of Load Balancing, or can cause Network Policy bypass due to the lack of Network Policy enforcement during the window. This vulnerability impacts any Cilium-managed endpoints on the node (such as Kubernetes Pods), as well as the host network namespace (including Host Firewall). This vulnerability is fixed in Cilium 1.13.1 or later. Cilium releases 1.12.x, 1.11.x, and earlier are not affected. There are no known workarounds.
CVE-2023-29092 1 Samsung 8 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 5 more 2024-02-28 N/A 7.8 HIGH
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.
CVE-2022-27978 1 Tooljet 1 Tooljet 2024-02-28 N/A 7.5 HIGH
Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request.
CVE-2021-38363 1 Opennetworking 1 Onos 2024-02-28 N/A 7.5 HIGH
An issue was discovered in ONOS 2.5.1. In IntentManager, the install-requested intent (which causes an exception) remains in pendingMap (in memory) forever. Deletion is possible neither by a user nor by the intermittent Intent Cleanup process.
CVE-2022-23121 2 Debian, Netatalk 2 Debian Linux, Netatalk 2024-02-28 N/A 9.8 CRITICAL
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.
CVE-2023-29520 1 Xwiki 1 Xwiki 2024-02-28 N/A 6.5 MEDIUM
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to break many translations coming from wiki pages by creating a corrupted document containing a translation object. This will lead to a broken page. The vulnerability has been patched in XWiki 15.0-rc-1, 14.10.1, 14.4.8, and 13.10.11. Users are advised to upgrade. There are no workarounds other than fixing any way to create a document that fail to load.
CVE-2023-1732 1 Cloudflare 1 Circl 2024-02-28 N/A 8.2 HIGH
When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read() returns an error. In rare deployment cases (error thrown by the Read() function), this could lead to a predictable shared secret. The tkn20 and blindrsa components did not check whether enough randomness was returned from the user provided randomness source. Typically the user provides crypto/rand.Reader, which in the vast majority of cases will always return the right number random bytes. In the cases where it does not, or the user provides a source that does not, the blinding for blindrsa is weak and integrity of the plaintext is not ensured in tkn20.
CVE-2023-0204 1 Nvidia 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more 2024-02-28 N/A 7.7 HIGH
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can cause improper handling of exceptional conditions, which may lead to denial of service.
CVE-2023-24510 1 Arista 97 7010t, 7010t-48, 7010tx-48 and 94 more 2024-02-28 N/A 7.5 HIGH
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
CVE-2023-26479 1 Xwiki 1 Xwiki 2024-02-28 N/A 6.5 MEDIUM
XWiki Platform is a generic wiki platform. Starting in version 6.0, users with write rights can insert well-formed content that is not handled well by the parser. As a consequence, some pages becomes unusable, including the user index (if the page containing the faulty content is a user page) and the page index. Note that on the page, the normal UI is completely missing and it is not possible to open the editor directly to revert the change as the stack overflow is already triggered while getting the title of the document. This means that it is quite difficult to remove this content once inserted. This has been patched in XWiki 13.10.10, 14.4.6, and 14.9-rc-1. A temporary workaround to avoid Stack Overflow errors is to increase the memory allocated to the stack by using the `-Xss` JVM parameter (e.g., `-Xss32m`). This should allow the parser to pass and to fix the faulty content. The consequences for other aspects of the system (e.g., performance) are unknown, and this workaround should be only be used as a temporary solution. The workaround does not prevent the issue occurring again with other content. Consequently, it is strongly advised to upgrade to a version where the issue has been patched.
CVE-2022-20500 1 Google 1 Android 2024-02-28 N/A 5.5 MEDIUM
In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168
CVE-2022-32655 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2024-02-28 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
CVE-2022-44030 1 Redmine 1 Redmine 2024-02-28 N/A 7.5 HIGH
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.
CVE-2022-32657 1 Mediatek 20 Mt7603, Mt7603 Firmware, Mt7613 and 17 more 2024-02-28 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042.
CVE-2022-26509 3 Intel, Linux, Microsoft 3 Sgx Sdk, Linux Kernel, Windows 2024-02-28 N/A 5.5 MEDIUM
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
CVE-2022-32658 1 Mediatek 20 Mt7603, Mt7603 Firmware, Mt7613 and 17 more 2024-02-28 N/A 6.7 MEDIUM
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059.
CVE-2022-29493 1 Intel 248 Baseboard Management Controller Firmware, C252, C256 and 245 more 2024-02-28 N/A 4.9 MEDIUM
Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.
CVE-2022-48329 1 Misp 1 Misp 2024-02-28 N/A 9.8 CRITICAL
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.
CVE-2022-48328 1 Misp 1 Misp 2024-02-28 N/A 9.8 CRITICAL
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.