Total
8864 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-1271 | 4 Debian, Gnu, Redhat and 1 more | 4 Debian Linux, Gzip, Jboss Data Grid and 1 more | 2024-08-26 | N/A | 8.8 HIGH |
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system. | |||||
CVE-2022-21797 | 3 Debian, Fedoraproject, Joblib Project | 3 Debian Linux, Fedora, Joblib | 2024-08-23 | N/A | 9.8 CRITICAL |
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement. | |||||
CVE-2023-3611 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-22 | N/A | 7.8 HIGH |
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. | |||||
CVE-2023-3776 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-22 | N/A | 7.8 HIGH |
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f. | |||||
CVE-2019-16220 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2024-08-21 | 5.8 MEDIUM | 6.1 MEDIUM |
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash. | |||||
CVE-2015-6748 | 2 Debian, Jsoup | 2 Debian Linux, Jsoup | 2024-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3. | |||||
CVE-2009-3723 | 2 Debian, Sangoma | 2 Debian Linux, Asterisk | 2024-08-15 | 5.0 MEDIUM | 7.5 HIGH |
asterisk allows calls on prohibited networks | |||||
CVE-2020-28242 | 4 Asterisk, Debian, Fedoraproject and 1 more | 4 Certified Asterisk, Debian Linux, Fedora and 1 more | 2024-08-15 | 4.0 MEDIUM | 6.5 MEDIUM |
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur. | |||||
CVE-2020-13965 | 3 Debian, Fedoraproject, Roundcube | 3 Debian Linux, Fedora, Webmail | 2024-08-14 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview. | |||||
CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 311 Http Server, Opensearch Data Prepper, Apisix and 308 more | 2024-08-14 | N/A | 7.5 HIGH |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||||
CVE-2023-42916 | 4 Apple, Debian, Fedoraproject and 1 more | 7 Ipados, Iphone Os, Macos and 4 more | 2024-08-14 | N/A | 6.5 MEDIUM |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. | |||||
CVE-2024-1086 | 5 Debian, Fedoraproject, Linux and 2 more | 15 Debian Linux, Fedora, Linux Kernel and 12 more | 2024-08-14 | N/A | 7.8 HIGH |
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660. | |||||
CVE-2023-7101 | 3 Debian, Fedoraproject, Jmcnamara | 3 Debian Linux, Fedora, Spreadsheet\ | 2024-08-14 | N/A | 7.8 HIGH |
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. | |||||
CVE-2023-4762 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2024-08-14 | N/A | 8.8 HIGH |
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-43770 | 2 Debian, Roundcube | 2 Debian Linux, Webmail | 2024-08-14 | N/A | 6.1 MEDIUM |
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. | |||||
CVE-2024-5690 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2024-08-09 | N/A | 4.3 MEDIUM |
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. | |||||
CVE-2024-6707 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | N/A | 8.8 HIGH |
Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. | |||||
CVE-2024-6706 | 2 Debian, Openwebui | 2 Debian Linux, Open Webui | 2024-08-08 | N/A | 6.1 MEDIUM |
Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page. | |||||
CVE-2017-17527 | 2 Debian, Pasdoc Project | 2 Debian Linux, Pasdoc | 2024-08-05 | 6.8 MEDIUM | 8.8 HIGH |
delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code referencing the BROWSER environment variable is never used | |||||
CVE-2017-17515 | 2 Debian, Ecmwf | 2 Debian Linux, Metview | 2024-08-05 | 6.8 MEDIUM | 8.8 HIGH |
etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this environment variable is not enabled in the shipped product |