Export limit exceeded: 361738 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361738 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23483 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17790 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Rhel Software Collections, Ruby | 2025-04-20 | N/A |
| The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 uses Kernel#open, which might allow Command Injection attacks, as demonstrated by a Resolv::Hosts::new argument beginning with a '|' character, a different vulnerability than CVE-2017-17405. NOTE: situations with untrusted input may be highly unlikely. | ||||
| CVE-2017-1000117 | 2 Git-scm, Redhat | 4 Git, Enterprise Linux, Mobile Application Platform and 1 more | 2025-04-20 | N/A |
| A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability. | ||||
| CVE-2017-14494 | 5 Canonical, Debian, Novell and 2 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2025-04-20 | N/A |
| dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | ||||
| CVE-2017-1000098 | 2 Golang, Redhat | 2 Go, Enterprise Linux | 2025-04-20 | 7.5 High |
| The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors. | ||||
| CVE-2017-13088 | 7 Canonical, Debian, Freebsd and 4 more | 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. | ||||
| CVE-2017-5094 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 6.5 Medium |
| Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page. | ||||
| CVE-2017-13082 | 7 Canonical, Debian, Freebsd and 4 more | 13 Ubuntu Linux, Debian Linux, Freebsd and 10 more | 2025-04-20 | N/A |
| Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | ||||
| CVE-2013-5653 | 3 Artifex, Debian, Redhat | 3 Afpl Ghostscript, Debian Linux, Enterprise Linux | 2025-04-20 | N/A |
| The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file. | ||||
| CVE-2017-14501 | 2 Libarchive, Redhat | 2 Libarchive, Enterprise Linux | 2025-04-20 | N/A |
| An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. | ||||
| CVE-2017-15104 | 2 Heketi Project, Redhat | 3 Heketi, Enterprise Linux, Storage | 2025-04-20 | 7.8 High |
| An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi.json file. | ||||
| CVE-2017-15114 | 1 Redhat | 1 Openstack Platform | 2025-04-20 | N/A |
| When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd (which is equivalent to root access). If a vulnerability exists in another service it could, combined with this flaw, be exploited to escalate privileges to gain control over compute nodes. | ||||
| CVE-2017-15121 | 1 Redhat | 8 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2025-04-20 | N/A |
| A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. | ||||
| CVE-2017-12624 | 2 Apache, Redhat | 3 Cxf, Jboss Enterprise Application Platform, Jboss Single Sign On | 2025-04-20 | N/A |
| Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size". | ||||
| CVE-2017-12629 | 4 Apache, Canonical, Debian and 1 more | 9 Solr, Ubuntu Linux, Debian Linux and 6 more | 2025-04-20 | 9.8 Critical |
| Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr. | ||||
| CVE-2017-15670 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-20 | N/A |
| The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | ||||
| CVE-2017-9227 | 3 Oniguruma Project, Php, Redhat | 3 Oniguruma, Php, Rhel Software Collections | 2025-04-20 | 9.8 Critical |
| An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. | ||||
| CVE-2017-5986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-20 | N/A |
| Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | ||||
| CVE-2017-5970 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-20 | N/A |
| The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options. | ||||
| CVE-2017-3636 | 4 Debian, Mariadb, Oracle and 1 more | 12 Debian Linux, Mariadb, Mysql and 9 more | 2025-04-20 | 5.3 Medium |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L). | ||||
| CVE-2017-5884 | 3 Fedoraproject, Gnome, Redhat | 3 Fedora, Gtk-vnc, Enterprise Linux | 2025-04-20 | N/A |
| gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. | ||||