Total
781 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4527 | 4 Fedoraproject, Gnu, Netapp and 1 more | 32 Fedora, Glibc, H300s and 29 more | 2025-06-24 | N/A | 6.5 MEDIUM |
| A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. | |||||
| CVE-2024-12087 | 8 Almalinux, Archlinux, Gentoo and 5 more | 18 Almalinux, Arch Linux, Linux and 15 more | 2025-06-20 | N/A | 6.5 MEDIUM |
| A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. | |||||
| CVE-2025-2784 | 2 Gnome, Redhat | 21 Libsoup, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 18 more | 2025-06-20 | N/A | 7.0 HIGH |
| A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. | |||||
| CVE-2025-3155 | 3 Debian, Gnome, Redhat | 21 Debian Linux, Yelp, Codeready Linux Builder and 18 more | 2025-06-20 | N/A | 7.4 HIGH |
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | |||||
| CVE-2023-3758 | 2 Fedoraproject, Redhat | 23 Fedora, Sssd, Codeready Linux Builder and 20 more | 2025-06-18 | N/A | 7.1 HIGH |
| A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. | |||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 20 Almalinux, Arch Linux, Linux and 17 more | 2025-06-18 | N/A | 6.5 MEDIUM |
| A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | |||||
| CVE-2021-40438 | 11 Apache, Broadcom, Debian and 8 more | 40 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 37 more | 2025-05-16 | 6.8 MEDIUM | 9.0 CRITICAL |
| A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. | |||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 38 Ubuntu Linux, Debian Linux, Fedora and 35 more | 2025-05-06 | N/A | 7.8 HIGH |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | |||||
| CVE-2023-4813 | 4 Fedoraproject, Gnu, Netapp and 1 more | 21 Fedora, Glibc, Active Iq Unified Manager and 18 more | 2025-04-30 | N/A | 5.9 MEDIUM |
| A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. | |||||
| CVE-2023-4806 | 3 Fedoraproject, Gnu, Redhat | 22 Fedora, Glibc, Codeready Linux Builder Eus and 19 more | 2025-04-30 | N/A | 5.9 MEDIUM |
| A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. | |||||
| CVE-2019-14865 | 2 Gnu, Redhat | 5 Grub2, Enterprise Linux, Enterprise Linux Eus and 2 more | 2025-04-29 | 4.9 MEDIUM | 5.9 MEDIUM |
| A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots. | |||||
| CVE-2024-6387 | 9 Amazon, Canonical, Debian and 6 more | 20 Linux 2023, Ubuntu Linux, Debian Linux and 17 more | 2025-04-24 | N/A | 8.1 HIGH |
| A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | |||||
| CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2025-04-23 | 9.0 HIGH | 8.8 HIGH |
| The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. | |||||
| CVE-2015-5119 | 7 Adobe, Apple, Linux and 4 more | 14 Flash Player, Mac Os X, Linux Kernel and 11 more | 2025-04-21 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015. | |||||
| CVE-2016-9560 | 3 Debian, Jasper Project, Redhat | 8 Debian Linux, Jasper, Enterprise Linux Desktop and 5 more | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. | |||||
| CVE-2017-10243 | 4 Debian, Netapp, Oracle and 1 more | 27 Debian Linux, Active Iq Unified Manager, Cloud Backup and 24 more | 2025-04-20 | 6.4 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L). | |||||
| CVE-2017-10348 | 4 Debian, Netapp, Oracle and 1 more | 29 Debian Linux, Active Iq Unified Manager, Cloud Backup and 26 more | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
| CVE-2017-3244 | 4 Debian, Mariadb, Oracle and 1 more | 9 Debian Linux, Mariadb, Mysql and 6 more | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts). | |||||
| CVE-2017-10384 | 5 Debian, Mariadb, Netapp and 2 more | 17 Debian Linux, Mariadb, Active Iq Unified Manager and 14 more | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2017-16541 | 5 Apple, Debian, Linux and 2 more | 10 Macos, Debian Linux, Linux Kernel and 7 more | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. | |||||