A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
0.05%
Published
2024-03-21
Updated
2024-05-16
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Source: Red Hat, Inc.
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-03-21
Updated
2024-06-10
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-12
Updated
2024-02-21
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
Source: Red Hat, Inc.
Max CVSS
5.7
EPSS Score
0.04%
Published
2024-06-18
Updated
2024-06-20
A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_net_stop(). This flaw allows a malicious guest to crash the QEMU process on the host.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-05-10
Updated
2024-05-14
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-04-10
Updated
2024-06-10
A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
Source: Red Hat, Inc.
Max CVSS
5.9
EPSS Score
0.04%
Published
2024-04-04
Updated
2024-04-05
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Source: Red Hat, Inc.
Max CVSS
5.9
EPSS Score
0.08%
Published
2024-06-06
Updated
2024-07-09
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
0.05%
Published
2024-03-18
Updated
2024-04-30
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.
Source: Red Hat, Inc.
Max CVSS
5.9
EPSS Score
0.05%
Published
2024-04-25
Updated
2024-04-25
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Source: Red Hat, Inc.
Max CVSS
5.9
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-04-25
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
Source: Red Hat, Inc.
Max CVSS
5.7
EPSS Score
0.05%
Published
2024-05-28
Updated
2024-07-02
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.
Source: Red Hat, Inc.
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-05-22
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-03-11
Updated
2024-04-30
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-11
Updated
2024-06-25
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-12
Updated
2024-07-02
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
Source: Red Hat, Inc.
Max CVSS
5.9
EPSS Score
0.10%
Published
2024-01-31
Updated
2024-04-25
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-05-22
A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-17
Updated
2024-01-24
A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-17
Updated
2024-01-24
A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-12
Updated
2024-05-20
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-18
Updated
2024-05-22
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.
Source: Red Hat, Inc.
Max CVSS
5.5
EPSS Score
0.06%
Published
2024-01-16
Updated
2024-03-15
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
Source: MITRE
Max CVSS
5.3
EPSS Score
0.17%
Published
2023-12-24
Updated
2024-06-15
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
Source: MITRE
Max CVSS
5.3
EPSS Score
0.25%
Published
2023-12-24
Updated
2024-06-10
333 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!