nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Source: glibc
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-05-06
Updated
2024-05-07
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Source: glibc
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-05-06
Updated
2024-05-07
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Source: glibc
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-05-06
Updated
2024-05-07
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Source: glibc
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-05-06
Updated
2024-05-07
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-13
Updated
2024-05-01
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-25
Updated
2024-05-01
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-25
Updated
2024-05-01
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-25
Updated
2024-05-01
In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-25
Updated
2024-05-01
An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-11
Updated
2024-04-11
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
Source: Red Hat, Inc.
Max CVSS
5.0
EPSS Score
0.05%
Published
2024-03-21
Updated
2024-05-16
An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-08
Updated
2024-04-11
Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-08
Updated
2024-04-11
Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-08
Updated
2024-04-11
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Source: glibc
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-17
Updated
2024-05-04
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
Source: Canonical Ltd.
Max CVSS
6.7
EPSS Score
0.05%
Published
2024-04-05
Updated
2024-04-26
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.
Source: Red Hat, Inc.
Max CVSS
3.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-04-30
A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash.
Source: Fedora Project
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-14
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.
Source: Fedora Project
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-14
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Source: Red Hat, Inc.
Max CVSS
7.5
EPSS Score
0.08%
Published
2024-01-16
Updated
2024-03-05
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
Source: Red Hat, Inc.
Max CVSS
7.5
EPSS Score
0.82%
Published
2024-01-16
Updated
2024-03-25
GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-08-14
Updated
2023-09-15
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-08-14
Updated
2024-01-02
In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.
Source: MITRE
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-27
Updated
2024-03-27
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
Source: MITRE
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-07-25
Updated
2023-08-03
1071 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!