Search Results (23509 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-28757 4 Fedoraproject, Libexpat Project, Netapp and 1 more 23 Fedora, Libexpat, Active Iq Unified Manager and 20 more 2025-11-04 7.5 High
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
CVE-2024-27316 4 Apache, Fedoraproject, Netapp and 1 more 7 Http Server, Fedora, Ontap and 4 more 2025-11-04 7.5 High
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
CVE-2023-51764 3 Fedoraproject, Postfix, Redhat 3 Fedora, Postfix, Enterprise Linux 2025-11-04 5.3 Medium
Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.
CVE-2023-50967 3 Fedoraproject, Latchset, Redhat 3 Fedora, Jose, Enterprise Linux 2025-11-04 7.5 High
latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value.
CVE-2023-50471 2 Davegamble, Redhat 3 Cjson, Satellite, Satellite Capsule 2025-11-04 7.5 High
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c.
CVE-2023-43361 2 Redhat, Xiph 2 Enterprise Linux, Vorbis-tools 2025-11-04 7.8 High
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
CVE-2023-42465 2 Redhat, Sudo Project 4 Enterprise Linux, Openshift Data Foundation, Rhel Eus and 1 more 2025-11-04 7.0 High
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.
CVE-2023-38709 7 Apache, Apple, Broadcom and 4 more 9 Http Server, Macos, Fabric Operating System and 6 more 2025-11-04 7.3 High
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
CVE-2016-5597 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2025-11-04 N/A
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
CVE-2023-45866 7 Apple, Bluproducts, Canonical and 4 more 17 Ipados, Iphone Os, Iphone Se and 14 more 2025-11-04 6.3 Medium
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
CVE-2023-44444 2 Gimp, Redhat 7 Gimp, Enterprise Linux, Rhel Aus and 4 more 2025-11-04 7.8 High
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22097.
CVE-2023-44442 2 Gimp, Redhat 7 Gimp, Enterprise Linux, Rhel Aus and 4 more 2025-11-04 7.8 High
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-22094.
CVE-2023-44441 2 Gimp, Redhat 3 Gimp, Enterprise Linux, Rhel Eus 2025-11-04 7.8 High
GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22093.
CVE-2023-43040 2 Ibm, Redhat 3 Spectrum Fusion Hci, Storage Fusion Hci, Ceph Storage 2025-11-04 6.5 Medium
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807.
CVE-2023-40403 2 Apple, Redhat 7 Ipados, Iphone Os, Macos and 4 more 2025-11-04 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.
CVE-2023-39928 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Enterprise Linux and 2 more 2025-11-04 8.8 High
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability.
CVE-2023-28708 2 Apache, Redhat 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server 2025-11-04 4.3 Medium
When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel. Older, EOL versions may also be affected.
CVE-2023-1018 3 Microsoft, Redhat, Trustedcomputinggroup 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-11-04 5.5 Medium
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
CVE-2023-1017 3 Microsoft, Redhat, Trustedcomputinggroup 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-11-04 7.8 High
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.
CVE-2023-0401 3 Openssl, Redhat, Stormshield 4 Openssl, Enterprise Linux, Rhel Eus and 1 more 2025-11-04 7.5 High
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.