Total
275877 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30082 | 1 Enhancesoft | 1 Osticket | 2025-01-06 | 7.5 High |
| A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory. | ||||
| CVE-2023-28478 | 1 Tp-link | 2 Ec70, Ec70 Firmware | 2025-01-06 | 8.8 High |
| TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow. | ||||
| CVE-2023-26965 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-01-06 | 5.5 Medium |
| loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. | ||||
| CVE-2023-26133 | 1 Progressbar.js Project | 1 Progressbar.js | 2025-01-06 | 8.2 High |
| All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js. | ||||
| CVE-2023-26132 | 1 Dottie Project | 1 Dottie | 2025-01-06 | 7.5 High |
| Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file. | ||||
| CVE-2023-25434 | 1 Libtiff | 1 Libtiff | 2025-01-06 | 8.8 High |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. | ||||
| CVE-2023-21245 | 1 Google | 1 Android | 2025-01-06 | 7.8 High |
| In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-1119 | 2 Srbtranslatin Project, Updraftplus | 2 Srbtranslatin, Wp-optimize | 2025-01-06 | 6.1 Medium |
| The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability. | ||||
| CVE-2022-43778 | 1 Hp | 774 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 771 more | 2025-01-06 | 7.8 High |
| Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. | ||||
| CVE-2022-43777 | 1 Hp | 774 Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc, Dragonfly Folio 13.5 Inch G3 2-in-1 Notebook Pc Firmware, Elite Dragonfly and 771 more | 2025-01-06 | 7.8 High |
| Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. | ||||
| CVE-2024-56643 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccp_feat_change_recv If dccp_feat_push_confirm() fails after new value for SP feature was accepted without reconciliation ('entry == NULL' branch), memory allocated for that value with dccp_feat_clone_sp_val() is never freed. Here is the kmemleak stack for this: unreferenced object 0xffff88801d4ab488 (size 8): comm "syz-executor310", pid 1127, jiffies 4295085598 (age 41.666s) hex dump (first 8 bytes): 01 b4 4a 1d 80 88 ff ff ..J..... backtrace: [<00000000db7cabfe>] kmemdup+0x23/0x50 mm/util.c:128 [<0000000019b38405>] kmemdup include/linux/string.h:465 [inline] [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:371 [inline] [<0000000019b38405>] dccp_feat_clone_sp_val net/dccp/feat.c:367 [inline] [<0000000019b38405>] dccp_feat_change_recv net/dccp/feat.c:1145 [inline] [<0000000019b38405>] dccp_feat_parse_options+0x1196/0x2180 net/dccp/feat.c:1416 [<00000000b1f6d94a>] dccp_parse_options+0xa2a/0x1260 net/dccp/options.c:125 [<0000000030d7b621>] dccp_rcv_state_process+0x197/0x13d0 net/dccp/input.c:650 [<000000001f74c72e>] dccp_v4_do_rcv+0xf9/0x1a0 net/dccp/ipv4.c:688 [<00000000a6c24128>] sk_backlog_rcv include/net/sock.h:1041 [inline] [<00000000a6c24128>] __release_sock+0x139/0x3b0 net/core/sock.c:2570 [<00000000cf1f3a53>] release_sock+0x54/0x1b0 net/core/sock.c:3111 [<000000008422fa23>] inet_wait_for_connect net/ipv4/af_inet.c:603 [inline] [<000000008422fa23>] __inet_stream_connect+0x5d0/0xf70 net/ipv4/af_inet.c:696 [<0000000015b6f64d>] inet_stream_connect+0x53/0xa0 net/ipv4/af_inet.c:735 [<0000000010122488>] __sys_connect_file+0x15c/0x1a0 net/socket.c:1865 [<00000000b4b70023>] __sys_connect+0x165/0x1a0 net/socket.c:1882 [<00000000f4cb3815>] __do_sys_connect net/socket.c:1892 [inline] [<00000000f4cb3815>] __se_sys_connect net/socket.c:1889 [inline] [<00000000f4cb3815>] __x64_sys_connect+0x6e/0xb0 net/socket.c:1889 [<00000000e7b1e839>] do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 [<0000000055e91434>] entry_SYSCALL_64_after_hwframe+0x67/0xd1 Clean up the allocated memory in case of dccp_feat_push_confirm() failure and bail out with an error reset code. Found by Linux Verification Center (linuxtesting.org) with Syzkaller. | ||||
| CVE-2024-56710 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leaked and pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of sparse_ext map until after the bvecs array is set up, so fix this by moving sparse_ext allocation a bit earlier. Also, make a similar adjustment in __ceph_sync_read() for consistency (a leak of the same kind in __ceph_sync_read() has been addressed differently). | ||||
| CVE-2023-3172 | 1 Froxlor | 1 Froxlor | 2025-01-06 | 7.2 High |
| Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20. | ||||
| CVE-2023-3173 | 1 Froxlor | 1 Froxlor | 2025-01-06 | 9.8 Critical |
| Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20. | ||||
| CVE-2024-56712 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix memory leak on last export_udmabuf() error path In export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a dma_buf owning the udmabuf has already been created; but the error handling in udmabuf_create() will tear down the udmabuf without doing anything about the containing dma_buf. This leaves a dma_buf in memory that contains a dangling pointer; though that doesn't seem to lead to anything bad except a memory leak. Fix it by moving the dma_buf_fd() call out of export_udmabuf() so that we can give it different error handling. Note that the shape of this code changed a lot in commit 5e72b2b41a21 ("udmabuf: convert udmabuf driver to use folios"); but the memory leak seems to have existed since the introduction of udmabuf. | ||||
| CVE-2023-3188 | 1 Owncast Project | 1 Owncast | 2025-01-06 | 6.5 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0. | ||||
| CVE-2023-3190 | 1 Teampass | 1 Teampass | 2025-01-06 | 4.6 Medium |
| Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | ||||
| CVE-2024-56726 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c Add error pointer check after calling otx2_mbox_get_rsp(). | ||||
| CVE-2024-56727 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c Adding error pointer check after calling otx2_mbox_get_rsp(). | ||||
| CVE-2024-56748 | 1 Linux | 1 Linux Kernel | 2025-01-06 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook "qed_ops->common->sb_init = qed_sb_init" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb(). | ||||