{"cves":[{"cve_id":"CVE-2026-35091","summary":"A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents. This vulnerability affects Corosync when running in totemudp/totemudpu mode, which is the default configuration.","cvss":8.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00341,"ranking_epss":0.56856,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-35091","https://bugzilla.redhat.com/show_bug.cgi?id=2453169","https://bugzilla.redhat.com/show_bug.cgi?id=2453813"],"published_time":"2026-04-01T14:16:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35092","summary":"A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00996,"ranking_epss":0.76946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-35092","https://bugzilla.redhat.com/show_bug.cgi?id=2453169","https://bugzilla.redhat.com/show_bug.cgi?id=2453814"],"published_time":"2026-04-01T14:16:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5119","summary":"A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02602,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-5119","https://bugzilla.redhat.com/show_bug.cgi?id=2452932","https://gitlab.gnome.org/GNOME/libsoup/-/issues/502"],"published_time":"2026-03-30T07:15:58","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28369","summary":"A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform request smuggling. Request smuggling allows an attacker to bypass security mechanisms, access restricted information, or manipulate web caches, potentially leading to unauthorized actions or data exposure.","cvss":8.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.7,"cvss_v4":null,"epss":0.00148,"ranking_epss":0.35274,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-28369","https://bugzilla.redhat.com/show_bug.cgi?id=2443262"],"published_time":"2026-03-27T17:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28368","summary":"A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources.","cvss":8.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.7,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-28368","https://bugzilla.redhat.com/show_bug.cgi?id=2443261"],"published_time":"2026-03-27T17:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2239","summary":"A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a specially crafted PSD (Photoshop Document) file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read when strlen() is subsequently called. Successfully exploiting this vulnerability can cause the application to crash, resulting in an application level Denial of Service.","cvss":2.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.8,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.06035,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-2239","https://bugzilla.redhat.com/show_bug.cgi?id=2437675","https://gitlab.gnome.org/GNOME/gimp/-/issues/15812"],"published_time":"2026-03-26T21:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2272","summary":"A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files, specifically in the `ico_read_info` and `ico_read_icon` functions. This issue arises because a size calculation for image buffers can wrap around due to a 32-bit integer evaluation, allowing oversized image headers to bypass security checks. A remote attacker could exploit this by providing a specially crafted ICO file, leading to a buffer overflow and memory corruption, which may result in an application level denial of service.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00083,"ranking_epss":0.24271,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-2272","https://bugzilla.redhat.com/show_bug.cgi?id=2438428","https://gitlab.gnome.org/GNOME/gimp/-/issues/15617","https://bugzilla.redhat.com/show_bug.cgi?id=2438428","https://gitlab.gnome.org/GNOME/gimp/-/issues/15617"],"published_time":"2026-03-26T21:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0968","summary":"A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00061,"ranking_epss":0.19109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-0968","https://bugzilla.redhat.com/show_bug.cgi?id=2436982","https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/"],"published_time":"2026-03-26T21:17:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0965","summary":"A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03442,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-0965","https://bugzilla.redhat.com/show_bug.cgi?id=2436980"],"published_time":"2026-03-26T21:17:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0967","summary":"A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.","cvss":2.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.2,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.24138,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-0967","https://bugzilla.redhat.com/show_bug.cgi?id=2436981","https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/"],"published_time":"2026-03-26T21:17:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3260","summary":"A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS).","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00574,"ranking_epss":0.6873,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3260","https://bugzilla.redhat.com/show_bug.cgi?id=2443010"],"published_time":"2026-03-24T05:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4647","summary":"A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01606,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-4647","https://bugzilla.redhat.com/show_bug.cgi?id=2450302","https://sourceware.org/bugzilla/show_bug.cgi?id=33919"],"published_time":"2026-03-23T14:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4271","summary":"A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.01538,"ranking_epss":0.81356,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-4271","https://bugzilla.redhat.com/show_bug.cgi?id=2448044","https://gitlab.gnome.org/GNOME/libsoup/-/issues/496","https://gitlab.gnome.org/GNOME/libsoup/-/issues/496"],"published_time":"2026-03-17T12:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3632","summary":"A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.2661,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3632","https://bugzilla.redhat.com/show_bug.cgi?id=2445127","https://gitlab.gnome.org/GNOME/libsoup/-/issues/483"],"published_time":"2026-03-17T10:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3633","summary":"A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09847,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3633","https://bugzilla.redhat.com/show_bug.cgi?id=2445128","https://gitlab.gnome.org/GNOME/libsoup/-/issues/484"],"published_time":"2026-03-17T10:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3634","summary":"A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07161,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3634","https://bugzilla.redhat.com/show_bug.cgi?id=2445129","https://gitlab.gnome.org/GNOME/libsoup/-/issues/485","https://gitlab.gnome.org/GNOME/libsoup/-/issues/485"],"published_time":"2026-03-17T10:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3441","summary":"A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00263,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3441","https://bugzilla.redhat.com/show_bug.cgi?id=2443826"],"published_time":"2026-03-16T14:19:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3442","summary":"A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00263,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3442","https://bugzilla.redhat.com/show_bug.cgi?id=2443828"],"published_time":"2026-03-16T14:19:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3099","summary":"A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.","cvss":5.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00395,"ranking_epss":0.60339,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-3099","https://bugzilla.redhat.com/show_bug.cgi?id=2442232","https://gitlab.gnome.org/GNOME/libsoup/-/issues/495"],"published_time":"2026-03-12T14:16:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12801","summary":"A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the\nprivileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02704,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:3938","https://access.redhat.com/errata/RHSA-2026:3939","https://access.redhat.com/errata/RHSA-2026:3940","https://access.redhat.com/errata/RHSA-2026:3941","https://access.redhat.com/errata/RHSA-2026:3942","https://access.redhat.com/errata/RHSA-2026:5127","https://access.redhat.com/errata/RHSA-2026:5606","https://access.redhat.com/errata/RHSA-2026:5867","https://access.redhat.com/errata/RHSA-2026:5873","https://access.redhat.com/errata/RHSA-2026:5877","https://access.redhat.com/security/cve/CVE-2025-12801","https://bugzilla.redhat.com/show_bug.cgi?id=2413081"],"published_time":"2026-03-04T16:16:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9909","summary":"A flaw was found in the Red Hat Ansible Automation Platform Gateway route creation component. This vulnerability allows credential theft via the creation of misleading routes using a double-slash (//) prefix in the gateway_path. A malicious or socially engineered administrator can configure a honey-pot route to intercept and exfiltrate user credentials, potentially maintaining persistent access or creating a backdoor even after their permissions are revoked.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00483,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:21768","https://access.redhat.com/errata/RHSA-2025:21775","https://access.redhat.com/errata/RHSA-2025:23069","https://access.redhat.com/errata/RHSA-2025:23131","https://access.redhat.com/security/cve/CVE-2025-9909","https://bugzilla.redhat.com/show_bug.cgi?id=2392836"],"published_time":"2026-02-27T08:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9908","summary":"A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers (such as X-Trusted-Proxy and X-Envoy-*) and event stream URLs via crafted requests and job templates. By exfiltrating these headers, an attacker could spoof trusted requests, escalate privileges, or perform malicious event injection.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01423,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:19201","https://access.redhat.com/errata/RHSA-2025:19221","https://access.redhat.com/errata/RHSA-2025:23069","https://access.redhat.com/errata/RHSA-2025:23131","https://access.redhat.com/security/cve/CVE-2025-9908","https://bugzilla.redhat.com/show_bug.cgi?id=2392835"],"published_time":"2026-02-27T08:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9572","summary":"n authorization flaw in Foreman's GraphQL API allows low-privileged users to access metadata beyond their assigned permissions. Unlike the REST API, which correctly enforces access controls, the GraphQL endpoint does not apply proper filtering, leading to an authorization bypass.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01441,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:21886","https://access.redhat.com/errata/RHSA-2025:21893","https://access.redhat.com/errata/RHSA-2025:21894","https://access.redhat.com/errata/RHSA-2025:21897","https://access.redhat.com/security/cve/CVE-2025-9572","https://bugzilla.redhat.com/show_bug.cgi?id=2391715","https://theforeman.org/security.html#2025-9572"],"published_time":"2026-02-27T08:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9907","summary":"A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible (EDA) Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the test_headers field when an event stream is in test mode. The possible outcome includes leakage of internal infrastructure details, accidental disclosure of user or system credentials, privilege escalation if high-value tokens are exposed, and persistent sensitive data exposure to all users with read access on the event stream.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01843,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:19201","https://access.redhat.com/errata/RHSA-2025:19221","https://access.redhat.com/errata/RHSA-2025:23069","https://access.redhat.com/errata/RHSA-2025:23131","https://access.redhat.com/security/cve/CVE-2025-9907","https://bugzilla.redhat.com/show_bug.cgi?id=2392834"],"published_time":"2026-02-27T08:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-26104","summary":"A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitive cryptographic metadata can be read and written to attacker-controlled locations. This weakens the confidentiality guarantees of encrypted storage volumes.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01009,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:3476","https://access.redhat.com/errata/RHSA-2026:5831","https://access.redhat.com/security/cve/CVE-2026-26104","https://bugzilla.redhat.com/show_bug.cgi?id=2433717","https://github.com/storaged-project/udisks/security/advisories/GHSA-fcvx-497g-6xmw"],"published_time":"2026-02-25T11:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-26103","summary":"A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block devices. This can permanently invalidate encryption keys and render encrypted volumes inaccessible. Successful exploitation results in a denial-of-service condition through irreversible data loss.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00932,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:3476","https://access.redhat.com/errata/RHSA-2026:5831","https://access.redhat.com/security/cve/CVE-2026-26103","https://bugzilla.redhat.com/show_bug.cgi?id=2433719","https://github.com/storaged-project/udisks/security/advisories/GHSA-c75h-phf8-ccjm"],"published_time":"2026-02-25T11:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2443","summary":"A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-2443","https://bugzilla.redhat.com/show_bug.cgi?id=2439671","https://gitlab.gnome.org/GNOME/libsoup/-/issues/487"],"published_time":"2026-02-13T12:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1709","summary":"A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.","cvss":9.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.4,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11388,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:2224","https://access.redhat.com/errata/RHSA-2026:2225","https://access.redhat.com/errata/RHSA-2026:2298","https://access.redhat.com/security/cve/CVE-2026-1709","https://bugzilla.redhat.com/show_bug.cgi?id=2435514"],"published_time":"2026-02-06T20:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1801","summary":"A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters instead of the required carriage return and line feed (CRLF). A remote attacker can exploit this without authentication or user interaction by sending specially crafted chunked requests. This allows libsoup to parse and process multiple HTTP requests from a single network message, potentially leading to information disclosure.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08343,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-1801","https://bugzilla.redhat.com/show_bug.cgi?id=2436315","https://gitlab.gnome.org/GNOME/libsoup/-/issues/481"],"published_time":"2026-02-03T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1536","summary":"A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction.","cvss":5.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00114,"ranking_epss":0.30018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-1536","https://bugzilla.redhat.com/show_bug.cgi?id=2433834","https://gitlab.gnome.org/GNOME/libsoup/-/issues/486"],"published_time":"2026-01-28T16:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1539","summary":"A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.","cvss":5.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.18118,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-1539","https://gitlab.gnome.org/GNOME/libsoup/-/issues/489"],"published_time":"2026-01-28T16:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1467","summary":"A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.","cvss":5.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.8,"cvss_v4":null,"epss":0.0006,"ranking_epss":0.18873,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2026-1467","https://bugzilla.redhat.com/show_bug.cgi?id=2433174","https://gitlab.gnome.org/GNOME/libsoup/-/issues/488"],"published_time":"2026-01-27T10:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14512","summary":"A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00072,"ranking_epss":0.21942,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-14512","https://bugzilla.redhat.com/show_bug.cgi?id=2421339","https://gitlab.gnome.org/GNOME/glib/-/issues/3845"],"published_time":"2025-12-11T07:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14087","summary":"A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.","cvss":5.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.6,"cvss_v4":null,"epss":0.00284,"ranking_epss":0.51847,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-14087","https://bugzilla.redhat.com/show_bug.cgi?id=2419093","https://gitlab.gnome.org/GNOME/glib/-/issues/3834"],"published_time":"2025-12-10T09:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9784","summary":"A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the \"MadeYouReset\" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01553,"ranking_epss":0.81427,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:23143","https://access.redhat.com/errata/RHSA-2026:0383","https://access.redhat.com/errata/RHSA-2026:0384","https://access.redhat.com/errata/RHSA-2026:0386","https://access.redhat.com/errata/RHSA-2026:3889","https://access.redhat.com/errata/RHSA-2026:3891","https://access.redhat.com/errata/RHSA-2026:3892","https://access.redhat.com/errata/RHSA-2026:4915","https://access.redhat.com/errata/RHSA-2026:4916","https://access.redhat.com/errata/RHSA-2026:4917","https://access.redhat.com/errata/RHSA-2026:4924","https://access.redhat.com/security/cve/CVE-2025-9784","https://bugzilla.redhat.com/show_bug.cgi?id=2392306","https://github.com/undertow-io/undertow/pull/1778","https://github.com/undertow-io/undertow/releases/tag/2.2.38.Final","https://issues.redhat.com/browse/UNDERTOW-2598","https://kb.cert.org/vuls/id/767506","https://www.kb.cert.org/vuls/id/767506"],"published_time":"2025-09-02T14:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8283","summary":"A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.","cvss":3.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.20278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-8283","https://bugzilla.redhat.com/show_bug.cgi?id=2383941","https://github.com/advisories/GHSA-rpcf-rmh6-42xr","https://github.com/containers/netavark/releases/tag/v1.15.1"],"published_time":"2025-07-28T19:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-7519","summary":"A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-7519","https://bugzilla.redhat.com/show_bug.cgi?id=2379675","https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245","https://github.com/polkit-org/polkit/pull/570"],"published_time":"2025-07-14T14:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-7424","summary":"A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.26562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-7424","https://bugzilla.redhat.com/show_bug.cgi?id=2379228","https://gitlab.gnome.org/GNOME/libxslt/-/issues/139","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37","http://www.openwall.com/lists/oss-security/2025/07/11/2","https://lists.debian.org/debian-lts-announce/2025/09/msg00024.html"],"published_time":"2025-07-10T14:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-32990","summary":"A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23546,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:16115","https://access.redhat.com/errata/RHSA-2025:16116","https://access.redhat.com/errata/RHSA-2025:17181","https://access.redhat.com/errata/RHSA-2025:17348","https://access.redhat.com/errata/RHSA-2025:17361","https://access.redhat.com/errata/RHSA-2025:17415","https://access.redhat.com/errata/RHSA-2025:19088","https://access.redhat.com/errata/RHSA-2025:22529","https://access.redhat.com/security/cve/CVE-2025-32990","https://bugzilla.redhat.com/show_bug.cgi?id=2359620","http://www.openwall.com/lists/oss-security/2025/07/11/3","https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html"],"published_time":"2025-07-10T10:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-32988","summary":"A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00061,"ranking_epss":0.19034,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:16115","https://access.redhat.com/errata/RHSA-2025:16116","https://access.redhat.com/errata/RHSA-2025:17181","https://access.redhat.com/errata/RHSA-2025:17348","https://access.redhat.com/errata/RHSA-2025:17361","https://access.redhat.com/errata/RHSA-2025:17415","https://access.redhat.com/errata/RHSA-2025:19088","https://access.redhat.com/errata/RHSA-2025:22529","https://access.redhat.com/security/cve/CVE-2025-32988","https://bugzilla.redhat.com/show_bug.cgi?id=2359622","https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html","http://www.openwall.com/lists/oss-security/2025/07/11/3","https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html"],"published_time":"2025-07-10T08:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-32989","summary":"A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00141,"ranking_epss":0.34269,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:16115","https://access.redhat.com/errata/RHSA-2025:16116","https://access.redhat.com/errata/RHSA-2025:17181","https://access.redhat.com/errata/RHSA-2025:17348","https://access.redhat.com/errata/RHSA-2025:17361","https://access.redhat.com/errata/RHSA-2025:19088","https://access.redhat.com/errata/RHSA-2025:22529","https://access.redhat.com/security/cve/CVE-2025-32989","https://bugzilla.redhat.com/show_bug.cgi?id=2359621","http://www.openwall.com/lists/oss-security/2025/07/11/3"],"published_time":"2025-07-10T08:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5351","summary":"A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00115,"ranking_epss":0.30173,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-5351","https://bugzilla.redhat.com/show_bug.cgi?id=2369367"],"published_time":"2025-07-04T09:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5372","summary":"A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.27747,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:21977","https://access.redhat.com/errata/RHSA-2025:23024","https://access.redhat.com/security/cve/CVE-2025-5372","https://bugzilla.redhat.com/show_bug.cgi?id=2369388"],"published_time":"2025-07-04T06:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-32463","summary":"Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.","cvss":9.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.3,"cvss_v4":null,"epss":0.38489,"ranking_epss":0.9724,"kev":true,"propose_action":"Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.","ransomware_campaign":"Unknown","references":["https://access.redhat.com/security/cve/cve-2025-32463","https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463","https://explore.alas.aws.amazon.com/CVE-2025-32463.html","https://security-tracker.debian.org/tracker/CVE-2025-32463","https://ubuntu.com/security/notices/USN-7604-1","https://www.openwall.com/lists/oss-security/2025/06/30/3","https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/","https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot","https://www.sudo.ws/releases/changelog/","https://www.sudo.ws/security/advisories/","https://www.sudo.ws/security/advisories/chroot_bug/","https://www.suse.com/security/cve/CVE-2025-32463.html","https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/","https://www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerability","https://www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerability","https://iototsecnews.jp/2025/07/01/linux-sudo-chroot-vulnerability-enables-hackers-to-elevate-privileges-to-root/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32463"],"published_time":"2025-06-30T21:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5318","summary":"A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29712,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:18231","https://access.redhat.com/errata/RHSA-2025:18275","https://access.redhat.com/errata/RHSA-2025:18286","https://access.redhat.com/errata/RHSA-2025:19012","https://access.redhat.com/errata/RHSA-2025:19098","https://access.redhat.com/errata/RHSA-2025:19101","https://access.redhat.com/errata/RHSA-2025:19295","https://access.redhat.com/errata/RHSA-2025:19300","https://access.redhat.com/errata/RHSA-2025:19313","https://access.redhat.com/errata/RHSA-2025:19400","https://access.redhat.com/errata/RHSA-2025:19401","https://access.redhat.com/errata/RHSA-2025:19470","https://access.redhat.com/errata/RHSA-2025:19472","https://access.redhat.com/errata/RHSA-2025:19807","https://access.redhat.com/errata/RHSA-2025:19864","https://access.redhat.com/errata/RHSA-2025:20943","https://access.redhat.com/errata/RHSA-2025:21013","https://access.redhat.com/errata/RHSA-2025:21329","https://access.redhat.com/errata/RHSA-2025:21829","https://access.redhat.com/errata/RHSA-2025:22275","https://access.redhat.com/errata/RHSA-2025:23078","https://access.redhat.com/errata/RHSA-2025:23079","https://access.redhat.com/errata/RHSA-2025:23080","https://access.redhat.com/errata/RHSA-2026:0326","https://access.redhat.com/errata/RHSA-2026:1541","https://access.redhat.com/errata/RHSA-2026:3461","https://access.redhat.com/errata/RHSA-2026:3462","https://access.redhat.com/security/cve/CVE-2025-5318","https://bugzilla.redhat.com/show_bug.cgi?id=2369131","https://www.libssh.org/security/advisories/CVE-2025-5318.txt"],"published_time":"2025-06-24T14:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6196","summary":"A flaw was found in libgepub, a library used to read EPUB files. The software mishandles file size calculations when opening specially crafted EPUB files, leading to incorrect memory allocations. This issue causes the application to crash. Known affected usage includes desktop services like Tumbler, which may process malicious files automatically when browsing directories. While no direct remote attack vectors are confirmed, any application using libgepub to parse user-supplied EPUB content could be vulnerable to a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00071,"ranking_epss":0.21651,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-6196","https://bugzilla.redhat.com/show_bug.cgi?id=2373117","https://gitlab.gnome.org/GNOME/libgepub/-/issues/18"],"published_time":"2025-06-17T15:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6199","summary":"A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24361,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-6199","https://bugzilla.redhat.com/show_bug.cgi?id=2373147","https://lists.debian.org/debian-lts-announce/2025/06/msg00023.html"],"published_time":"2025-06-17T15:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6170","summary":"A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.","cvss":2.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.5,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30654,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-6170","https://bugzilla.redhat.com/show_bug.cgi?id=2372952","https://gitlab.gnome.org/GNOME/libxml2/-/issues/941","https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html"],"published_time":"2025-06-16T16:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6035","summary":"A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP \"Despeckle\"  plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1046,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-6035","https://bugzilla.redhat.com/show_bug.cgi?id=2372515","https://gitlab.gnome.org/GNOME/gimp/-/issues/13518","https://lists.debian.org/debian-lts-announce/2025/10/msg00022.html"],"published_time":"2025-06-13T16:15:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6021","summary":"A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02116,"ranking_epss":0.84123,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:10630","https://access.redhat.com/errata/RHSA-2025:10698","https://access.redhat.com/errata/RHSA-2025:10699","https://access.redhat.com/errata/RHSA-2025:11580","https://access.redhat.com/errata/RHSA-2025:11673","https://access.redhat.com/errata/RHSA-2025:12098","https://access.redhat.com/errata/RHSA-2025:12099","https://access.redhat.com/errata/RHSA-2025:12199","https://access.redhat.com/errata/RHSA-2025:12237","https://access.redhat.com/errata/RHSA-2025:12239","https://access.redhat.com/errata/RHSA-2025:12240","https://access.redhat.com/errata/RHSA-2025:12241","https://access.redhat.com/errata/RHSA-2025:13267","https://access.redhat.com/errata/RHSA-2025:13289","https://access.redhat.com/errata/RHSA-2025:13325","https://access.redhat.com/errata/RHSA-2025:13335","https://access.redhat.com/errata/RHSA-2025:13336","https://access.redhat.com/errata/RHSA-2025:14059","https://access.redhat.com/errata/RHSA-2025:14396","https://access.redhat.com/errata/RHSA-2025:15308","https://access.redhat.com/errata/RHSA-2025:15672","https://access.redhat.com/errata/RHSA-2025:19020","https://access.redhat.com/security/cve/CVE-2025-6021","https://bugzilla.redhat.com/show_bug.cgi?id=2372406","https://gitlab.gnome.org/GNOME/libxml2/-/issues/926","https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"],"published_time":"2025-06-12T13:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5916","summary":"A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.27959,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-5916","https://bugzilla.redhat.com/show_bug.cgi?id=2370872","https://github.com/libarchive/libarchive/pull/2568","https://github.com/libarchive/libarchive/releases/tag/v3.8.0"],"published_time":"2025-06-09T20:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5917","summary":"A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. This bug affects libarchive versions prior to 3.8.0.","cvss":2.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.8,"cvss_v4":null,"epss":0.00117,"ranking_epss":0.30581,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-5917","https://bugzilla.redhat.com/show_bug.cgi?id=2370874","https://github.com/libarchive/libarchive/pull/2588","https://github.com/libarchive/libarchive/releases/tag/v3.8.0"],"published_time":"2025-06-09T20:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5918","summary":"A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.2987,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-5918","https://bugzilla.redhat.com/show_bug.cgi?id=2370877","https://github.com/libarchive/libarchive/pull/2584","https://github.com/libarchive/libarchive/releases/tag/v3.8.0"],"published_time":"2025-06-09T20:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5914","summary":"A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00114,"ranking_epss":0.30017,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:14130","https://access.redhat.com/errata/RHSA-2025:14135","https://access.redhat.com/errata/RHSA-2025:14137","https://access.redhat.com/errata/RHSA-2025:14141","https://access.redhat.com/errata/RHSA-2025:14142","https://access.redhat.com/errata/RHSA-2025:14525","https://access.redhat.com/errata/RHSA-2025:14528","https://access.redhat.com/errata/RHSA-2025:14594","https://access.redhat.com/errata/RHSA-2025:14644","https://access.redhat.com/errata/RHSA-2025:14808","https://access.redhat.com/errata/RHSA-2025:14810","https://access.redhat.com/errata/RHSA-2025:14828","https://access.redhat.com/errata/RHSA-2025:15024","https://access.redhat.com/errata/RHSA-2025:15397","https://access.redhat.com/errata/RHSA-2025:15709","https://access.redhat.com/errata/RHSA-2025:15827","https://access.redhat.com/errata/RHSA-2025:15828","https://access.redhat.com/errata/RHSA-2025:16524","https://access.redhat.com/errata/RHSA-2025:18217","https://access.redhat.com/errata/RHSA-2025:18218","https://access.redhat.com/errata/RHSA-2025:18219","https://access.redhat.com/errata/RHSA-2025:19041","https://access.redhat.com/errata/RHSA-2025:19046","https://access.redhat.com/errata/RHSA-2025:21885","https://access.redhat.com/errata/RHSA-2025:21913","https://access.redhat.com/errata/RHSA-2026:0326","https://access.redhat.com/errata/RHSA-2026:0934","https://access.redhat.com/errata/RHSA-2026:1541","https://access.redhat.com/security/cve/CVE-2025-5914","https://bugzilla.redhat.com/show_bug.cgi?id=2370861","https://github.com/libarchive/libarchive/pull/2598","https://github.com/libarchive/libarchive/releases/tag/v3.8.0","https://github.com/libarchive/libarchive/pull/2598"],"published_time":"2025-06-09T20:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5915","summary":"A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.0009,"ranking_epss":0.25503,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-5915","https://bugzilla.redhat.com/show_bug.cgi?id=2370865","https://github.com/libarchive/libarchive/pull/2599","https://github.com/libarchive/libarchive/releases/tag/v3.8.0"],"published_time":"2025-06-09T20:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47711","summary":"There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00311,"ranking_epss":0.54223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-47711","https://bugzilla.redhat.com/show_bug.cgi?id=2365687"],"published_time":"2025-06-09T06:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47712","summary":"A flaw exists in the nbdkit \"blocksize\" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00272,"ranking_epss":0.50662,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-47712","https://bugzilla.redhat.com/show_bug.cgi?id=2365724","https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/67E7AASHHADIY7VAD3FFW2I67LTWVWYF/"],"published_time":"2025-06-09T06:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-4598","summary":"A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27595,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:22660","https://access.redhat.com/errata/RHSA-2025:22868","https://access.redhat.com/errata/RHSA-2025:23227","https://access.redhat.com/errata/RHSA-2025:23234","https://access.redhat.com/errata/RHSA-2026:0414","https://access.redhat.com/errata/RHSA-2026:1652","https://access.redhat.com/security/cve/CVE-2025-4598","https://bugzilla.redhat.com/show_bug.cgi?id=2369242","https://www.openwall.com/lists/oss-security/2025/05/29/3","http://seclists.org/fulldisclosure/2025/Jun/9","http://www.openwall.com/lists/oss-security/2025/06/05/1","http://www.openwall.com/lists/oss-security/2025/06/05/3","http://www.openwall.com/lists/oss-security/2025/08/18/3","https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598","https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/","https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html","https://www.openwall.com/lists/oss-security/2025/08/18/3"],"published_time":"2025-05-30T14:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-4478","summary":"A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00364,"ranking_epss":0.58486,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:9307","https://access.redhat.com/security/cve/CVE-2025-4478","https://bugzilla.redhat.com/show_bug.cgi?id=2365232","https://github.com/FreeRDP/FreeRDP/pull/11573"],"published_time":"2025-05-16T15:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-3891","summary":"A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01334,"ranking_epss":0.7997,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:10002","https://access.redhat.com/errata/RHSA-2025:10003","https://access.redhat.com/errata/RHSA-2025:10004","https://access.redhat.com/errata/RHSA-2025:10006","https://access.redhat.com/errata/RHSA-2025:10007","https://access.redhat.com/errata/RHSA-2025:10008","https://access.redhat.com/errata/RHSA-2025:10010","https://access.redhat.com/errata/RHSA-2025:4597","https://access.redhat.com/errata/RHSA-2025:9396","https://access.redhat.com/security/cve/CVE-2025-3891","https://bugzilla.redhat.com/show_bug.cgi?id=2361633","https://github.com/OpenIDC/mod_auth_openidc/commit/6a0b5f66c87184dfe0e4400f6bdd46a82dc0ec2b","https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-x7cf-8wgv-5j86","https://lists.debian.org/debian-lts-announce/2025/05/msg00007.html"],"published_time":"2025-04-29T12:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46399","summary":"A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00142,"ranking_epss":0.34433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-46399","https://bugzilla.redhat.com/show_bug.cgi?id=2362053","https://sourceforge.net/p/mcj/tickets/190/","https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html"],"published_time":"2025-04-23T21:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46400","summary":"In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00142,"ranking_epss":0.34433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-46400","https://bugzilla.redhat.com/show_bug.cgi?id=2362054","https://sourceforge.net/p/mcj/tickets/187/","https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html"],"published_time":"2025-04-23T21:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46397","summary":"A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00056,"ranking_epss":0.17631,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:0700","https://access.redhat.com/errata/RHSA-2026:0704","https://access.redhat.com/errata/RHSA-2026:0705","https://access.redhat.com/errata/RHSA-2026:0756","https://access.redhat.com/security/cve/CVE-2025-46397","https://bugzilla.redhat.com/show_bug.cgi?id=2362058","https://sourceforge.net/p/mcj/tickets/192/","https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html"],"published_time":"2025-04-23T21:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46398","summary":"In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00167,"ranking_epss":0.37867,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-46398","https://bugzilla.redhat.com/show_bug.cgi?id=2362055","https://sourceforge.net/p/mcj/tickets/191/","https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html"],"published_time":"2025-04-23T21:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-3155","summary":"A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.","cvss":7.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":null,"epss":0.00669,"ranking_epss":0.71296,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:4450","https://access.redhat.com/errata/RHSA-2025:4451","https://access.redhat.com/errata/RHSA-2025:4455","https://access.redhat.com/errata/RHSA-2025:4456","https://access.redhat.com/errata/RHSA-2025:4457","https://access.redhat.com/errata/RHSA-2025:4505","https://access.redhat.com/errata/RHSA-2025:4532","https://access.redhat.com/errata/RHSA-2025:7430","https://access.redhat.com/errata/RHSA-2025:7569","https://access.redhat.com/security/cve/CVE-2025-3155","https://bugzilla.redhat.com/show_bug.cgi?id=2357091","http://www.openwall.com/lists/oss-security/2025/04/04/1","https://lists.debian.org/debian-lts-announce/2025/05/msg00036.html","https://lists.debian.org/debian-lts-announce/2025/05/msg00037.html","https://gist.github.com/parrot409/e970b155358d45b298d7024edd9b17f2"],"published_time":"2025-04-03T14:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-2784","summary":"A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.02145,"ranking_epss":0.84224,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:21657","https://access.redhat.com/errata/RHSA-2025:7505","https://access.redhat.com/errata/RHSA-2025:8126","https://access.redhat.com/errata/RHSA-2025:8132","https://access.redhat.com/errata/RHSA-2025:8139","https://access.redhat.com/errata/RHSA-2025:8140","https://access.redhat.com/errata/RHSA-2025:8252","https://access.redhat.com/errata/RHSA-2025:8480","https://access.redhat.com/errata/RHSA-2025:8481","https://access.redhat.com/errata/RHSA-2025:8482","https://access.redhat.com/errata/RHSA-2025:8663","https://access.redhat.com/errata/RHSA-2025:9179","https://access.redhat.com/security/cve/CVE-2025-2784","https://bugzilla.redhat.com/show_bug.cgi?id=2354669","https://gitlab.gnome.org/GNOME/libsoup/-/issues/422","https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html","https://gitlab.gnome.org/GNOME/libsoup/-/issues/422"],"published_time":"2025-04-03T03:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31176","summary":"A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-31176","https://bugzilla.redhat.com/show_bug.cgi?id=2355343"],"published_time":"2025-03-27T15:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31178","summary":"A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-31178","https://bugzilla.redhat.com/show_bug.cgi?id=2355341"],"published_time":"2025-03-27T15:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31179","summary":"A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-31179","https://bugzilla.redhat.com/show_bug.cgi?id=2355340"],"published_time":"2025-03-27T15:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31180","summary":"A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-31180","https://bugzilla.redhat.com/show_bug.cgi?id=2355339"],"published_time":"2025-03-27T15:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31181","summary":"A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-31181","https://bugzilla.redhat.com/show_bug.cgi?id=2355338"],"published_time":"2025-03-27T15:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-0678","summary":"A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07584,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2025-0678","https://bugzilla.redhat.com/show_bug.cgi?id=2346118"],"published_time":"2025-03-03T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45778","summary":"A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.","cvss":4.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.1,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04375,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45778","https://bugzilla.redhat.com/show_bug.cgi?id=2345640","https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"],"published_time":"2025-03-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45782","summary":"A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00854,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45782","https://bugzilla.redhat.com/show_bug.cgi?id=2345858"],"published_time":"2025-03-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26599","summary":"An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26599","https://bugzilla.redhat.com/show_bug.cgi?id=2345253","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26600","summary":"A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26600","https://bugzilla.redhat.com/show_bug.cgi?id=2345252","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","https://security.netapp.com/advisory/ntap-20250516-0005/"],"published_time":"2025-02-25T16:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26601","summary":"A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26601","https://bugzilla.redhat.com/show_bug.cgi?id=2345251","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","https://security.netapp.com/advisory/ntap-20250516-0004/"],"published_time":"2025-02-25T16:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26594","summary":"A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26594","https://bugzilla.redhat.com/show_bug.cgi?id=2345248","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26595","summary":"A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26595","https://bugzilla.redhat.com/show_bug.cgi?id=2345257","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26596","summary":"A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26596","https://bugzilla.redhat.com/show_bug.cgi?id=2345256","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26597","summary":"A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26597","https://bugzilla.redhat.com/show_bug.cgi?id=2345255","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26598","summary":"An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06165,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2500","https://access.redhat.com/errata/RHSA-2025:2502","https://access.redhat.com/errata/RHSA-2025:2861","https://access.redhat.com/errata/RHSA-2025:2862","https://access.redhat.com/errata/RHSA-2025:2865","https://access.redhat.com/errata/RHSA-2025:2866","https://access.redhat.com/errata/RHSA-2025:2873","https://access.redhat.com/errata/RHSA-2025:2874","https://access.redhat.com/errata/RHSA-2025:2875","https://access.redhat.com/errata/RHSA-2025:2879","https://access.redhat.com/errata/RHSA-2025:2880","https://access.redhat.com/errata/RHSA-2025:3976","https://access.redhat.com/errata/RHSA-2025:7163","https://access.redhat.com/errata/RHSA-2025:7165","https://access.redhat.com/errata/RHSA-2025:7458","https://access.redhat.com/security/cve/CVE-2025-26598","https://bugzilla.redhat.com/show_bug.cgi?id=2345254","https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html"],"published_time":"2025-02-25T16:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45777","summary":"A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06266,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:20532","https://access.redhat.com/security/cve/CVE-2024-45777","https://bugzilla.redhat.com/show_bug.cgi?id=2346343"],"published_time":"2025-02-19T18:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-26465","summary":"A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.73605,"ranking_epss":0.98809,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:16823","https://access.redhat.com/errata/RHSA-2025:3837","https://access.redhat.com/errata/RHSA-2025:6993","https://access.redhat.com/errata/RHSA-2025:8385","https://access.redhat.com/security/cve/CVE-2025-26465","https://access.redhat.com/solutions/7109879","https://bugzilla.redhat.com/show_bug.cgi?id=2344780","https://seclists.org/oss-sec/2025/q1/144","http://seclists.org/fulldisclosure/2025/Feb/18","http://seclists.org/fulldisclosure/2025/May/7","http://seclists.org/fulldisclosure/2025/May/8","https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466","https://bugzilla.suse.com/show_bug.cgi?id=1237040","https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig","https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html","https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html","https://security-tracker.debian.org/tracker/CVE-2025-26465","https://security.netapp.com/advisory/ntap-20250228-0003/","https://ubuntu.com/security/CVE-2025-26465","https://www.openssh.com/releasenotes.html#9.9p2","https://www.openwall.com/lists/oss-security/2025/02/18/1","https://www.openwall.com/lists/oss-security/2025/02/18/4","https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/","https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh","https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh","https://seclists.org/oss-sec/2025/q1/144"],"published_time":"2025-02-18T19:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-12084","summary":"A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.03461,"ranking_epss":0.8753,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHBA-2025:6470","https://access.redhat.com/security/cve/CVE-2024-12084","https://bugzilla.redhat.com/show_bug.cgi?id=2330527","https://kb.cert.org/vuls/id/952657","http://www.openwall.com/lists/oss-security/2025/01/14/6","https://security.netapp.com/advisory/ntap-20250131-0002/","https://www.kb.cert.org/vuls/id/952657","https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"],"published_time":"2025-01-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-12085","summary":"A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19143,"ranking_epss":0.95352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:0324","https://access.redhat.com/errata/RHSA-2025:0325","https://access.redhat.com/errata/RHSA-2025:0637","https://access.redhat.com/errata/RHSA-2025:0688","https://access.redhat.com/errata/RHSA-2025:0714","https://access.redhat.com/errata/RHSA-2025:0774","https://access.redhat.com/errata/RHSA-2025:0787","https://access.redhat.com/errata/RHSA-2025:0790","https://access.redhat.com/errata/RHSA-2025:0849","https://access.redhat.com/errata/RHSA-2025:0884","https://access.redhat.com/errata/RHSA-2025:0885","https://access.redhat.com/errata/RHSA-2025:1120","https://access.redhat.com/errata/RHSA-2025:1123","https://access.redhat.com/errata/RHSA-2025:1128","https://access.redhat.com/errata/RHSA-2025:1225","https://access.redhat.com/errata/RHSA-2025:1227","https://access.redhat.com/errata/RHSA-2025:1242","https://access.redhat.com/errata/RHSA-2025:1451","https://access.redhat.com/errata/RHSA-2025:21885","https://access.redhat.com/errata/RHSA-2025:2701","https://access.redhat.com/security/cve/CVE-2024-12085","https://bugzilla.redhat.com/show_bug.cgi?id=2330539","https://kb.cert.org/vuls/id/952657","https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html","https://security.netapp.com/advisory/ntap-20250131-0002/","https://www.kb.cert.org/vuls/id/952657","https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"],"published_time":"2025-01-14T18:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-12086","summary":"A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00635,"ranking_epss":0.70403,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-12086","https://bugzilla.redhat.com/show_bug.cgi?id=2330577","https://kb.cert.org/vuls/id/952657","https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html","https://security.netapp.com/advisory/ntap-20250131-0002/","https://www.kb.cert.org/vuls/id/952657","https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"],"published_time":"2025-01-14T18:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-12087","summary":"A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.03189,"ranking_epss":0.8698,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:23154","https://access.redhat.com/errata/RHSA-2025:23235","https://access.redhat.com/errata/RHSA-2025:23407","https://access.redhat.com/errata/RHSA-2025:23415","https://access.redhat.com/errata/RHSA-2025:23416","https://access.redhat.com/errata/RHSA-2025:23842","https://access.redhat.com/errata/RHSA-2025:23853","https://access.redhat.com/errata/RHSA-2025:23854","https://access.redhat.com/errata/RHSA-2025:23858","https://access.redhat.com/errata/RHSA-2025:2600","https://access.redhat.com/errata/RHSA-2025:7050","https://access.redhat.com/errata/RHSA-2025:8385","https://access.redhat.com/security/cve/CVE-2024-12087","https://bugzilla.redhat.com/show_bug.cgi?id=2330672","https://kb.cert.org/vuls/id/952657","https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html","https://security.netapp.com/advisory/ntap-20250131-0002/","https://www.kb.cert.org/vuls/id/952657","https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"],"published_time":"2025-01-14T18:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-12088","summary":"A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.02887,"ranking_epss":0.86311,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:2600","https://access.redhat.com/errata/RHSA-2025:7050","https://access.redhat.com/errata/RHSA-2025:8385","https://access.redhat.com/security/cve/CVE-2024-12088","https://bugzilla.redhat.com/show_bug.cgi?id=2330676","https://kb.cert.org/vuls/id/952657","https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html","https://security.netapp.com/advisory/ntap-20250131-0002/","https://www.kb.cert.org/vuls/id/952657","https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"],"published_time":"2025-01-14T18:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-49394","summary":"In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.24059,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-49394","https://bugzilla.redhat.com/show_bug.cgi?id=2325330"],"published_time":"2024-11-12T03:15:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-49395","summary":"In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00147,"ranking_epss":0.35087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-49395","https://bugzilla.redhat.com/show_bug.cgi?id=2325332"],"published_time":"2024-11-12T03:15:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-49393","summary":"In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00083,"ranking_epss":0.24191,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-49393","https://bugzilla.redhat.com/show_bug.cgi?id=2325317"],"published_time":"2024-11-12T02:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-50074","summary":"In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf().  However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05911,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://git.kernel.org/stable/c/02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9","https://git.kernel.org/stable/c/1826b6d69bbb7f9ae8711827facbb2ad7f8d0aaa","https://git.kernel.org/stable/c/2a8b26a09c8e3ea03da1ef3cd0ef6b96e559fba6","https://git.kernel.org/stable/c/440311903231c6e6c9bcf8acb6a2885a422e00bc","https://git.kernel.org/stable/c/66029078fee00646e2e9dbb8f41ff7819f8e7569","https://git.kernel.org/stable/c/8aadef73ba3b325704ed5cfc4696a25c350182cf","https://git.kernel.org/stable/c/b0641e53e6cb937487b6cfb15772374f0ba149b3","https://git.kernel.org/stable/c/fca048f222ce9dcbde5708ba2bf81d85a4a27952","https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"],"published_time":"2024-10-29T01:15:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-10041","summary":"A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:10379","https://access.redhat.com/errata/RHSA-2024:11250","https://access.redhat.com/errata/RHSA-2024:9941","https://access.redhat.com/security/cve/CVE-2024-10041","https://bugzilla.redhat.com/show_bug.cgi?id=2319212"],"published_time":"2024-10-23T14:15:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-10033","summary":"A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the \"?next=\" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00845,"ranking_epss":0.74811,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:8534","https://access.redhat.com/security/cve/CVE-2024-10033","https://bugzilla.redhat.com/show_bug.cgi?id=2319162"],"published_time":"2024-10-16T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-9676","summary":"A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01331,"ranking_epss":0.79951,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:10289","https://access.redhat.com/errata/RHSA-2024:8418","https://access.redhat.com/errata/RHSA-2024:8428","https://access.redhat.com/errata/RHSA-2024:8437","https://access.redhat.com/errata/RHSA-2024:8686","https://access.redhat.com/errata/RHSA-2024:8690","https://access.redhat.com/errata/RHSA-2024:8694","https://access.redhat.com/errata/RHSA-2024:8700","https://access.redhat.com/errata/RHSA-2024:8984","https://access.redhat.com/errata/RHSA-2024:9051","https://access.redhat.com/errata/RHSA-2024:9454","https://access.redhat.com/errata/RHSA-2024:9459","https://access.redhat.com/errata/RHSA-2024:9926","https://access.redhat.com/errata/RHSA-2025:0876","https://access.redhat.com/errata/RHSA-2025:2454","https://access.redhat.com/errata/RHSA-2025:2710","https://access.redhat.com/errata/RHSA-2025:3301","https://access.redhat.com/security/cve/CVE-2024-9676","https://bugzilla.redhat.com/show_bug.cgi?id=2317467","https://github.com/advisories/GHSA-wq2p-5pc6-wpgf","https://github.com/containers/storage/commit/935c58f4b3e364a9c9d33ed06476a831e6ad5679"],"published_time":"2024-10-15T16:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-9675","summary":"A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.33963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:8563","https://access.redhat.com/errata/RHSA-2024:8675","https://access.redhat.com/errata/RHSA-2024:8679","https://access.redhat.com/errata/RHSA-2024:8686","https://access.redhat.com/errata/RHSA-2024:8690","https://access.redhat.com/errata/RHSA-2024:8700","https://access.redhat.com/errata/RHSA-2024:8703","https://access.redhat.com/errata/RHSA-2024:8707","https://access.redhat.com/errata/RHSA-2024:8708","https://access.redhat.com/errata/RHSA-2024:8709","https://access.redhat.com/errata/RHSA-2024:8846","https://access.redhat.com/errata/RHSA-2024:8984","https://access.redhat.com/errata/RHSA-2024:8994","https://access.redhat.com/errata/RHSA-2024:9051","https://access.redhat.com/errata/RHSA-2024:9454","https://access.redhat.com/errata/RHSA-2024:9459","https://access.redhat.com/errata/RHSA-2025:2445","https://access.redhat.com/errata/RHSA-2025:2449","https://access.redhat.com/errata/RHSA-2025:2454","https://access.redhat.com/errata/RHSA-2025:2701","https://access.redhat.com/errata/RHSA-2025:2710","https://access.redhat.com/errata/RHSA-2025:3301","https://access.redhat.com/errata/RHSA-2025:3573","https://access.redhat.com/security/cve/CVE-2024-9675","https://bugzilla.redhat.com/show_bug.cgi?id=2317458"],"published_time":"2024-10-09T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-9341","summary":"A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00899,"ranking_epss":0.75649,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:10147","https://access.redhat.com/errata/RHSA-2024:10818","https://access.redhat.com/errata/RHSA-2024:7925","https://access.redhat.com/errata/RHSA-2024:8039","https://access.redhat.com/errata/RHSA-2024:8112","https://access.redhat.com/errata/RHSA-2024:8238","https://access.redhat.com/errata/RHSA-2024:8263","https://access.redhat.com/errata/RHSA-2024:8428","https://access.redhat.com/errata/RHSA-2024:8690","https://access.redhat.com/errata/RHSA-2024:8694","https://access.redhat.com/errata/RHSA-2024:8846","https://access.redhat.com/errata/RHSA-2024:9454","https://access.redhat.com/errata/RHSA-2024:9459","https://access.redhat.com/security/cve/CVE-2024-9341","https://bugzilla.redhat.com/show_bug.cgi?id=2315691","https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169","https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349"],"published_time":"2024-10-01T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-8354","summary":"A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13732,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-8354","https://bugzilla.redhat.com/show_bug.cgi?id=2313497","https://security.netapp.com/advisory/ntap-20241011-0008/"],"published_time":"2024-09-19T11:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-8443","summary":"A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution.","cvss":2.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.9,"cvss_v4":null,"epss":0.00194,"ranking_epss":0.41341,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-8443","https://bugzilla.redhat.com/show_bug.cgi?id=2310494","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-10T14:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-7341","summary":"A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.01738,"ranking_epss":0.82487,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:6493","https://access.redhat.com/errata/RHSA-2024:6494","https://access.redhat.com/errata/RHSA-2024:6495","https://access.redhat.com/errata/RHSA-2024:6497","https://access.redhat.com/errata/RHSA-2024:6499","https://access.redhat.com/errata/RHSA-2024:6500","https://access.redhat.com/errata/RHSA-2024:6501","https://access.redhat.com/errata/RHSA-2024:6502","https://access.redhat.com/errata/RHSA-2024:6503","https://access.redhat.com/security/cve/CVE-2024-7341","https://bugzilla.redhat.com/show_bug.cgi?id=2302064","https://github.com/advisories/GHSA-j76j-rqwj-jmvv"],"published_time":"2024-09-09T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45617","summary":"A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nInsufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00145,"ranking_epss":0.34791,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45617","https://bugzilla.redhat.com/show_bug.cgi?id=2309286","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45618","summary":"A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nInsufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00116,"ranking_epss":0.30311,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45618","https://bugzilla.redhat.com/show_bug.cgi?id=2309287","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45619","summary":"A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45619","https://bugzilla.redhat.com/show_bug.cgi?id=2309288","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45620","summary":"A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45620","https://bugzilla.redhat.com/show_bug.cgi?id=2309289","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45615","summary":"A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. \nThe problem is missing  initialization of variables expected to be initialized (as arguments to other functions, etc.).","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00091,"ranking_epss":0.2562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45615","https://bugzilla.redhat.com/show_bug.cgi?id=2309285","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-45616","summary":"A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nThe following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.","cvss":3.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.9,"cvss_v4":null,"epss":0.00091,"ranking_epss":0.2562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-45616","https://bugzilla.redhat.com/show_bug.cgi?id=2309290","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html"],"published_time":"2024-09-03T22:15:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-4629","summary":"A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01093,"ranking_epss":0.77973,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:6493","https://access.redhat.com/errata/RHSA-2024:6494","https://access.redhat.com/errata/RHSA-2024:6495","https://access.redhat.com/errata/RHSA-2024:6497","https://access.redhat.com/errata/RHSA-2024:6499","https://access.redhat.com/errata/RHSA-2024:6500","https://access.redhat.com/errata/RHSA-2024:6501","https://access.redhat.com/security/cve/CVE-2024-4629","https://bugzilla.redhat.com/show_bug.cgi?id=2276761","https://github.com/hnsecurity/vulns/blob/main/HNS-2024-09-Keycloak.md","https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system/"],"published_time":"2024-09-03T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-8235","summary":"A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.27772,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:9128","https://access.redhat.com/security/cve/CVE-2024-8235","https://bugzilla.redhat.com/show_bug.cgi?id=2308680","https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/X6WOVCL6QF3FQRFIIXL736RFZVSUWLWJ/","https://security.netapp.com/advisory/ntap-20240920-0006/"],"published_time":"2024-08-30T17:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44070","summary":"An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32393,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/FRRouting/frr/pull/16497","https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html"],"published_time":"2024-08-19T02:15:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-7006","summary":"A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00541,"ranking_epss":0.67638,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:6360","https://access.redhat.com/errata/RHSA-2024:8833","https://access.redhat.com/errata/RHSA-2024:8914","https://access.redhat.com/security/cve/CVE-2024-7006","https://bugzilla.redhat.com/show_bug.cgi?id=2302996","https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html","https://security.netapp.com/advisory/ntap-20240920-0001/"],"published_time":"2024-08-12T13:38:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-3056","summary":"A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system.","cvss":7.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00356,"ranking_epss":0.57928,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-3056","https://bugzilla.redhat.com/show_bug.cgi?id=2270717","https://security.netapp.com/advisory/ntap-20241227-0002/"],"published_time":"2024-08-02T21:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39327","summary":"A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.0748,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:4128","https://access.redhat.com/security/cve/CVE-2023-39327","https://bugzilla.redhat.com/show_bug.cgi?id=2295812","https://access.redhat.com/security/cve/CVE-2023-39327","https://bugzilla.redhat.com/show_bug.cgi?id=2295812"],"published_time":"2024-07-13T03:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39329","summary":"A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19205,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2026:4128","https://access.redhat.com/security/cve/CVE-2023-39329","https://bugzilla.redhat.com/show_bug.cgi?id=2295816","https://access.redhat.com/security/cve/CVE-2023-39329","https://bugzilla.redhat.com/show_bug.cgi?id=2295816"],"published_time":"2024-07-13T03:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-6237","summary":"A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00816,"ranking_epss":0.74327,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:4997","https://access.redhat.com/errata/RHSA-2024:5192","https://access.redhat.com/security/cve/CVE-2024-6237","https://bugzilla.redhat.com/show_bug.cgi?id=2293579","https://github.com/389ds/389-ds-base/issues/5989","https://access.redhat.com/security/cve/CVE-2024-6237","https://bugzilla.redhat.com/show_bug.cgi?id=2293579","https://github.com/389ds/389-ds-base/issues/5989"],"published_time":"2024-07-09T17:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39328","summary":"A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02271,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-39328","https://bugzilla.redhat.com/show_bug.cgi?id=2219236","https://access.redhat.com/security/cve/CVE-2023-39328","https://bugzilla.redhat.com/show_bug.cgi?id=2219236"],"published_time":"2024-07-09T14:15:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-6505","summary":"A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24577,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-6505","https://bugzilla.redhat.com/show_bug.cgi?id=2295760","https://access.redhat.com/security/cve/CVE-2024-6505","https://bugzilla.redhat.com/show_bug.cgi?id=2295760","https://security.netapp.com/advisory/ntap-20240816-0006/"],"published_time":"2024-07-05T14:15:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-6387","summary":"A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.44589,"ranking_epss":0.9757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:4312","https://access.redhat.com/errata/RHSA-2024:4340","https://access.redhat.com/errata/RHSA-2024:4389","https://access.redhat.com/errata/RHSA-2024:4469","https://access.redhat.com/errata/RHSA-2024:4474","https://access.redhat.com/errata/RHSA-2024:4479","https://access.redhat.com/errata/RHSA-2024:4484","https://access.redhat.com/security/cve/CVE-2024-6387","https://bugzilla.redhat.com/show_bug.cgi?id=2294604","https://santandersecurityresearch.github.io/blog/sshing_the_masses.html","https://www.openssh.com/txt/release-9.8","https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt","http://seclists.org/fulldisclosure/2024/Jul/18","http://seclists.org/fulldisclosure/2024/Jul/19","http://seclists.org/fulldisclosure/2024/Jul/20","http://www.openwall.com/lists/oss-security/2024/07/01/12","http://www.openwall.com/lists/oss-security/2024/07/01/13","http://www.openwall.com/lists/oss-security/2024/07/02/1","http://www.openwall.com/lists/oss-security/2024/07/03/1","http://www.openwall.com/lists/oss-security/2024/07/03/11","http://www.openwall.com/lists/oss-security/2024/07/03/2","http://www.openwall.com/lists/oss-security/2024/07/03/3","http://www.openwall.com/lists/oss-security/2024/07/03/4","http://www.openwall.com/lists/oss-security/2024/07/03/5","http://www.openwall.com/lists/oss-security/2024/07/04/1","http://www.openwall.com/lists/oss-security/2024/07/04/2","http://www.openwall.com/lists/oss-security/2024/07/08/2","http://www.openwall.com/lists/oss-security/2024/07/08/3","http://www.openwall.com/lists/oss-security/2024/07/09/2","http://www.openwall.com/lists/oss-security/2024/07/09/5","http://www.openwall.com/lists/oss-security/2024/07/10/1","http://www.openwall.com/lists/oss-security/2024/07/10/2","http://www.openwall.com/lists/oss-security/2024/07/10/3","http://www.openwall.com/lists/oss-security/2024/07/10/4","http://www.openwall.com/lists/oss-security/2024/07/10/6","http://www.openwall.com/lists/oss-security/2024/07/11/1","http://www.openwall.com/lists/oss-security/2024/07/11/3","http://www.openwall.com/lists/oss-security/2024/07/23/4","http://www.openwall.com/lists/oss-security/2024/07/23/6","http://www.openwall.com/lists/oss-security/2024/07/28/2","http://www.openwall.com/lists/oss-security/2024/07/28/3","https://access.redhat.com/errata/RHSA-2024:4312","https://access.redhat.com/errata/RHSA-2024:4340","https://access.redhat.com/errata/RHSA-2024:4389","https://access.redhat.com/errata/RHSA-2024:4469","https://access.redhat.com/errata/RHSA-2024:4474","https://access.redhat.com/errata/RHSA-2024:4479","https://access.redhat.com/errata/RHSA-2024:4484","https://access.redhat.com/security/cve/CVE-2024-6387","https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/","https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/","https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server","https://bugzilla.redhat.com/show_bug.cgi?id=2294604","https://explore.alas.aws.amazon.com/CVE-2024-6387.html","https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132","https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc","https://github.com/AlmaLinux/updates/issues/629","https://github.com/Azure/AKS/issues/4379","https://github.com/PowerShell/Win32-OpenSSH/discussions/2248","https://github.com/PowerShell/Win32-OpenSSH/issues/2249","https://github.com/microsoft/azurelinux/issues/9555","https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09","https://github.com/oracle/oracle-linux/issues/149","https://github.com/rapier1/hpn-ssh/issues/87","https://github.com/zgzhang/cve-2024-6387-poc","https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/","https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html","https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html","https://news.ycombinator.com/item?id=40843778","https://packetstorm.news/files/id/190587/","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010","https://santandersecurityresearch.github.io/blog/sshing_the_masses.html","https://security-tracker.debian.org/tracker/CVE-2024-6387","https://security.netapp.com/advisory/ntap-20240701-0001/","https://sig-security.rocky.page/issues/CVE-2024-6387/","https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/","https://support.apple.com/kb/HT214118","https://support.apple.com/kb/HT214119","https://support.apple.com/kb/HT214120","https://ubuntu.com/security/CVE-2024-6387","https://ubuntu.com/security/notices/USN-6859-1","https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do","https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100","https://www.exploit-db.com/exploits/52269","https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc","https://www.openssh.com/txt/release-9.8","https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt","https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html","https://www.suse.com/security/cve/CVE-2024-6387.html","https://www.theregister.com/2024/07/01/regresshion_openssh/","https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"],"published_time":"2024-07-01T13:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-6239","summary":"A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00127,"ranking_epss":0.32065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:5305","https://access.redhat.com/errata/RHSA-2024:9167","https://access.redhat.com/security/cve/CVE-2024-6239","https://bugzilla.redhat.com/show_bug.cgi?id=2293594","https://access.redhat.com/security/cve/CVE-2024-6239","https://bugzilla.redhat.com/show_bug.cgi?id=2293594"],"published_time":"2024-06-21T14:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-5742","summary":"A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:6986","https://access.redhat.com/errata/RHSA-2024:9430","https://access.redhat.com/security/cve/CVE-2024-5742","https://bugzilla.redhat.com/show_bug.cgi?id=2278574","https://access.redhat.com/security/cve/CVE-2024-5742","https://bugzilla.redhat.com/show_bug.cgi?id=2278574","https://lists.debian.org/debian-lts-announce/2024/06/msg00006.html"],"published_time":"2024-06-12T09:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-5154","summary":"A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01678,"ranking_epss":0.82164,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:10818","https://access.redhat.com/errata/RHSA-2024:3676","https://access.redhat.com/errata/RHSA-2024:3700","https://access.redhat.com/errata/RHSA-2024:4008","https://access.redhat.com/errata/RHSA-2024:4159","https://access.redhat.com/errata/RHSA-2024:4486","https://access.redhat.com/security/cve/CVE-2024-5154","https://bugzilla.redhat.com/show_bug.cgi?id=2280190","https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8","https://access.redhat.com/errata/RHSA-2024:3676","https://access.redhat.com/errata/RHSA-2024:3700","https://access.redhat.com/errata/RHSA-2024:4008","https://access.redhat.com/errata/RHSA-2024:4486","https://access.redhat.com/security/cve/CVE-2024-5154","https://bugzilla.redhat.com/show_bug.cgi?id=2280190","https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8"],"published_time":"2024-06-12T09:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-3183","summary":"A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.21232,"ranking_epss":0.95672,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:3754","https://access.redhat.com/errata/RHSA-2024:3755","https://access.redhat.com/errata/RHSA-2024:3756","https://access.redhat.com/errata/RHSA-2024:3757","https://access.redhat.com/errata/RHSA-2024:3758","https://access.redhat.com/errata/RHSA-2024:3759","https://access.redhat.com/errata/RHSA-2024:3760","https://access.redhat.com/errata/RHSA-2024:3761","https://access.redhat.com/errata/RHSA-2024:3775","https://access.redhat.com/security/cve/CVE-2024-3183","https://bugzilla.redhat.com/show_bug.cgi?id=2270685","https://www.freeipa.org/release-notes/4-12-1.html","https://access.redhat.com/errata/RHSA-2024:3754","https://access.redhat.com/errata/RHSA-2024:3755","https://access.redhat.com/errata/RHSA-2024:3756","https://access.redhat.com/errata/RHSA-2024:3757","https://access.redhat.com/errata/RHSA-2024:3758","https://access.redhat.com/errata/RHSA-2024:3759","https://access.redhat.com/errata/RHSA-2024:3760","https://access.redhat.com/errata/RHSA-2024:3761","https://access.redhat.com/errata/RHSA-2024:3775","https://access.redhat.com/security/cve/CVE-2024-3183","https://bugzilla.redhat.com/show_bug.cgi?id=2270685","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WT3JL7JQDIAFKKEFARWYES7GZNWGQNCI/","https://www.freeipa.org/release-notes/4-12-1.html"],"published_time":"2024-06-12T09:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-2698","summary":"A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the \"forwardable\" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request.\r\n\r\nIn FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00555,"ranking_epss":0.68085,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:3754","https://access.redhat.com/errata/RHSA-2024:3755","https://access.redhat.com/errata/RHSA-2024:3757","https://access.redhat.com/errata/RHSA-2024:3759","https://access.redhat.com/security/cve/CVE-2024-2698","https://bugzilla.redhat.com/show_bug.cgi?id=2270353","https://www.freeipa.org/release-notes/4-12-1.html","https://access.redhat.com/errata/RHSA-2024:3754","https://access.redhat.com/errata/RHSA-2024:3755","https://access.redhat.com/errata/RHSA-2024:3757","https://access.redhat.com/errata/RHSA-2024:3759","https://access.redhat.com/security/cve/CVE-2024-2698","https://bugzilla.redhat.com/show_bug.cgi?id=2270353","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WT3JL7JQDIAFKKEFARWYES7GZNWGQNCI/","https://www.freeipa.org/release-notes/4-12-1.html"],"published_time":"2024-06-12T08:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-3049","summary":"A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01032,"ranking_epss":0.77343,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:3657","https://access.redhat.com/errata/RHSA-2024:3658","https://access.redhat.com/errata/RHSA-2024:3659","https://access.redhat.com/errata/RHSA-2024:3660","https://access.redhat.com/errata/RHSA-2024:3661","https://access.redhat.com/errata/RHSA-2024:4400","https://access.redhat.com/errata/RHSA-2024:4411","https://access.redhat.com/security/cve/CVE-2024-3049","https://bugzilla.redhat.com/show_bug.cgi?id=2272082","https://github.com/ClusterLabs/booth/pull/142","https://access.redhat.com/errata/RHSA-2024:3657","https://access.redhat.com/errata/RHSA-2024:3658","https://access.redhat.com/errata/RHSA-2024:3659","https://access.redhat.com/errata/RHSA-2024:3660","https://access.redhat.com/errata/RHSA-2024:3661","https://access.redhat.com/errata/RHSA-2024:4400","https://access.redhat.com/errata/RHSA-2024:4411","https://access.redhat.com/security/cve/CVE-2024-3049","https://bugzilla.redhat.com/show_bug.cgi?id=2272082","https://lists.debian.org/debian-lts-announce/2024/09/msg00037.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERCFM3HXFJKLEMMWU3CZLPKH5LZAEDAN/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPK5BHYOB7CFFRQAN55YV5LH44PWHMQD/"],"published_time":"2024-06-06T06:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3758","summary":"A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08113,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1919","https://access.redhat.com/errata/RHSA-2024:1920","https://access.redhat.com/errata/RHSA-2024:1921","https://access.redhat.com/errata/RHSA-2024:1922","https://access.redhat.com/errata/RHSA-2024:2571","https://access.redhat.com/errata/RHSA-2024:3270","https://access.redhat.com/security/cve/CVE-2023-3758","https://bugzilla.redhat.com/show_bug.cgi?id=2223762","https://github.com/SSSD/sssd/pull/7302","https://access.redhat.com/errata/RHSA-2024:1919","https://access.redhat.com/errata/RHSA-2024:1920","https://access.redhat.com/errata/RHSA-2024:1921","https://access.redhat.com/errata/RHSA-2024:1922","https://access.redhat.com/errata/RHSA-2024:2571","https://access.redhat.com/errata/RHSA-2024:3270","https://access.redhat.com/security/cve/CVE-2023-3758","https://bugzilla.redhat.com/show_bug.cgi?id=2223762","https://github.com/SSSD/sssd/pull/7302","https://lists.debian.org/debian-lts-announce/2025/02/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/"],"published_time":"2024-04-18T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24809","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00135,"ranking_epss":0.33212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105242","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209","https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105242","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209"],"published_time":"2024-04-16T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24806","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00212,"ranking_epss":0.43725,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209","https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209"],"published_time":"2024-04-16T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24807","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00501,"ranking_epss":0.6598,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105239","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209","https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105239","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209"],"published_time":"2024-04-16T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24808","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00195,"ranking_epss":0.41467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105240","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209","https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105240","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209"],"published_time":"2024-04-16T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24805","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of             `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.\n","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00415,"ranking_epss":0.6167,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105238","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209","https://bugzilla.redhat.com/show_bug.cgi?id=2103225","https://bugzilla.redhat.com/show_bug.cgi?id=2105238","https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","https://security.gentoo.org/glsa/202210-29","https://www.debian.org/security/2022/dsa-5209"],"published_time":"2024-04-16T20:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-3567","summary":"A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24592,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:4492","https://access.redhat.com/security/cve/CVE-2024-3567","https://bugzilla.redhat.com/show_bug.cgi?id=2274339","https://gitlab.com/qemu-project/qemu/-/issues/2273","https://access.redhat.com/security/cve/CVE-2024-3567","https://bugzilla.redhat.com/show_bug.cgi?id=2274339","https://gitlab.com/qemu-project/qemu/-/issues/2273","https://security.netapp.com/advisory/ntap-20240822-0007/"],"published_time":"2024-04-10T15:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-2496","summary":"A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.1094,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2236","https://access.redhat.com/security/cve/CVE-2024-2496","https://bugzilla.redhat.com/show_bug.cgi?id=2269672","https://access.redhat.com/errata/RHSA-2024:2236","https://access.redhat.com/security/cve/CVE-2024-2496","https://bugzilla.redhat.com/show_bug.cgi?id=2269672","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html"],"published_time":"2024-03-18T13:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-2002","summary":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-2002","https://bugzilla.redhat.com/show_bug.cgi?id=2267700","https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt","https://access.redhat.com/security/cve/CVE-2024-2002","https://bugzilla.redhat.com/show_bug.cgi?id=2267700","https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"],"published_time":"2024-03-18T13:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-7250","summary":"A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16873,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:4241","https://access.redhat.com/errata/RHSA-2024:9185","https://access.redhat.com/security/cve/CVE-2023-7250","https://bugzilla.redhat.com/show_bug.cgi?id=2244707","https://access.redhat.com/errata/RHSA-2024:4241","https://access.redhat.com/security/cve/CVE-2023-7250","https://bugzilla.redhat.com/show_bug.cgi?id=2244707","https://lists.debian.org/debian-lts-announce/2025/01/msg00027.html"],"published_time":"2024-03-18T13:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6917","summary":"A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2213","https://access.redhat.com/security/cve/CVE-2023-6917","https://bugzilla.redhat.com/show_bug.cgi?id=2254983","https://access.redhat.com/errata/RHSA-2024:2213","https://access.redhat.com/security/cve/CVE-2023-6917","https://bugzilla.redhat.com/show_bug.cgi?id=2254983"],"published_time":"2024-02-28T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-52160","summary":"The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0417,"ranking_epss":0.88693,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/","https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c","https://www.top10vpn.com/research/wifi-vulnerabilities/","https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/","https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c","https://www.top10vpn.com/research/wifi-vulnerabilities/"],"published_time":"2024-02-22T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-1488","summary":"A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.","cvss":8.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.0,"cvss_v4":null,"epss":0.00111,"ranking_epss":0.29534,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1750","https://access.redhat.com/errata/RHSA-2024:1751","https://access.redhat.com/errata/RHSA-2024:1780","https://access.redhat.com/errata/RHSA-2024:1801","https://access.redhat.com/errata/RHSA-2024:1802","https://access.redhat.com/errata/RHSA-2024:1804","https://access.redhat.com/errata/RHSA-2024:2587","https://access.redhat.com/errata/RHSA-2024:2696","https://access.redhat.com/errata/RHSA-2025:0837","https://access.redhat.com/security/cve/CVE-2024-1488","https://bugzilla.redhat.com/show_bug.cgi?id=2264183","https://access.redhat.com/errata/RHSA-2024:1750","https://access.redhat.com/errata/RHSA-2024:1751","https://access.redhat.com/errata/RHSA-2024:1780","https://access.redhat.com/errata/RHSA-2024:1801","https://access.redhat.com/errata/RHSA-2024:1802","https://access.redhat.com/errata/RHSA-2024:1804","https://access.redhat.com/errata/RHSA-2024:2587","https://access.redhat.com/errata/RHSA-2024:2696","https://access.redhat.com/security/cve/CVE-2024-1488","https://bugzilla.redhat.com/show_bug.cgi?id=2264183"],"published_time":"2024-02-15T05:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-50387","summary":"Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.51989,"ranking_epss":0.97914,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2024/02/16/2","http://www.openwall.com/lists/oss-security/2024/02/16/3","https://access.redhat.com/security/cve/CVE-2023-50387","https://bugzilla.suse.com/show_bug.cgi?id=1219823","https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","https://kb.isc.org/docs/cve-2023-50387","https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","https://news.ycombinator.com/item?id=39367411","https://news.ycombinator.com/item?id=39372384","https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","https://security.netapp.com/advisory/ntap-20240307-0007/","https://www.athene-center.de/aktuelles/key-trap","https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","https://www.isc.org/blogs/2024-bind-security-release/","https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/","http://www.openwall.com/lists/oss-security/2024/02/16/2","http://www.openwall.com/lists/oss-security/2024/02/16/3","https://access.redhat.com/security/cve/CVE-2023-50387","https://bugzilla.suse.com/show_bug.cgi?id=1219823","https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","https://kb.isc.org/docs/cve-2023-50387","https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html","https://lists.debian.org/debian-lts-announce/2024/11/msg00035.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","https://news.ycombinator.com/item?id=39367411","https://news.ycombinator.com/item?id=39372384","https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","https://security.netapp.com/advisory/ntap-20240307-0007/","https://www.athene-center.de/aktuelles/key-trap","https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","https://www.isc.org/blogs/2024-bind-security-release/","https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/"],"published_time":"2024-02-14T16:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-50868","summary":"The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.11802,"ranking_epss":0.93713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2024/02/16/2","http://www.openwall.com/lists/oss-security/2024/02/16/3","https://access.redhat.com/security/cve/CVE-2023-50868","https://bugzilla.suse.com/show_bug.cgi?id=1219826","https://datatracker.ietf.org/doc/html/rfc5155","https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","https://kb.isc.org/docs/cve-2023-50868","https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","https://security.netapp.com/advisory/ntap-20240307-0008/","https://www.isc.org/blogs/2024-bind-security-release/","http://www.openwall.com/lists/oss-security/2024/02/16/2","http://www.openwall.com/lists/oss-security/2024/02/16/3","https://access.redhat.com/security/cve/CVE-2023-50868","https://bugzilla.suse.com/show_bug.cgi?id=1219826","https://datatracker.ietf.org/doc/html/rfc5155","https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","https://kb.isc.org/docs/cve-2023-50868","https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html","https://lists.debian.org/debian-lts-announce/2024/11/msg00035.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","https://security.netapp.com/advisory/ntap-20240307-0008/","https://www.isc.org/blogs/2024-bind-security-release/"],"published_time":"2024-02-14T16:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-1454","summary":"The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment.","cvss":3.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.4,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23723,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-1454","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898","https://bugzilla.redhat.com/show_bug.cgi?id=2263929","https://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9","https://access.redhat.com/security/cve/CVE-2024-1454","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898","https://bugzilla.redhat.com/show_bug.cgi?id=2263929","https://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OWIZ5ZLO5ECYPLSTESCF7I7PQO5X6ZSU/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJI2FWLY24EOPALQ43YPQEZMEP3APPPI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UECKC7X4IM4YZQ5KRQMNBNKNOXLZC7RZ/"],"published_time":"2024-02-12T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6681","summary":"A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08319,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:3267","https://access.redhat.com/errata/RHSA-2024:9281","https://access.redhat.com/security/cve/CVE-2023-6681","https://bugzilla.redhat.com/show_bug.cgi?id=2260843","https://access.redhat.com/errata/RHSA-2024:3267","https://access.redhat.com/security/cve/CVE-2023-6681","https://bugzilla.redhat.com/show_bug.cgi?id=2260843"],"published_time":"2024-02-12T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-1062","summary":"A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05653,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1074","https://access.redhat.com/errata/RHSA-2024:1372","https://access.redhat.com/errata/RHSA-2024:3047","https://access.redhat.com/errata/RHSA-2024:4209","https://access.redhat.com/errata/RHSA-2024:4633","https://access.redhat.com/errata/RHSA-2024:5690","https://access.redhat.com/errata/RHSA-2024:7458","https://access.redhat.com/errata/RHSA-2025:1632","https://access.redhat.com/security/cve/CVE-2024-1062","https://bugzilla.redhat.com/show_bug.cgi?id=2256711","https://bugzilla.redhat.com/show_bug.cgi?id=2261879","https://access.redhat.com/errata/RHSA-2024:1074","https://access.redhat.com/errata/RHSA-2024:1372","https://access.redhat.com/errata/RHSA-2024:3047","https://access.redhat.com/errata/RHSA-2024:4209","https://access.redhat.com/errata/RHSA-2024:4633","https://access.redhat.com/security/cve/CVE-2024-1062","https://bugzilla.redhat.com/show_bug.cgi?id=2256711","https://bugzilla.redhat.com/show_bug.cgi?id=2261879"],"published_time":"2024-02-12T13:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-1151","summary":"A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/errata/RHSA-2024:9315","https://access.redhat.com/security/cve/CVE-2024-1151","https://bugzilla.redhat.com/show_bug.cgi?id=2262241","https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2024-1151","https://bugzilla.redhat.com/show_bug.cgi?id=2262241","https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3LZROQAX7Q7LEP4F7WQ3KUZKWCZGFFP2/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GS7S3XLTLOUKBXV67LLFZWB3YVFJZHRK/","https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/"],"published_time":"2024-02-11T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0229","summary":"An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00321,"ranking_epss":0.55119,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:0557","https://access.redhat.com/errata/RHSA-2024:0558","https://access.redhat.com/errata/RHSA-2024:0597","https://access.redhat.com/errata/RHSA-2024:0607","https://access.redhat.com/errata/RHSA-2024:0614","https://access.redhat.com/errata/RHSA-2024:0617","https://access.redhat.com/errata/RHSA-2024:0621","https://access.redhat.com/errata/RHSA-2024:0626","https://access.redhat.com/errata/RHSA-2024:0629","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/errata/RHSA-2025:12751","https://access.redhat.com/security/cve/CVE-2024-0229","https://bugzilla.redhat.com/show_bug.cgi?id=2256690","https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:0557","https://access.redhat.com/errata/RHSA-2024:0558","https://access.redhat.com/errata/RHSA-2024:0597","https://access.redhat.com/errata/RHSA-2024:0607","https://access.redhat.com/errata/RHSA-2024:0614","https://access.redhat.com/errata/RHSA-2024:0617","https://access.redhat.com/errata/RHSA-2024:0621","https://access.redhat.com/errata/RHSA-2024:0626","https://access.redhat.com/errata/RHSA-2024:0629","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2024-0229","https://bugzilla.redhat.com/show_bug.cgi?id=2256690","https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/"],"published_time":"2024-02-09T07:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6356","summary":"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06077,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6356","https://bugzilla.redhat.com/show_bug.cgi?id=2254054","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6356","https://bugzilla.redhat.com/show_bug.cgi?id=2254054","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/","https://security.netapp.com/advisory/ntap-20240415-0002/"],"published_time":"2024-02-07T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6535","summary":"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07514,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6535","https://bugzilla.redhat.com/show_bug.cgi?id=2254053","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6535","https://bugzilla.redhat.com/show_bug.cgi?id=2254053","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/","https://security.netapp.com/advisory/ntap-20240415-0003/"],"published_time":"2024-02-07T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6536","summary":"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09989,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6536","https://bugzilla.redhat.com/show_bug.cgi?id=2254052","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:3810","https://access.redhat.com/security/cve/CVE-2023-6536","https://bugzilla.redhat.com/show_bug.cgi?id=2254052","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/","https://security.netapp.com/advisory/ntap-20240415-0001/"],"published_time":"2024-02-07T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-1048","summary":"A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01071,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2024-1048","https://bugzilla.redhat.com/show_bug.cgi?id=2256827","https://www.openwall.com/lists/oss-security/2024/02/06/3","http://www.openwall.com/lists/oss-security/2024/02/06/3","https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2024-1048","https://bugzilla.redhat.com/show_bug.cgi?id=2256827","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRZQCVZ3XOASVFT6XLO7F2ZXOLOHIJZQ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSJAEGRR3XHMBBBKYOVMII4P34IXEYPE/","https://security.netapp.com/advisory/ntap-20240223-0007/","https://www.openwall.com/lists/oss-security/2024/02/06/3"],"published_time":"2024-02-06T18:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0690","summary":"An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.20151,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0733","https://access.redhat.com/errata/RHSA-2024:2246","https://access.redhat.com/errata/RHSA-2024:3043","https://access.redhat.com/security/cve/CVE-2024-0690","https://bugzilla.redhat.com/show_bug.cgi?id=2259013","https://github.com/ansible/ansible/pull/82565","https://access.redhat.com/errata/RHSA-2024:0733","https://access.redhat.com/errata/RHSA-2024:2246","https://access.redhat.com/errata/RHSA-2024:3043","https://access.redhat.com/security/cve/CVE-2024-0690","https://bugzilla.redhat.com/show_bug.cgi?id=2259013","https://github.com/ansible/ansible/pull/82565","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZQGCRDSZL7ONCULMB6ZUHOE4L44KIBP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDYSWOCPZMNRU5LWKIEBW4WGWLMTU7WQ/","https://security.netapp.com/advisory/ntap-20250117-0001/"],"published_time":"2024-02-06T12:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4503","summary":"An improper initialization vulnerability was found in Galleon. When using Galleon to provision custom EAP or EAP-XP servers, the servers are created unsecured. This issue could allow an attacker to access remote HTTP services available from the server.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00191,"ranking_epss":0.40974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7637","https://access.redhat.com/errata/RHSA-2023:7638","https://access.redhat.com/errata/RHSA-2023:7639","https://access.redhat.com/errata/RHSA-2023:7641","https://access.redhat.com/security/cve/CVE-2023-4503","https://bugzilla.redhat.com/show_bug.cgi?id=2184751","https://access.redhat.com/errata/RHSA-2023:7637","https://access.redhat.com/errata/RHSA-2023:7638","https://access.redhat.com/errata/RHSA-2023:7639","https://access.redhat.com/errata/RHSA-2023:7641","https://access.redhat.com/security/cve/CVE-2023-4503","https://bugzilla.redhat.com/show_bug.cgi?id=2184751"],"published_time":"2024-02-06T09:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-50782","summary":"A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00855,"ranking_epss":0.74946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-50782","https://bugzilla.redhat.com/show_bug.cgi?id=2254432","https://access.redhat.com/security/cve/CVE-2023-50782","https://bugzilla.redhat.com/show_bug.cgi?id=2254432","https://www.couchbase.com/alerts/"],"published_time":"2024-02-05T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-50781","summary":"A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60675,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-50781","https://bugzilla.redhat.com/show_bug.cgi?id=2254426","https://access.redhat.com/security/cve/CVE-2023-50781","https://bugzilla.redhat.com/show_bug.cgi?id=2254426"],"published_time":"2024-02-05T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-7216","summary":"A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction process, the archiver could follow symlinks outside of the intended directory, which allows files to be written in arbitrary directories through symlinks.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-7216","https://bugzilla.redhat.com/show_bug.cgi?id=2249901","https://access.redhat.com/security/cve/CVE-2023-7216","https://bugzilla.redhat.com/show_bug.cgi?id=2249901"],"published_time":"2024-02-05T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6240","summary":"A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.2054,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1881","https://access.redhat.com/errata/RHSA-2024:1882","https://access.redhat.com/errata/RHSA-2024:2758","https://access.redhat.com/errata/RHSA-2024:3414","https://access.redhat.com/errata/RHSA-2024:3421","https://access.redhat.com/errata/RHSA-2024:3618","https://access.redhat.com/errata/RHSA-2024:3627","https://access.redhat.com/security/cve/CVE-2023-6240","https://bugzilla.redhat.com/show_bug.cgi?id=2250843","https://people.redhat.com/~hkario/marvin/","https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/","https://access.redhat.com/errata/RHSA-2024:1881","https://access.redhat.com/errata/RHSA-2024:1882","https://access.redhat.com/errata/RHSA-2024:2758","https://access.redhat.com/errata/RHSA-2024:3414","https://access.redhat.com/errata/RHSA-2024:3421","https://access.redhat.com/errata/RHSA-2024:3618","https://access.redhat.com/errata/RHSA-2024:3627","https://access.redhat.com/security/cve/CVE-2023-6240","https://bugzilla.redhat.com/show_bug.cgi?id=2250843","https://people.redhat.com/~hkario/marvin/","https://security.netapp.com/advisory/ntap-20240628-0002/","https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/"],"published_time":"2024-02-04T14:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5992","summary":"A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.","cvss":5.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.6,"cvss_v4":null,"epss":0.00257,"ranking_epss":0.49113,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0966","https://access.redhat.com/errata/RHSA-2024:0967","https://access.redhat.com/security/cve/CVE-2023-5992","https://bugzilla.redhat.com/show_bug.cgi?id=2248685","https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992","https://www.usenix.org/system/files/usenixsecurity24-shagam.pdf","https://access.redhat.com/errata/RHSA-2024:0966","https://access.redhat.com/errata/RHSA-2024:0967","https://access.redhat.com/security/cve/CVE-2023-5992","https://bugzilla.redhat.com/show_bug.cgi?id=2248685","https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OWIZ5ZLO5ECYPLSTESCF7I7PQO5X6ZSU/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJI2FWLY24EOPALQ43YPQEZMEP3APPPI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UECKC7X4IM4YZQ5KRQMNBNKNOXLZC7RZ/"],"published_time":"2024-01-31T14:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0914","summary":"A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00229,"ranking_epss":0.45643,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1239","https://access.redhat.com/errata/RHSA-2024:1411","https://access.redhat.com/errata/RHSA-2024:1608","https://access.redhat.com/errata/RHSA-2024:1856","https://access.redhat.com/errata/RHSA-2024:1992","https://access.redhat.com/security/cve/CVE-2024-0914","https://bugzilla.redhat.com/show_bug.cgi?id=2260407","https://people.redhat.com/~hkario/marvin/","https://access.redhat.com/errata/RHSA-2024:1239","https://access.redhat.com/errata/RHSA-2024:1411","https://access.redhat.com/errata/RHSA-2024:1608","https://access.redhat.com/errata/RHSA-2024:1856","https://access.redhat.com/errata/RHSA-2024:1992","https://access.redhat.com/security/cve/CVE-2024-0914","https://bugzilla.redhat.com/show_bug.cgi?id=2260407","https://people.redhat.com/~hkario/marvin/"],"published_time":"2024-01-31T05:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0564","summary":"A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is \"max page sharing=256\", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's \"max page share\". Through these operations, the attacker can leak the victim's page.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06108,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0564","https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513","https://bugzilla.redhat.com/show_bug.cgi?id=2258514","https://link.springer.com/conference/wisa","https://wisa.or.kr/accepted","https://access.redhat.com/security/cve/CVE-2024-0564","https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513","https://bugzilla.redhat.com/show_bug.cgi?id=2258514","https://link.springer.com/conference/wisa","https://wisa.or.kr/accepted"],"published_time":"2024-01-30T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40546","summary":"A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a crash under certain circumstances.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07059,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40546","https://bugzilla.redhat.com/show_bug.cgi?id=2241796","https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40546","https://bugzilla.redhat.com/show_bug.cgi?id=2241796","https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"],"published_time":"2024-01-29T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40549","summary":"An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07059,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40549","https://bugzilla.redhat.com/show_bug.cgi?id=2241797","https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40549","https://bugzilla.redhat.com/show_bug.cgi?id=2241797","https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"],"published_time":"2024-01-29T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40550","summary":"An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40550","https://bugzilla.redhat.com/show_bug.cgi?id=2259915","https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40550","https://bugzilla.redhat.com/show_bug.cgi?id=2259915","https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"],"published_time":"2024-01-29T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40551","summary":"A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03123,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40551","https://bugzilla.redhat.com/show_bug.cgi?id=2259918","https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40551","https://bugzilla.redhat.com/show_bug.cgi?id=2259918","https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"],"published_time":"2024-01-29T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0841","summary":"A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01434,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2024-0841","https://bugzilla.redhat.com/show_bug.cgi?id=2256490","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2024-0841","https://bugzilla.redhat.com/show_bug.cgi?id=2256490","https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"],"published_time":"2024-01-28T12:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6291","summary":"A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00181,"ranking_epss":0.39687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/errata/RHSA-2023:7860","https://access.redhat.com/errata/RHSA-2023:7861","https://access.redhat.com/errata/RHSA-2024:0798","https://access.redhat.com/errata/RHSA-2024:0799","https://access.redhat.com/errata/RHSA-2024:0800","https://access.redhat.com/errata/RHSA-2024:0801","https://access.redhat.com/errata/RHSA-2024:0804","https://access.redhat.com/security/cve/CVE-2023-6291","https://bugzilla.redhat.com/show_bug.cgi?id=2251407","https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/errata/RHSA-2023:7860","https://access.redhat.com/errata/RHSA-2023:7861","https://access.redhat.com/errata/RHSA-2024:0798","https://access.redhat.com/errata/RHSA-2024:0799","https://access.redhat.com/errata/RHSA-2024:0800","https://access.redhat.com/errata/RHSA-2024:0801","https://access.redhat.com/errata/RHSA-2024:0804","https://access.redhat.com/security/cve/CVE-2023-6291","https://bugzilla.redhat.com/show_bug.cgi?id=2251407"],"published_time":"2024-01-26T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-52356","summary":"A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00737,"ranking_epss":0.72823,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:5079","https://access.redhat.com/errata/RHSA-2025:20801","https://access.redhat.com/errata/RHSA-2025:21994","https://access.redhat.com/errata/RHSA-2025:23078","https://access.redhat.com/errata/RHSA-2025:23079","https://access.redhat.com/errata/RHSA-2025:23080","https://access.redhat.com/errata/RHSA-2026:3461","https://access.redhat.com/errata/RHSA-2026:3462","https://access.redhat.com/errata/RHSA-2026:5958","https://access.redhat.com/errata/RHSA-2026:7081","https://access.redhat.com/errata/RHSA-2026:7304","https://access.redhat.com/errata/RHSA-2026:7335","https://access.redhat.com/security/cve/CVE-2023-52356","https://bugzilla.redhat.com/show_bug.cgi?id=2251344","https://gitlab.com/libtiff/libtiff/-/issues/622","https://gitlab.com/libtiff/libtiff/-/merge_requests/546","http://seclists.org/fulldisclosure/2024/Jul/16","http://seclists.org/fulldisclosure/2024/Jul/17","http://seclists.org/fulldisclosure/2024/Jul/18","http://seclists.org/fulldisclosure/2024/Jul/19","http://seclists.org/fulldisclosure/2024/Jul/20","http://seclists.org/fulldisclosure/2024/Jul/21","http://seclists.org/fulldisclosure/2024/Jul/22","http://seclists.org/fulldisclosure/2024/Jul/23","https://access.redhat.com/security/cve/CVE-2023-52356","https://bugzilla.redhat.com/show_bug.cgi?id=2251344","https://gitlab.com/libtiff/libtiff/-/issues/622","https://gitlab.com/libtiff/libtiff/-/merge_requests/546","https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html","https://support.apple.com/kb/HT214116","https://support.apple.com/kb/HT214117","https://support.apple.com/kb/HT214118","https://support.apple.com/kb/HT214119","https://support.apple.com/kb/HT214120","https://support.apple.com/kb/HT214122","https://support.apple.com/kb/HT214123","https://support.apple.com/kb/HT214124"],"published_time":"2024-01-25T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-52355","summary":"An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01313,"ranking_epss":0.79817,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2025:20801","https://access.redhat.com/errata/RHSA-2025:21994","https://access.redhat.com/errata/RHSA-2025:23078","https://access.redhat.com/errata/RHSA-2025:23079","https://access.redhat.com/errata/RHSA-2025:23080","https://access.redhat.com/errata/RHSA-2026:3461","https://access.redhat.com/errata/RHSA-2026:3462","https://access.redhat.com/security/cve/CVE-2023-52355","https://bugzilla.redhat.com/show_bug.cgi?id=2251326","https://gitlab.com/libtiff/libtiff/-/issues/621","https://access.redhat.com/security/cve/CVE-2023-52355","https://bugzilla.redhat.com/show_bug.cgi?id=2251326","https://gitlab.com/libtiff/libtiff/-/issues/621"],"published_time":"2024-01-25T20:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40547","summary":"A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully.","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.04175,"ranking_epss":0.887,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40547","https://bugzilla.redhat.com/show_bug.cgi?id=2234589","http://www.openwall.com/lists/oss-security/2024/01/26/1","https://access.redhat.com/errata/RHSA-2024:1834","https://access.redhat.com/errata/RHSA-2024:1835","https://access.redhat.com/errata/RHSA-2024:1873","https://access.redhat.com/errata/RHSA-2024:1876","https://access.redhat.com/errata/RHSA-2024:1883","https://access.redhat.com/errata/RHSA-2024:1902","https://access.redhat.com/errata/RHSA-2024:1903","https://access.redhat.com/errata/RHSA-2024:1959","https://access.redhat.com/errata/RHSA-2024:2086","https://access.redhat.com/security/cve/CVE-2023-40547","https://bugzilla.redhat.com/show_bug.cgi?id=2234589","https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html"],"published_time":"2024-01-25T16:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0775","summary":"A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03194,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0775","https://bugzilla.redhat.com/show_bug.cgi?id=2259414","https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162","https://access.redhat.com/security/cve/CVE-2024-0775","https://bugzilla.redhat.com/show_bug.cgi?id=2259414","https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162"],"published_time":"2024-01-22T13:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6531","summary":"A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02099,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/security/cve/CVE-2023-6531","https://bugzilla.redhat.com/show_bug.cgi?id=2253034","https://lore.kernel.org/all/c716c88321939156909cfa1bd8b0faaf1c804103.1701868795.git.asml.silence@gmail.com/","http://packetstormsecurity.com/files/176533/Linux-Broken-Unix-GC-Interaction-Use-After-Free.html","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/security/cve/CVE-2023-6531","https://bugzilla.redhat.com/show_bug.cgi?id=2253034","https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","https://lore.kernel.org/all/c716c88321939156909cfa1bd8b0faaf1c804103.1701868795.git.asml.silence@gmail.com/"],"published_time":"2024-01-21T10:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0408","summary":"A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06473,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2024-0408","https://bugzilla.redhat.com/show_bug.cgi?id=2257689","https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2024-0408","https://bugzilla.redhat.com/show_bug.cgi?id=2257689","https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20240307-0006/"],"published_time":"2024-01-18T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0409","summary":"A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04809,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2024-0409","https://bugzilla.redhat.com/show_bug.cgi?id=2257690","https://access.redhat.com/errata/RHSA-2024:0320","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2024-0409","https://bugzilla.redhat.com/show_bug.cgi?id=2257690","https://lists.debian.org/debian-lts-announce/2024/01/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5J4H7CH565ALSZZYKOJFYDA5KFLG6NUK/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJBMCWQ54R6ZL3MYU2D2JBW6JMZL7BQW/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZ75X54CN4IFYMIV7OK3JVZ57FHQIGIC/","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20240307-0006/"],"published_time":"2024-01-18T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0607","summary":"A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05196,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0607","https://bugzilla.redhat.com/show_bug.cgi?id=2258635","https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63","https://access.redhat.com/security/cve/CVE-2024-0607","https://bugzilla.redhat.com/show_bug.cgi?id=2258635","https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63","https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"],"published_time":"2024-01-18T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0641","summary":"A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00547,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0641","https://bugzilla.redhat.com/show_bug.cgi?id=2258757","https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5","https://access.redhat.com/security/cve/CVE-2024-0641","https://bugzilla.redhat.com/show_bug.cgi?id=2258757","https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5"],"published_time":"2024-01-17T16:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0646","summary":"An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04079,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0850","https://access.redhat.com/errata/RHSA-2024:0851","https://access.redhat.com/errata/RHSA-2024:0876","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1251","https://access.redhat.com/errata/RHSA-2024:1253","https://access.redhat.com/errata/RHSA-2024:1268","https://access.redhat.com/errata/RHSA-2024:1269","https://access.redhat.com/errata/RHSA-2024:1278","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1368","https://access.redhat.com/errata/RHSA-2024:1377","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2024-0646","https://bugzilla.redhat.com/show_bug.cgi?id=2253908","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0850","https://access.redhat.com/errata/RHSA-2024:0851","https://access.redhat.com/errata/RHSA-2024:0876","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1251","https://access.redhat.com/errata/RHSA-2024:1253","https://access.redhat.com/errata/RHSA-2024:1268","https://access.redhat.com/errata/RHSA-2024:1269","https://access.redhat.com/errata/RHSA-2024:1278","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1368","https://access.redhat.com/errata/RHSA-2024:1377","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2024-0646","https://bugzilla.redhat.com/show_bug.cgi?id=2253908","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5a595000e267","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"],"published_time":"2024-01-17T16:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0639","summary":"A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00547,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0639","https://bugzilla.redhat.com/show_bug.cgi?id=2258754","https://github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a","https://access.redhat.com/security/cve/CVE-2024-0639","https://bugzilla.redhat.com/show_bug.cgi?id=2258754","https://github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a"],"published_time":"2024-01-17T16:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0232","summary":"A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0232","https://bugzilla.redhat.com/show_bug.cgi?id=2243754","https://access.redhat.com/security/cve/CVE-2024-0232","https://bugzilla.redhat.com/show_bug.cgi?id=2243754","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/","https://security.netapp.com/advisory/ntap-20240315-0007/"],"published_time":"2024-01-16T14:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0553","summary":"A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01029,"ranking_epss":0.77306,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0533","https://access.redhat.com/errata/RHSA-2024:0627","https://access.redhat.com/errata/RHSA-2024:0796","https://access.redhat.com/errata/RHSA-2024:1082","https://access.redhat.com/errata/RHSA-2024:1108","https://access.redhat.com/errata/RHSA-2024:1383","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2024-0553","https://bugzilla.redhat.com/show_bug.cgi?id=2258412","https://gitlab.com/gnutls/gnutls/-/issues/1522","https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html","http://www.openwall.com/lists/oss-security/2024/01/19/3","https://access.redhat.com/errata/RHSA-2024:0533","https://access.redhat.com/errata/RHSA-2024:0627","https://access.redhat.com/errata/RHSA-2024:0796","https://access.redhat.com/errata/RHSA-2024:1082","https://access.redhat.com/errata/RHSA-2024:1108","https://access.redhat.com/errata/RHSA-2024:1383","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2024-0553","https://bugzilla.redhat.com/show_bug.cgi?id=2258412","https://gitlab.com/gnutls/gnutls/-/issues/1522","https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/","https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html","https://security.netapp.com/advisory/ntap-20240202-0011/"],"published_time":"2024-01-16T12:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0562","summary":"A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03122,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/security/cve/CVE-2024-0562","https://bugzilla.redhat.com/show_bug.cgi?id=2258475","https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com/","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/security/cve/CVE-2024-0562","https://bugzilla.redhat.com/show_bug.cgi?id=2258475","https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com/"],"published_time":"2024-01-15T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4001","summary":"An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the \"/boot/\" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was introduced in a downstream patch in Red Hat's version of grub2 and does not affect the upstream package.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10935,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0437","https://access.redhat.com/errata/RHSA-2024:0456","https://access.redhat.com/errata/RHSA-2024:0468","https://access.redhat.com/security/cve/CVE-2023-4001","https://bugzilla.redhat.com/show_bug.cgi?id=2224951","https://dfir.ru/2024/01/15/cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager/","http://www.openwall.com/lists/oss-security/2024/01/15/3","https://access.redhat.com/errata/RHSA-2024:0437","https://access.redhat.com/errata/RHSA-2024:0456","https://access.redhat.com/errata/RHSA-2024:0468","https://access.redhat.com/security/cve/CVE-2023-4001","https://bugzilla.redhat.com/show_bug.cgi?id=2224951","https://dfir.ru/2024/01/15/cve-2023-4001-a-vulnerability-in-the-downstream-grub-boot-manager/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OBADMKHQLJOBA32Q7XPNSYMVHVAFDCB/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHLZQ47HM64NDOHMHYO7VIJFYD5ZPPYN/","https://security.netapp.com/advisory/ntap-20240216-0006/"],"published_time":"2024-01-15T11:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6915","summary":"A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01364,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6915","https://bugzilla.redhat.com/show_bug.cgi?id=2254982","https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6915","https://bugzilla.redhat.com/show_bug.cgi?id=2254982","https://github.com/torvalds/linux/commit/af73483f4e8b6f5c68c9aa63257bdd929a9c194a","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"],"published_time":"2024-01-15T10:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-23301","summary":"Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27681,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/rear/rear/issues/3122","https://github.com/rear/rear/pull/3123","https://lists.debian.org/debian-lts-announce/2024/02/msg00003.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JIN57LUPBI2GDJOK3PYXNHJTZT3AQTZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHKMPXJNXEJJE6EVYE5HM7EKEJFQMBN7/","https://github.com/rear/rear/issues/3122","https://github.com/rear/rear/pull/3123","https://lists.debian.org/debian-lts-announce/2024/02/msg00003.html","https://lists.debian.org/debian-lts-announce/2025/12/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JIN57LUPBI2GDJOK3PYXNHJTZT3AQTZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHKMPXJNXEJJE6EVYE5HM7EKEJFQMBN7/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7JIN57LUPBI2GDJOK3PYXNHJTZT3AQTZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHKMPXJNXEJJE6EVYE5HM7EKEJFQMBN7/"],"published_time":"2024-01-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6683","summary":"A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20764,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-6683","https://bugzilla.redhat.com/show_bug.cgi?id=2254825","https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-6683","https://bugzilla.redhat.com/show_bug.cgi?id=2254825","https://security.netapp.com/advisory/ntap-20240223-0001/"],"published_time":"2024-01-12T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0443","summary":"A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/security/cve/CVE-2024-0443","https://bugzilla.redhat.com/show_bug.cgi?id=2257968","https://lore.kernel.org/linux-block/20221215033132.230023-3-longman@redhat.com/","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/security/cve/CVE-2024-0443","https://bugzilla.redhat.com/show_bug.cgi?id=2257968","https://lore.kernel.org/linux-block/20221215033132.230023-3-longman@redhat.com/"],"published_time":"2024-01-12T00:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5455","summary":"A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00304,"ranking_epss":0.53649,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0137","https://access.redhat.com/errata/RHSA-2024:0138","https://access.redhat.com/errata/RHSA-2024:0139","https://access.redhat.com/errata/RHSA-2024:0140","https://access.redhat.com/errata/RHSA-2024:0141","https://access.redhat.com/errata/RHSA-2024:0142","https://access.redhat.com/errata/RHSA-2024:0143","https://access.redhat.com/errata/RHSA-2024:0144","https://access.redhat.com/errata/RHSA-2024:0145","https://access.redhat.com/security/cve/CVE-2023-5455","https://bugzilla.redhat.com/show_bug.cgi?id=2242828","https://www.freeipa.org/release-notes/4-10-3.html","https://www.freeipa.org/release-notes/4-11-1.html","https://www.freeipa.org/release-notes/4-6-10.html","https://www.freeipa.org/release-notes/4-9-14.html","https://access.redhat.com/errata/RHSA-2024:0137","https://access.redhat.com/errata/RHSA-2024:0138","https://access.redhat.com/errata/RHSA-2024:0139","https://access.redhat.com/errata/RHSA-2024:0140","https://access.redhat.com/errata/RHSA-2024:0141","https://access.redhat.com/errata/RHSA-2024:0142","https://access.redhat.com/errata/RHSA-2024:0143","https://access.redhat.com/errata/RHSA-2024:0144","https://access.redhat.com/errata/RHSA-2024:0145","https://access.redhat.com/errata/RHSA-2024:0252","https://access.redhat.com/security/cve/CVE-2023-5455","https://bugzilla.redhat.com/show_bug.cgi?id=2242828","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U76DAZZVY7V4XQBOOV5ETPTHW3A6MW5O/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFNUQH7IOHTKCTKQWFHONWGUBOUANL6I/","https://www.freeipa.org/release-notes/4-10-3.html","https://www.freeipa.org/release-notes/4-11-1.html","https://www.freeipa.org/release-notes/4-6-10.html","https://www.freeipa.org/release-notes/4-9-14.html"],"published_time":"2024-01-10T13:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6476","summary":"A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00299,"ranking_epss":0.53268,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0195","https://access.redhat.com/errata/RHSA-2024:0207","https://access.redhat.com/security/cve/CVE-2023-6476","https://bugzilla.redhat.com/show_bug.cgi?id=2253994","https://access.redhat.com/errata/RHSA-2024:0195","https://access.redhat.com/errata/RHSA-2024:0207","https://access.redhat.com/security/cve/CVE-2023-6476","https://bugzilla.redhat.com/show_bug.cgi?id=2253994"],"published_time":"2024-01-09T22:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3600","summary":"It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.36973,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600","https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90","https://ubuntu.com/security/notices/USN-5003-1","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600","https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90","https://ubuntu.com/security/notices/USN-5003-1"],"published_time":"2024-01-08T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0217","summary":"A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02114,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2024-0217","https://bugzilla.redhat.com/show_bug.cgi?id=2256624","https://github.com/PackageKit/PackageKit/commit/64278c9127e3333342b56ead99556161f7e86f79","https://access.redhat.com/security/cve/CVE-2024-0217","https://bugzilla.redhat.com/show_bug.cgi?id=2256624","https://github.com/PackageKit/PackageKit/commit/64278c9127e3333342b56ead99556161f7e86f79"],"published_time":"2024-01-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6004","summary":"A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.","cvss":4.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.8,"cvss_v4":null,"epss":0.00051,"ranking_epss":0.15852,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2504","https://access.redhat.com/errata/RHSA-2024:3233","https://access.redhat.com/security/cve/CVE-2023-6004","https://bugzilla.redhat.com/show_bug.cgi?id=2251110","https://www.libssh.org/security/advisories/CVE-2023-6004.txt","https://access.redhat.com/errata/RHSA-2024:2504","https://access.redhat.com/errata/RHSA-2024:3233","https://access.redhat.com/security/cve/CVE-2023-6004","https://bugzilla.redhat.com/show_bug.cgi?id=2251110","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","https://security.netapp.com/advisory/ntap-20240223-0004/","https://www.libssh.org/security/advisories/CVE-2023-6004.txt"],"published_time":"2024-01-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-7192","summary":"A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06169,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:1188","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-7192","https://bugzilla.redhat.com/show_bug.cgi?id=2256279","https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:1188","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-7192","https://bugzilla.redhat.com/show_bug.cgi?id=2256279","https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83"],"published_time":"2024-01-02T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-0193","summary":"A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1018","https://access.redhat.com/errata/RHSA-2024:1019","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:4412","https://access.redhat.com/errata/RHSA-2024:4415","https://access.redhat.com/security/cve/CVE-2024-0193","https://bugzilla.redhat.com/show_bug.cgi?id=2255653","https://access.redhat.com/errata/RHSA-2024:1018","https://access.redhat.com/errata/RHSA-2024:1019","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/errata/RHSA-2024:4412","https://access.redhat.com/errata/RHSA-2024:4415","https://access.redhat.com/security/cve/CVE-2024-0193","https://bugzilla.redhat.com/show_bug.cgi?id=2255653"],"published_time":"2024-01-02T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6693","summary":"A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.","cvss":4.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.9,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/errata/RHSA-2025:4492","https://access.redhat.com/security/cve/CVE-2023-6693","https://bugzilla.redhat.com/show_bug.cgi?id=2254580","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-6693","https://bugzilla.redhat.com/show_bug.cgi?id=2254580","https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y/","https://security.netapp.com/advisory/ntap-20240208-0004/"],"published_time":"2024-01-02T10:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3171","summary":"A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0018,"ranking_epss":0.39624,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5484","https://access.redhat.com/errata/RHSA-2023:5485","https://access.redhat.com/errata/RHSA-2023:5486","https://access.redhat.com/errata/RHSA-2023:5488","https://access.redhat.com/security/cve/CVE-2023-3171","https://bugzilla.redhat.com/show_bug.cgi?id=2213639","https://access.redhat.com/errata/RHSA-2023:5484","https://access.redhat.com/errata/RHSA-2023:5485","https://access.redhat.com/errata/RHSA-2023:5486","https://access.redhat.com/errata/RHSA-2023:5488","https://access.redhat.com/security/cve/CVE-2023-3171","https://bugzilla.redhat.com/show_bug.cgi?id=2213639"],"published_time":"2023-12-27T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4641","summary":"A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03249,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6632","https://access.redhat.com/errata/RHSA-2023:7112","https://access.redhat.com/errata/RHSA-2024:0417","https://access.redhat.com/errata/RHSA-2024:2577","https://access.redhat.com/security/cve/CVE-2023-4641","https://bugzilla.redhat.com/show_bug.cgi?id=2215945","https://access.redhat.com/errata/RHSA-2023:6632","https://access.redhat.com/errata/RHSA-2023:7112","https://access.redhat.com/errata/RHSA-2024:0417","https://access.redhat.com/errata/RHSA-2024:2577","https://access.redhat.com/security/cve/CVE-2023-4641","https://bugzilla.redhat.com/show_bug.cgi?id=2215945","https://lists.debian.org/debian-lts-announce/2025/04/msg00026.html"],"published_time":"2023-12-27T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-51767","summary":"OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges. NOTE: this is disputed by the Supplier, who states \"we do not consider it to be the application's responsibility to defend against platform architectural weaknesses.\"","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00437,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-51767","https://arxiv.org/abs/2309.02545","https://bugzilla.redhat.com/show_bug.cgi?id=2255850","https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77","https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878","https://security.netapp.com/advisory/ntap-20240125-0006/","https://ubuntu.com/security/CVE-2023-51767","https://www.openwall.com/lists/oss-security/2025/09/22/1","http://www.openwall.com/lists/oss-security/2025/09/22/1","http://www.openwall.com/lists/oss-security/2025/09/22/2","http://www.openwall.com/lists/oss-security/2025/09/23/1","http://www.openwall.com/lists/oss-security/2025/09/23/3","http://www.openwall.com/lists/oss-security/2025/09/23/4","http://www.openwall.com/lists/oss-security/2025/09/23/5","http://www.openwall.com/lists/oss-security/2025/09/24/4","http://www.openwall.com/lists/oss-security/2025/09/24/7","http://www.openwall.com/lists/oss-security/2025/09/25/2","http://www.openwall.com/lists/oss-security/2025/09/25/6","http://www.openwall.com/lists/oss-security/2025/09/26/2","http://www.openwall.com/lists/oss-security/2025/09/26/4","http://www.openwall.com/lists/oss-security/2025/09/27/1","http://www.openwall.com/lists/oss-security/2025/09/27/2","http://www.openwall.com/lists/oss-security/2025/09/27/3","http://www.openwall.com/lists/oss-security/2025/09/27/4","http://www.openwall.com/lists/oss-security/2025/09/27/5","http://www.openwall.com/lists/oss-security/2025/09/27/6","http://www.openwall.com/lists/oss-security/2025/09/27/7","http://www.openwall.com/lists/oss-security/2025/09/28/7","http://www.openwall.com/lists/oss-security/2025/09/29/1","http://www.openwall.com/lists/oss-security/2025/09/29/4","http://www.openwall.com/lists/oss-security/2025/09/29/5","http://www.openwall.com/lists/oss-security/2025/09/29/6","http://www.openwall.com/lists/oss-security/2025/10/01/1","http://www.openwall.com/lists/oss-security/2025/10/01/2","https://access.redhat.com/security/cve/CVE-2023-51767","https://arxiv.org/abs/2309.02545","https://bugzilla.redhat.com/show_bug.cgi?id=2255850","https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77","https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878","https://security.netapp.com/advisory/ntap-20240125-0006/","https://ubuntu.com/security/CVE-2023-51767"],"published_time":"2023-12-24T07:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-51765","summary":"sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00837,"ranking_epss":0.7465,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/12/24/1","http://www.openwall.com/lists/oss-security/2023/12/25/1","http://www.openwall.com/lists/oss-security/2023/12/26/5","http://www.openwall.com/lists/oss-security/2023/12/29/5","http://www.openwall.com/lists/oss-security/2023/12/30/1","http://www.openwall.com/lists/oss-security/2023/12/30/3","https://access.redhat.com/security/cve/CVE-2023-51765","https://bugzilla.redhat.com/show_bug.cgi?id=2255869","https://bugzilla.suse.com/show_bug.cgi?id=1218351","https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html","https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc","https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html","https://lwn.net/Articles/956533/","https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/","https://www.openwall.com/lists/oss-security/2023/12/21/7","https://www.openwall.com/lists/oss-security/2023/12/22/7","https://www.youtube.com/watch?v=V8KPV96g1To","http://www.openwall.com/lists/oss-security/2023/12/24/1","http://www.openwall.com/lists/oss-security/2023/12/25/1","http://www.openwall.com/lists/oss-security/2023/12/26/5","http://www.openwall.com/lists/oss-security/2023/12/29/5","http://www.openwall.com/lists/oss-security/2023/12/30/1","http://www.openwall.com/lists/oss-security/2023/12/30/3","https://access.redhat.com/security/cve/CVE-2023-51765","https://bugzilla.redhat.com/show_bug.cgi?id=2255869","https://bugzilla.suse.com/show_bug.cgi?id=1218351","https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html","https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc","https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html","https://lwn.net/Articles/956533/","https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/","https://www.openwall.com/lists/oss-security/2023/12/21/7","https://www.openwall.com/lists/oss-security/2023/12/22/7","https://www.youtube.com/watch?v=V8KPV96g1To"],"published_time":"2023-12-24T06:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-51764","summary":"Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.27062,"ranking_epss":0.96374,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/12/24/1","http://www.openwall.com/lists/oss-security/2023/12/25/1","http://www.openwall.com/lists/oss-security/2024/05/09/3","https://access.redhat.com/security/cve/CVE-2023-51764","https://bugzilla.redhat.com/show_bug.cgi?id=2255563","https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html","https://github.com/duy-31/CVE-2023-51764","https://github.com/eeenvik1/CVE-2023-51764","https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/","https://lwn.net/Articles/956533/","https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/","https://www.openwall.com/lists/oss-security/2024/01/22/1","https://www.postfix.org/announcements/postfix-3.8.5.html","https://www.postfix.org/smtp-smuggling.html","https://www.youtube.com/watch?v=V8KPV96g1To","http://www.openwall.com/lists/oss-security/2023/12/24/1","http://www.openwall.com/lists/oss-security/2023/12/25/1","http://www.openwall.com/lists/oss-security/2024/05/09/3","https://access.redhat.com/security/cve/CVE-2023-51764","https://bugzilla.redhat.com/show_bug.cgi?id=2255563","https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html","https://github.com/duy-31/CVE-2023-51764","https://github.com/eeenvik1/CVE-2023-51764","https://lists.debian.org/debian-lts-announce/2024/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQ5WXFCW2N6G2PH3JXDTYW5PH5EBQEGO/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRLF5SOS7TP5N7FQSEK2NFNB44ISVTZC/","https://lwn.net/Articles/956533/","https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/","https://www.openwall.com/lists/oss-security/2024/01/22/1","https://www.postfix.org/announcements/postfix-3.8.5.html","https://www.postfix.org/smtp-smuggling.html","https://www.youtube.com/watch?v=V8KPV96g1To"],"published_time":"2023-12-24T05:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6546","summary":"A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00328,"ranking_epss":0.55822,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0930","https://access.redhat.com/errata/RHSA-2024:0937","https://access.redhat.com/errata/RHSA-2024:1018","https://access.redhat.com/errata/RHSA-2024:1019","https://access.redhat.com/errata/RHSA-2024:1055","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1253","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1607","https://access.redhat.com/errata/RHSA-2024:1612","https://access.redhat.com/errata/RHSA-2024:1614","https://access.redhat.com/errata/RHSA-2024:2093","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2621","https://access.redhat.com/errata/RHSA-2024:2697","https://access.redhat.com/errata/RHSA-2024:4577","https://access.redhat.com/errata/RHSA-2024:4729","https://access.redhat.com/errata/RHSA-2024:4731","https://access.redhat.com/errata/RHSA-2024:4970","https://access.redhat.com/security/cve/CVE-2023-6546","https://bugzilla.redhat.com/show_bug.cgi?id=2255498","https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527","http://www.openwall.com/lists/oss-security/2024/04/10/18","http://www.openwall.com/lists/oss-security/2024/04/10/21","http://www.openwall.com/lists/oss-security/2024/04/11/7","http://www.openwall.com/lists/oss-security/2024/04/11/9","http://www.openwall.com/lists/oss-security/2024/04/12/1","http://www.openwall.com/lists/oss-security/2024/04/12/2","http://www.openwall.com/lists/oss-security/2024/04/16/2","http://www.openwall.com/lists/oss-security/2024/04/17/1","https://access.redhat.com/errata/RHSA-2024:0930","https://access.redhat.com/errata/RHSA-2024:0937","https://access.redhat.com/errata/RHSA-2024:1018","https://access.redhat.com/errata/RHSA-2024:1019","https://access.redhat.com/errata/RHSA-2024:1055","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1253","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1607","https://access.redhat.com/errata/RHSA-2024:1612","https://access.redhat.com/errata/RHSA-2024:1614","https://access.redhat.com/errata/RHSA-2024:2093","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2621","https://access.redhat.com/errata/RHSA-2024:2697","https://access.redhat.com/errata/RHSA-2024:4577","https://access.redhat.com/errata/RHSA-2024:4729","https://access.redhat.com/errata/RHSA-2024:4731","https://access.redhat.com/security/cve/CVE-2023-6546","https://bugzilla.redhat.com/show_bug.cgi?id=2255498","https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"],"published_time":"2023-12-21T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2585","summary":"Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client.","cvss":3.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.5,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29744,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/security/cve/CVE-2023-2585","https://bugzilla.redhat.com/show_bug.cgi?id=2196335","https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/security/cve/CVE-2023-2585","https://bugzilla.redhat.com/show_bug.cgi?id=2196335"],"published_time":"2023-12-21T10:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6918","summary":"A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection.","cvss":3.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00363,"ranking_epss":0.58397,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2504","https://access.redhat.com/errata/RHSA-2024:3233","https://access.redhat.com/security/cve/CVE-2023-6918","https://bugzilla.redhat.com/show_bug.cgi?id=2254997","https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/","https://www.libssh.org/security/advisories/CVE-2023-6918.txt","https://access.redhat.com/errata/RHSA-2024:2504","https://access.redhat.com/errata/RHSA-2024:3233","https://access.redhat.com/security/cve/CVE-2023-6918","https://bugzilla.redhat.com/show_bug.cgi?id=2254997","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","https://security.netapp.com/advisory/ntap-20250214-0009/","https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/","https://www.libssh.org/security/advisories/CVE-2023-6918.txt"],"published_time":"2023-12-19T00:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-48795","summary":"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.5673,"ranking_epss":0.98129,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html","http://seclists.org/fulldisclosure/2024/Mar/21","http://www.openwall.com/lists/oss-security/2023/12/18/3","http://www.openwall.com/lists/oss-security/2023/12/19/5","http://www.openwall.com/lists/oss-security/2023/12/20/3","http://www.openwall.com/lists/oss-security/2024/03/06/3","http://www.openwall.com/lists/oss-security/2024/04/17/8","https://access.redhat.com/security/cve/cve-2023-48795","https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/","https://bugs.gentoo.org/920280","https://bugzilla.redhat.com/show_bug.cgi?id=2254210","https://bugzilla.suse.com/show_bug.cgi?id=1217950","https://crates.io/crates/thrussh/versions","https://filezilla-project.org/versions.php","https://forum.netgate.com/topic/184941/terrapin-ssh-attack","https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6","https://github.com/NixOS/nixpkgs/pull/275249","https://github.com/PowerShell/Win32-OpenSSH/issues/2189","https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta","https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0","https://github.com/TeraTermProject/teraterm/releases/tag/v5.1","https://github.com/advisories/GHSA-45x7-px36-x8w8","https://github.com/apache/mina-sshd/issues/445","https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab","https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22","https://github.com/cyd01/KiTTY/issues/520","https://github.com/drakkan/sftpgo/releases/tag/v2.5.6","https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42","https://github.com/erlang/otp/releases/tag/OTP-26.2.1","https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d","https://github.com/hierynomus/sshj/issues/916","https://github.com/janmojzis/tinyssh/issues/81","https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5","https://github.com/libssh2/libssh2/pull/1291","https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25","https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3","https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15","https://github.com/mwiede/jsch/issues/457","https://github.com/mwiede/jsch/pull/461","https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16","https://github.com/openssh/openssh-portable/commits/master","https://github.com/paramiko/paramiko/issues/2337","https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES","https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES","https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES","https://github.com/proftpd/proftpd/issues/456","https://github.com/rapier1/hpn-ssh/releases","https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst","https://github.com/ronf/asyncssh/tags","https://github.com/ssh-mitm/ssh-mitm/issues/165","https://github.com/warp-tech/russh/releases/tag/v0.40.2","https://gitlab.com/libssh/libssh-mirror/-/tags","https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ","https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg","https://help.panic.com/releasenotes/transmit5/","https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/","https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html","https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/","https://matt.ucc.asn.au/dropbear/CHANGES","https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC","https://news.ycombinator.com/item?id=38684904","https://news.ycombinator.com/item?id=38685286","https://news.ycombinator.com/item?id=38732005","https://nova.app/releases/#v11.8","https://oryx-embedded.com/download/#changelog","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002","https://roumenpetrov.info/secsh/#news20231220","https://security-tracker.debian.org/tracker/CVE-2023-48795","https://security-tracker.debian.org/tracker/source-package/libssh2","https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg","https://security-tracker.debian.org/tracker/source-package/trilead-ssh2","https://security.gentoo.org/glsa/202312-16","https://security.gentoo.org/glsa/202312-17","https://security.netapp.com/advisory/ntap-20240105-0004/","https://support.apple.com/kb/HT214084","https://thorntech.com/cve-2023-48795-and-sftp-gateway/","https://twitter.com/TrueSkrillor/status/1736774389725565005","https://ubuntu.com/security/CVE-2023-48795","https://winscp.net/eng/docs/history#6.2.2","https://www.bitvise.com/ssh-client-version-history#933","https://www.bitvise.com/ssh-server-version-history","https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update","https://www.debian.org/security/2023/dsa-5586","https://www.debian.org/security/2023/dsa-5588","https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc","https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508","https://www.netsarang.com/en/xshell-update-history/","https://www.openssh.com/openbsd.html","https://www.openssh.com/txt/release-9.6","https://www.openwall.com/lists/oss-security/2023/12/18/2","https://www.openwall.com/lists/oss-security/2023/12/20/3","https://www.paramiko.org/changelog.html","https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/","https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/","https://www.terrapin-attack.com","https://www.theregister.com/2023/12/20/terrapin_attack_ssh","https://www.vandyke.com/products/securecrt/history.txt","http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html","http://seclists.org/fulldisclosure/2024/Mar/21","http://www.openwall.com/lists/oss-security/2023/12/18/3","http://www.openwall.com/lists/oss-security/2023/12/19/5","http://www.openwall.com/lists/oss-security/2023/12/20/3","http://www.openwall.com/lists/oss-security/2024/03/06/3","http://www.openwall.com/lists/oss-security/2024/04/17/8","https://access.redhat.com/security/cve/cve-2023-48795","https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/","https://bugs.gentoo.org/920280","https://bugzilla.redhat.com/show_bug.cgi?id=2254210","https://bugzilla.suse.com/show_bug.cgi?id=1217950","https://crates.io/crates/thrussh/versions","https://filezilla-project.org/versions.php","https://forum.netgate.com/topic/184941/terrapin-ssh-attack","https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6","https://github.com/NixOS/nixpkgs/pull/275249","https://github.com/PowerShell/Win32-OpenSSH/issues/2189","https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta","https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0","https://github.com/TeraTermProject/teraterm/releases/tag/v5.1","https://github.com/advisories/GHSA-45x7-px36-x8w8","https://github.com/apache/mina-sshd/issues/445","https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab","https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22","https://github.com/cyd01/KiTTY/issues/520","https://github.com/drakkan/sftpgo/releases/tag/v2.5.6","https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42","https://github.com/erlang/otp/releases/tag/OTP-26.2.1","https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d","https://github.com/hierynomus/sshj/issues/916","https://github.com/janmojzis/tinyssh/issues/81","https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5","https://github.com/libssh2/libssh2/pull/1291","https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25","https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3","https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15","https://github.com/mwiede/jsch/issues/457","https://github.com/mwiede/jsch/pull/461","https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16","https://github.com/openssh/openssh-portable/commits/master","https://github.com/paramiko/paramiko/issues/2337","https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES","https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES","https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES","https://github.com/proftpd/proftpd/issues/456","https://github.com/rapier1/hpn-ssh/releases","https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst","https://github.com/ronf/asyncssh/tags","https://github.com/ssh-mitm/ssh-mitm/issues/165","https://github.com/warp-tech/russh/releases/tag/v0.40.2","https://gitlab.com/libssh/libssh-mirror/-/tags","https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ","https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg","https://help.panic.com/releasenotes/transmit5/","https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/","https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html","https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html","https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html","https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","https://matt.ucc.asn.au/dropbear/CHANGES","https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC","https://news.ycombinator.com/item?id=38684904","https://news.ycombinator.com/item?id=38685286","https://news.ycombinator.com/item?id=38732005","https://nova.app/releases/#v11.8","https://oryx-embedded.com/download/#changelog","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002","https://roumenpetrov.info/secsh/#news20231220","https://security-tracker.debian.org/tracker/CVE-2023-48795","https://security-tracker.debian.org/tracker/source-package/libssh2","https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg","https://security-tracker.debian.org/tracker/source-package/trilead-ssh2","https://security.gentoo.org/glsa/202312-16","https://security.gentoo.org/glsa/202312-17","https://security.netapp.com/advisory/ntap-20240105-0004/","https://support.apple.com/kb/HT214084","https://thorntech.com/cve-2023-48795-and-sftp-gateway/","https://twitter.com/TrueSkrillor/status/1736774389725565005","https://ubuntu.com/security/CVE-2023-48795","https://winscp.net/eng/docs/history#6.2.2","https://www.bitvise.com/ssh-client-version-history#933","https://www.bitvise.com/ssh-server-version-history","https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update","https://www.debian.org/security/2023/dsa-5586","https://www.debian.org/security/2023/dsa-5588","https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc","https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508","https://www.netsarang.com/en/xshell-update-history/","https://www.openssh.com/openbsd.html","https://www.openssh.com/txt/release-9.6","https://www.openwall.com/lists/oss-security/2023/12/18/2","https://www.openwall.com/lists/oss-security/2023/12/20/3","https://www.paramiko.org/changelog.html","https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/","https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/","https://www.terrapin-attack.com","https://www.theregister.com/2023/12/20/terrapin_attack_ssh","https://www.vandyke.com/products/securecrt/history.txt","https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit","https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"],"published_time":"2023-12-18T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6228","summary":"An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/errata/RHSA-2024:5079","https://access.redhat.com/security/cve/CVE-2023-6228","https://bugzilla.redhat.com/show_bug.cgi?id=2240995","https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/security/cve/CVE-2023-6228","https://bugzilla.redhat.com/show_bug.cgi?id=2240995"],"published_time":"2023-12-18T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5056","summary":"A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15301,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6219","https://access.redhat.com/security/cve/CVE-2023-5056","https://bugzilla.redhat.com/show_bug.cgi?id=2239517","https://access.redhat.com/errata/RHSA-2023:6219","https://access.redhat.com/security/cve/CVE-2023-5056","https://bugzilla.redhat.com/show_bug.cgi?id=2239517"],"published_time":"2023-12-18T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5115","summary":"An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00716,"ranking_epss":0.72376,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5701","https://access.redhat.com/errata/RHSA-2023:5758","https://access.redhat.com/security/cve/CVE-2023-5115","https://bugzilla.redhat.com/show_bug.cgi?id=2233810","https://access.redhat.com/errata/RHSA-2023:5701","https://access.redhat.com/errata/RHSA-2023:5758","https://access.redhat.com/security/cve/CVE-2023-5115","https://bugzilla.redhat.com/show_bug.cgi?id=2233810","https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"],"published_time":"2023-12-18T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-47038","summary":"A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.28964,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2228","https://access.redhat.com/errata/RHSA-2024:3128","https://access.redhat.com/security/cve/CVE-2023-47038","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746","https://bugzilla.redhat.com/show_bug.cgi?id=2249523","https://access.redhat.com/errata/RHSA-2024:2228","https://access.redhat.com/errata/RHSA-2024:3128","https://access.redhat.com/security/cve/CVE-2023-47038","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746","https://bugzilla.redhat.com/show_bug.cgi?id=2249523","https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010","https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6","https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3","https://github.com/aquasecurity/trivy/discussions/8400","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMDZZ4SCEW6FRWZDMXGAKZ35THTAWFG6/","https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property","https://ubuntu.com/security/CVE-2023-47100","https://www.suse.com/security/cve/CVE-2023-47100.html"],"published_time":"2023-12-18T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6134","summary":"A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748.","cvss":4.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.6,"cvss_v4":null,"epss":0.02468,"ranking_epss":0.85263,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/errata/RHSA-2023:7860","https://access.redhat.com/errata/RHSA-2023:7861","https://access.redhat.com/errata/RHSA-2024:0798","https://access.redhat.com/errata/RHSA-2024:0799","https://access.redhat.com/errata/RHSA-2024:0800","https://access.redhat.com/errata/RHSA-2024:0801","https://access.redhat.com/errata/RHSA-2024:0804","https://access.redhat.com/security/cve/CVE-2023-6134","https://bugzilla.redhat.com/show_bug.cgi?id=2249673","https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/errata/RHSA-2023:7860","https://access.redhat.com/errata/RHSA-2023:7861","https://access.redhat.com/errata/RHSA-2024:0798","https://access.redhat.com/errata/RHSA-2024:0799","https://access.redhat.com/errata/RHSA-2024:0800","https://access.redhat.com/errata/RHSA-2024:0801","https://access.redhat.com/errata/RHSA-2024:0804","https://access.redhat.com/security/cve/CVE-2023-6134","https://bugzilla.redhat.com/show_bug.cgi?id=2249673"],"published_time":"2023-12-14T22:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6563","summary":"An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the \"consents\" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system.","cvss":7.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00539,"ranking_epss":0.67601,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/security/cve/CVE-2023-6563","https://bugzilla.redhat.com/show_bug.cgi?id=2253308","https://github.com/keycloak/keycloak/issues/13340","https://access.redhat.com/errata/RHSA-2023:7854","https://access.redhat.com/errata/RHSA-2023:7855","https://access.redhat.com/errata/RHSA-2023:7856","https://access.redhat.com/errata/RHSA-2023:7857","https://access.redhat.com/errata/RHSA-2023:7858","https://access.redhat.com/security/cve/CVE-2023-6563","https://bugzilla.redhat.com/show_bug.cgi?id=2253308","https://github.com/keycloak/keycloak/issues/13340"],"published_time":"2023-12-14T18:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6478","summary":"A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.","cvss":7.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.6,"cvss_v4":null,"epss":0.01208,"ranking_epss":0.78971,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7886","https://access.redhat.com/errata/RHSA-2024:0006","https://access.redhat.com/errata/RHSA-2024:0009","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0014","https://access.redhat.com/errata/RHSA-2024:0015","https://access.redhat.com/errata/RHSA-2024:0016","https://access.redhat.com/errata/RHSA-2024:0017","https://access.redhat.com/errata/RHSA-2024:0018","https://access.redhat.com/errata/RHSA-2024:0020","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/errata/RHSA-2025:12751","https://access.redhat.com/security/cve/CVE-2023-6478","https://bugzilla.redhat.com/show_bug.cgi?id=2253298","https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632","https://lists.x.org/archives/xorg-announce/2023-December/003435.html","http://www.openwall.com/lists/oss-security/2023/12/13/1","https://access.redhat.com/errata/RHSA-2023:7886","https://access.redhat.com/errata/RHSA-2024:0006","https://access.redhat.com/errata/RHSA-2024:0009","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0014","https://access.redhat.com/errata/RHSA-2024:0015","https://access.redhat.com/errata/RHSA-2024:0016","https://access.redhat.com/errata/RHSA-2024:0017","https://access.redhat.com/errata/RHSA-2024:0018","https://access.redhat.com/errata/RHSA-2024:0020","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2023-6478","https://bugzilla.redhat.com/show_bug.cgi?id=2253298","https://gitlab.freedesktop.org/xorg/xserver/-/commit/14f480010a93ff962fef66a16412fafff81ad632","https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R63Z6GIWM3YUNZRCGFODUXLW3GY2HD6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/","https://lists.x.org/archives/xorg-announce/2023-December/003435.html","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20240125-0003/","https://www.debian.org/security/2023/dsa-5576"],"published_time":"2023-12-13T07:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6377","summary":"A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00411,"ranking_epss":0.61422,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7886","https://access.redhat.com/errata/RHSA-2024:0006","https://access.redhat.com/errata/RHSA-2024:0009","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0014","https://access.redhat.com/errata/RHSA-2024:0015","https://access.redhat.com/errata/RHSA-2024:0016","https://access.redhat.com/errata/RHSA-2024:0017","https://access.redhat.com/errata/RHSA-2024:0018","https://access.redhat.com/errata/RHSA-2024:0020","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/errata/RHSA-2025:13998","https://access.redhat.com/security/cve/CVE-2023-6377","https://bugzilla.redhat.com/show_bug.cgi?id=2253291","https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd","https://lists.x.org/archives/xorg-announce/2023-December/003435.html","http://www.openwall.com/lists/oss-security/2023/12/13/1","https://access.redhat.com/errata/RHSA-2023:7886","https://access.redhat.com/errata/RHSA-2024:0006","https://access.redhat.com/errata/RHSA-2024:0009","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0014","https://access.redhat.com/errata/RHSA-2024:0015","https://access.redhat.com/errata/RHSA-2024:0016","https://access.redhat.com/errata/RHSA-2024:0017","https://access.redhat.com/errata/RHSA-2024:0018","https://access.redhat.com/errata/RHSA-2024:0020","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2023-6377","https://bugzilla.redhat.com/show_bug.cgi?id=2253291","https://gitlab.freedesktop.org/xorg/xserver/-/commit/0c1a93d319558fe3ab2d94f51d174b4f93810afd","https://lists.debian.org/debian-lts-announce/2023/12/msg00008.html","https://lists.debian.org/debian-lts-announce/2023/12/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R63Z6GIWM3YUNZRCGFODUXLW3GY2HD6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7PP47YXKM5ETLCYEF6473R3VFCJ6QT2S/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFHV5KCQ2SVOD4QMCPZ5HC6YL44L7YJD/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJDFWDB7EQVZA45XDP7L5WRSRWS6RVRR/","https://lists.x.org/archives/xorg-announce/2023-December/003435.html","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20240125-0003/","https://www.debian.org/security/2023/dsa-5576"],"published_time":"2023-12-13T07:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5764","summary":"A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00071,"ranking_epss":0.21603,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7773","https://access.redhat.com/security/cve/CVE-2023-5764","https://bugzilla.redhat.com/show_bug.cgi?id=2247629","https://access.redhat.com/errata/RHSA-2023:7773","https://access.redhat.com/security/cve/CVE-2023-5764","https://bugzilla.redhat.com/show_bug.cgi?id=2247629","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7Q6CHPVCHMZS5M7V22GOKFSXZAQ24EU/","https://security.netapp.com/advisory/ntap-20241025-0001/"],"published_time":"2023-12-12T22:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6710","summary":"A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.0107,"ranking_epss":0.77729,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:1316","https://access.redhat.com/errata/RHSA-2024:1317","https://access.redhat.com/errata/RHSA-2024:2387","https://access.redhat.com/security/cve/CVE-2023-6710","https://bugzilla.redhat.com/show_bug.cgi?id=2254128","https://access.redhat.com/errata/RHSA-2024:1316","https://access.redhat.com/errata/RHSA-2024:1317","https://access.redhat.com/errata/RHSA-2024:2387","https://access.redhat.com/security/cve/CVE-2023-6710","https://bugzilla.redhat.com/show_bug.cgi?id=2254128"],"published_time":"2023-12-12T22:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6679","summary":"A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the  Linux kernel. This issue could be exploited to trigger a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/security/cve/CVE-2023-6679","https://bugzilla.redhat.com/show_bug.cgi?id=2253986","https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/","https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/security/cve/CVE-2023-6679","https://bugzilla.redhat.com/show_bug.cgi?id=2253986","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBVHM4LGMFIHBN4UBESYRFMYX3WUICV5/","https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/"],"published_time":"2023-12-11T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5868","summary":"A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.02718,"ranking_epss":0.8593,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5868","https://bugzilla.redhat.com/show_bug.cgi?id=2247168","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5868/","https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5868","https://bugzilla.redhat.com/show_bug.cgi?id=2247168","https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html","https://security.netapp.com/advisory/ntap-20240119-0003/","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5868/"],"published_time":"2023-12-10T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5869","summary":"A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.01608,"ranking_epss":0.81745,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7771","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7778","https://access.redhat.com/errata/RHSA-2023:7783","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7786","https://access.redhat.com/errata/RHSA-2023:7788","https://access.redhat.com/errata/RHSA-2023:7789","https://access.redhat.com/errata/RHSA-2023:7790","https://access.redhat.com/errata/RHSA-2023:7878","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5869","https://bugzilla.redhat.com/show_bug.cgi?id=2247169","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5869/","https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7771","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7778","https://access.redhat.com/errata/RHSA-2023:7783","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7786","https://access.redhat.com/errata/RHSA-2023:7788","https://access.redhat.com/errata/RHSA-2023:7789","https://access.redhat.com/errata/RHSA-2023:7790","https://access.redhat.com/errata/RHSA-2023:7878","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5869","https://bugzilla.redhat.com/show_bug.cgi?id=2247169","https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html","https://security.netapp.com/advisory/ntap-20240119-0003/","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5869/"],"published_time":"2023-12-10T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5870","summary":"A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.","cvss":2.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.2,"cvss_v4":null,"epss":0.00621,"ranking_epss":0.7007,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5870","https://bugzilla.redhat.com/show_bug.cgi?id=2247170","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5870/","https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-5870","https://bugzilla.redhat.com/show_bug.cgi?id=2247170","https://lists.debian.org/debian-lts-announce/2023/11/msg00007.html","https://security.netapp.com/advisory/ntap-20240119-0003/","https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/","https://www.postgresql.org/support/security/CVE-2023-5870/"],"published_time":"2023-12-10T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6622","summary":"A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6622","https://bugzilla.redhat.com/show_bug.cgi?id=2253632","https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6622","https://bugzilla.redhat.com/show_bug.cgi?id=2253632","https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/"],"published_time":"2023-12-08T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6606","summary":"An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00794,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1188","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2023-6606","https://bugzilla.kernel.org/show_bug.cgi?id=218218","https://bugzilla.redhat.com/show_bug.cgi?id=2253611","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1188","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2023-6606","https://bugzilla.kernel.org/show_bug.cgi?id=218218","https://bugzilla.redhat.com/show_bug.cgi?id=2253611","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"],"published_time":"2023-12-08T17:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6610","summary":"An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01177,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2023-6610","https://bugzilla.kernel.org/show_bug.cgi?id=218219","https://bugzilla.redhat.com/show_bug.cgi?id=2253614","https://access.redhat.com/errata/RHSA-2024:0723","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/errata/RHSA-2024:0725","https://access.redhat.com/errata/RHSA-2024:0881","https://access.redhat.com/errata/RHSA-2024:0897","https://access.redhat.com/errata/RHSA-2024:1248","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:2094","https://access.redhat.com/security/cve/CVE-2023-6610","https://bugzilla.kernel.org/show_bug.cgi?id=218219","https://bugzilla.redhat.com/show_bug.cgi?id=2253614"],"published_time":"2023-12-08T17:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5871","summary":"A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11048,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2204","https://access.redhat.com/security/cve/CVE-2023-5871","https://bugzilla.redhat.com/show_bug.cgi?id=2247308","https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/PFVUCMPFQUDC23JXSCUUPXIGDZ7XCFMD/","https://access.redhat.com/errata/RHSA-2024:2204","https://access.redhat.com/security/cve/CVE-2023-5871","https://bugzilla.redhat.com/show_bug.cgi?id=2247308","https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/PFVUCMPFQUDC23JXSCUUPXIGDZ7XCFMD/"],"published_time":"2023-11-27T12:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6277","summary":"An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0375,"ranking_epss":0.88028,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-6277","https://bugzilla.redhat.com/show_bug.cgi?id=2251311","https://gitlab.com/libtiff/libtiff/-/issues/614","https://gitlab.com/libtiff/libtiff/-/merge_requests/545","http://seclists.org/fulldisclosure/2024/Jul/16","http://seclists.org/fulldisclosure/2024/Jul/17","http://seclists.org/fulldisclosure/2024/Jul/18","http://seclists.org/fulldisclosure/2024/Jul/19","http://seclists.org/fulldisclosure/2024/Jul/20","http://seclists.org/fulldisclosure/2024/Jul/21","http://seclists.org/fulldisclosure/2024/Jul/22","http://seclists.org/fulldisclosure/2024/Jul/23","https://access.redhat.com/security/cve/CVE-2023-6277","https://bugzilla.redhat.com/show_bug.cgi?id=2251311","https://gitlab.com/libtiff/libtiff/-/issues/614","https://gitlab.com/libtiff/libtiff/-/merge_requests/545","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WJIN6DTSL3VODZUGWEUXLEL5DR53EZMV/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7ZGN2MZXJ6E57W3L4YBM3ZPAU3T7T5C/","https://security.netapp.com/advisory/ntap-20240119-0002/","https://support.apple.com/kb/HT214116","https://support.apple.com/kb/HT214117","https://support.apple.com/kb/HT214118","https://support.apple.com/kb/HT214119","https://support.apple.com/kb/HT214120","https://support.apple.com/kb/HT214122","https://support.apple.com/kb/HT214123","https://support.apple.com/kb/HT214124"],"published_time":"2023-11-24T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5341","summary":"A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.0961,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-5341","https://bugzilla.redhat.com/show_bug.cgi?id=2241774","https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1","https://access.redhat.com/security/cve/CVE-2023-5341","https://bugzilla.redhat.com/show_bug.cgi?id=2241774","https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1","https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LICYTADFJAFPZW3Y2MKNCJIUYODPAG4L/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAULDP3GG5KI3XITQ5XSMRSILCBZS2VK/"],"published_time":"2023-11-19T10:15:49","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6176","summary":"A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6176","https://bugzilla.redhat.com/show_bug.cgi?id=2219359","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066","http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6176","https://bugzilla.redhat.com/show_bug.cgi?id=2219359","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066"],"published_time":"2023-11-16T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-6121","summary":"An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00252,"ranking_epss":0.48562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6121","https://bugzilla.redhat.com/show_bug.cgi?id=2250043","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-6121","https://bugzilla.redhat.com/show_bug.cgi?id=2250043","https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"],"published_time":"2023-11-16T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5546","summary":"ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.01765,"ranking_epss":0.82621,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971","https://bugzilla.redhat.com/show_bug.cgi?id=2243445","https://moodle.org/mod/forum/discuss.php?d=451587","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971","https://bugzilla.redhat.com/show_bug.cgi?id=2243445","https://moodle.org/mod/forum/discuss.php?d=451587"],"published_time":"2023-11-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5547","summary":"The course upload preview contained an XSS risk for users uploading unsafe data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455","https://bugzilla.redhat.com/show_bug.cgi?id=2243447","https://moodle.org/mod/forum/discuss.php?d=451588","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455","https://bugzilla.redhat.com/show_bug.cgi?id=2243447","https://moodle.org/mod/forum/discuss.php?d=451588"],"published_time":"2023-11-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5544","summary":"Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00177,"ranking_epss":0.39226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509","https://bugzilla.redhat.com/show_bug.cgi?id=2243443","https://moodle.org/mod/forum/discuss.php?d=451585","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509","https://bugzilla.redhat.com/show_bug.cgi?id=2243443","https://moodle.org/mod/forum/discuss.php?d=451585"],"published_time":"2023-11-09T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39198","summary":"A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00685,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39198","https://bugzilla.redhat.com/show_bug.cgi?id=2218332","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39198","https://bugzilla.redhat.com/show_bug.cgi?id=2218332","https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"],"published_time":"2023-11-09T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4061","summary":"A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00203,"ranking_epss":0.4236,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5484","https://access.redhat.com/errata/RHSA-2023:5485","https://access.redhat.com/errata/RHSA-2023:5486","https://access.redhat.com/errata/RHSA-2023:5488","https://access.redhat.com/security/cve/CVE-2023-4061","https://bugzilla.redhat.com/show_bug.cgi?id=2228608","https://access.redhat.com/errata/RHSA-2023:5484","https://access.redhat.com/errata/RHSA-2023:5485","https://access.redhat.com/errata/RHSA-2023:5486","https://access.redhat.com/errata/RHSA-2023:5488","https://access.redhat.com/security/cve/CVE-2023-4061","https://bugzilla.redhat.com/show_bug.cgi?id=2228608"],"published_time":"2023-11-08T01:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4535","summary":"An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.","cvss":4.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.5,"cvss_v4":null,"epss":0.0023,"ranking_epss":0.45767,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-4535","https://bugzilla.redhat.com/show_bug.cgi?id=2240914","https://github.com/OpenSC/OpenSC/commit/f1993dc4e0b33050b8f72a3558ee88b24c4063b2","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-4535","https://bugzilla.redhat.com/show_bug.cgi?id=2240914","https://github.com/OpenSC/OpenSC/commit/f1993dc4e0b33050b8f72a3558ee88b24c4063b2","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/"],"published_time":"2023-11-06T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40660","summary":"A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11095,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7876","https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-40660","https://bugzilla.redhat.com/show_bug.cgi?id=2240912","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","http://www.openwall.com/lists/oss-security/2023/12/13/2","https://access.redhat.com/errata/RHSA-2023:7876","https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-40660","https://bugzilla.redhat.com/show_bug.cgi?id=2240912","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","https://lists.debian.org/debian-lts-announce/2023/11/msg00024.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/"],"published_time":"2023-11-06T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40661","summary":"Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow \r\ncompromise key generation, certificate loading, and other card management operations during enrollment.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00295,"ranking_epss":0.52809,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7876","https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-40661","https://bugzilla.redhat.com/show_bug.cgi?id=2240913","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","http://www.openwall.com/lists/oss-security/2023/12/13/3","https://access.redhat.com/errata/RHSA-2023:7876","https://access.redhat.com/errata/RHSA-2023:7879","https://access.redhat.com/security/cve/CVE-2023-40661","https://bugzilla.redhat.com/show_bug.cgi?id=2240913","https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651","https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1","https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories","https://lists.debian.org/debian-lts-announce/2023/11/msg00024.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CPQOMCDWFRBMEFR5VK4N5MMXXU42ODE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLYEFIBBA37TK3UNMZN5NOJ7IWCIXLQP/"],"published_time":"2023-11-06T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5090","summary":"A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11705,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2758","https://access.redhat.com/errata/RHSA-2024:3854","https://access.redhat.com/errata/RHSA-2024:3855","https://access.redhat.com/errata/RHSA-2024:4211","https://access.redhat.com/errata/RHSA-2024:4352","https://access.redhat.com/security/cve/CVE-2023-5090","https://bugzilla.redhat.com/show_bug.cgi?id=2248122","https://access.redhat.com/errata/RHSA-2024:3854","https://access.redhat.com/errata/RHSA-2024:3855","https://access.redhat.com/errata/RHSA-2024:4211","https://access.redhat.com/errata/RHSA-2024:4352","https://access.redhat.com/security/cve/CVE-2023-5090","https://bugzilla.redhat.com/show_bug.cgi?id=2248122"],"published_time":"2023-11-06T11:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-42669","summary":"A vulnerability was found in Samba's \"rpcecho\" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the \"rpcecho\" service operates with only one worker in the main RPC task, allowing calls to the \"rpcecho\" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a \"sleep()\" call in the \"dcesrv_echo_TestSleep()\" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the \"rpcecho\" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as \"rpcecho\" runs in the main RPC task.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00578,"ranking_epss":0.68837,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-42669","https://bugzilla.redhat.com/show_bug.cgi?id=2241884","https://bugzilla.samba.org/show_bug.cgi?id=15474","https://www.samba.org/samba/security/CVE-2023-42669.html","https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-42669","https://bugzilla.redhat.com/show_bug.cgi?id=2241884","https://bugzilla.samba.org/show_bug.cgi?id=15474","https://security.netapp.com/advisory/ntap-20231124-0002/","https://www.samba.org/samba/security/CVE-2023-42669.html"],"published_time":"2023-11-06T07:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5088","summary":"A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot.","cvss":6.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02115,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-5088","https://bugzilla.redhat.com/show_bug.cgi?id=2247283","https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/","https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-5088","https://bugzilla.redhat.com/show_bug.cgi?id=2247283","https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html","https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html","https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/","https://security.netapp.com/advisory/ntap-20231208-0005/"],"published_time":"2023-11-03T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3961","summary":"A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.01941,"ranking_epss":0.83428,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-3961","https://bugzilla.redhat.com/show_bug.cgi?id=2241881","https://bugzilla.samba.org/show_bug.cgi?id=15422","https://www.samba.org/samba/security/CVE-2023-3961.html","https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-3961","https://bugzilla.redhat.com/show_bug.cgi?id=2241881","https://bugzilla.samba.org/show_bug.cgi?id=15422","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/","https://security.netapp.com/advisory/ntap-20231124-0002/","https://www.samba.org/samba/security/CVE-2023-3961.html"],"published_time":"2023-11-03T13:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1476","summary":"A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.0498,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:1659","https://access.redhat.com/security/cve/CVE-2023-1476","https://bugzilla.redhat.com/show_bug.cgi?id=2176035","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2","https://access.redhat.com/errata/RHSA-2023:1659","https://access.redhat.com/security/cve/CVE-2023-1476","https://bugzilla.redhat.com/show_bug.cgi?id=2176035","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=97113eb39fa7972722ff490b947d8af023e1f6a2"],"published_time":"2023-11-03T09:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-46847","summary":"Squid is vulnerable to a Denial of Service,  where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.38209,"ranking_epss":0.97224,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6267","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/errata/RHSA-2023:6801","https://access.redhat.com/errata/RHSA-2023:6803","https://access.redhat.com/errata/RHSA-2023:6804","https://access.redhat.com/errata/RHSA-2023:6805","https://access.redhat.com/errata/RHSA-2023:6810","https://access.redhat.com/errata/RHSA-2023:6882","https://access.redhat.com/errata/RHSA-2023:6884","https://access.redhat.com/errata/RHSA-2023:7213","https://access.redhat.com/errata/RHSA-2023:7576","https://access.redhat.com/errata/RHSA-2023:7578","https://access.redhat.com/security/cve/CVE-2023-46847","https://bugzilla.redhat.com/show_bug.cgi?id=2245916","https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g","https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6267","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/errata/RHSA-2023:6801","https://access.redhat.com/errata/RHSA-2023:6803","https://access.redhat.com/errata/RHSA-2023:6804","https://access.redhat.com/errata/RHSA-2023:6805","https://access.redhat.com/errata/RHSA-2023:6810","https://access.redhat.com/errata/RHSA-2023:6882","https://access.redhat.com/errata/RHSA-2023:6884","https://access.redhat.com/errata/RHSA-2023:7213","https://access.redhat.com/errata/RHSA-2023:7576","https://access.redhat.com/errata/RHSA-2023:7578","https://access.redhat.com/security/cve/CVE-2023-46847","https://bugzilla.redhat.com/show_bug.cgi?id=2245916","https://github.com/squid-cache/squid/security/advisories/GHSA-phqj-m8gv-cq4g","https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html","https://security.netapp.com/advisory/ntap-20231130-0002/"],"published_time":"2023-11-03T08:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-46848","summary":"Squid is vulnerable to Denial of Service,  where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.10424,"ranking_epss":0.93222,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/security/cve/CVE-2023-46848","https://bugzilla.redhat.com/show_bug.cgi?id=2245919","https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w","https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/security/cve/CVE-2023-46848","https://bugzilla.redhat.com/show_bug.cgi?id=2245919","https://github.com/squid-cache/squid/security/advisories/GHSA-2g3c-pg7q-g59w","https://security.netapp.com/advisory/ntap-20231214-0005/"],"published_time":"2023-11-03T08:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4091","summary":"A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module \"acl_xattr\" is configured with \"acl_xattr:ignore system acls = yes\". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00476,"ranking_epss":0.64884,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-4091","https://bugzilla.redhat.com/show_bug.cgi?id=2241882","https://bugzilla.samba.org/show_bug.cgi?id=15439","https://www.samba.org/samba/security/CVE-2023-4091.html","https://access.redhat.com/errata/RHSA-2023:6209","https://access.redhat.com/errata/RHSA-2023:6744","https://access.redhat.com/errata/RHSA-2023:7371","https://access.redhat.com/errata/RHSA-2023:7408","https://access.redhat.com/errata/RHSA-2023:7464","https://access.redhat.com/errata/RHSA-2023:7467","https://access.redhat.com/security/cve/CVE-2023-4091","https://bugzilla.redhat.com/show_bug.cgi?id=2241882","https://bugzilla.samba.org/show_bug.cgi?id=15439","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/","https://security.netapp.com/advisory/ntap-20231124-0002/","https://www.samba.org/samba/security/CVE-2023-4091.html"],"published_time":"2023-11-03T08:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5824","summary":"A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01879,"ranking_epss":0.83136,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7465","https://access.redhat.com/errata/RHSA-2023:7668","https://access.redhat.com/errata/RHSA-2024:0072","https://access.redhat.com/errata/RHSA-2024:0397","https://access.redhat.com/errata/RHSA-2024:0771","https://access.redhat.com/errata/RHSA-2024:0772","https://access.redhat.com/errata/RHSA-2024:0773","https://access.redhat.com/errata/RHSA-2024:1153","https://access.redhat.com/security/cve/CVE-2023-5824","https://bugzilla.redhat.com/show_bug.cgi?id=2245914","https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255","https://access.redhat.com/errata/RHSA-2023:7465","https://access.redhat.com/errata/RHSA-2023:7668","https://access.redhat.com/errata/RHSA-2024:0072","https://access.redhat.com/errata/RHSA-2024:0397","https://access.redhat.com/errata/RHSA-2024:0771","https://access.redhat.com/errata/RHSA-2024:0772","https://access.redhat.com/errata/RHSA-2024:0773","https://access.redhat.com/errata/RHSA-2024:1153","https://access.redhat.com/security/cve/CVE-2023-5824","https://bugzilla.redhat.com/show_bug.cgi?id=2245914","https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255","https://lists.debian.org/debian-lts-announce/2025/09/msg00027.html","https://security.netapp.com/advisory/ntap-20231130-0003/"],"published_time":"2023-11-03T08:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-46846","summary":"SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.","cvss":9.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.3,"cvss_v4":null,"epss":0.09618,"ranking_epss":0.92886,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6267","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/errata/RHSA-2023:6801","https://access.redhat.com/errata/RHSA-2023:6803","https://access.redhat.com/errata/RHSA-2023:6804","https://access.redhat.com/errata/RHSA-2023:6810","https://access.redhat.com/errata/RHSA-2023:7213","https://access.redhat.com/errata/RHSA-2024:11049","https://access.redhat.com/security/cve/CVE-2023-46846","https://bugzilla.redhat.com/show_bug.cgi?id=2245910","https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh","https://access.redhat.com/errata/RHSA-2023:6266","https://access.redhat.com/errata/RHSA-2023:6267","https://access.redhat.com/errata/RHSA-2023:6268","https://access.redhat.com/errata/RHSA-2023:6748","https://access.redhat.com/errata/RHSA-2023:6801","https://access.redhat.com/errata/RHSA-2023:6803","https://access.redhat.com/errata/RHSA-2023:6804","https://access.redhat.com/errata/RHSA-2023:6810","https://access.redhat.com/errata/RHSA-2023:7213","https://access.redhat.com/security/cve/CVE-2023-46846","https://bugzilla.redhat.com/show_bug.cgi?id=2245910","https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh","https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00008.html","https://security.netapp.com/advisory/ntap-20231130-0002/"],"published_time":"2023-11-03T08:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-31018","summary":"NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13553,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvidia.custhelp.com/app/answers/detail/a_id/5491","https://nvidia.custhelp.com/app/answers/detail/a_id/5491"],"published_time":"2023-11-02T19:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-31021","summary":"NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvidia.custhelp.com/app/answers/detail/a_id/5491","https://nvidia.custhelp.com/app/answers/detail/a_id/5491"],"published_time":"2023-11-02T19:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-31022","summary":"NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00075,"ranking_epss":0.22586,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvidia.custhelp.com/app/answers/detail/a_id/5491","https://nvidia.custhelp.com/app/answers/detail/a_id/5491"],"published_time":"2023-11-02T19:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-31026","summary":"NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a NULL-pointer dereference may lead to denial of service.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.0487,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvidia.custhelp.com/app/answers/detail/a_id/5491","https://nvidia.custhelp.com/app/answers/detail/a_id/5491"],"published_time":"2023-11-02T19:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4900","summary":"A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.20124,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-4900","https://bugzilla.redhat.com/show_bug.cgi?id=2179880","https://security.netapp.com/advisory/ntap-20231130-0008/","https://access.redhat.com/security/cve/CVE-2022-4900","https://bugzilla.redhat.com/show_bug.cgi?id=2179880","https://lists.debian.org/debian-lts-announce/2024/10/msg00011.html","https://security.netapp.com/advisory/ntap-20231130-0008/"],"published_time":"2023-11-02T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38473","summary":"A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01019,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38473","https://bugzilla.redhat.com/show_bug.cgi?id=2191694","https://access.redhat.com/security/cve/CVE-2023-38473","https://bugzilla.redhat.com/show_bug.cgi?id=2191694","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-11-02T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38469","summary":"A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01019,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38469","https://bugzilla.redhat.com/show_bug.cgi?id=2191687","https://access.redhat.com/security/cve/CVE-2023-38469","https://bugzilla.redhat.com/show_bug.cgi?id=2191687","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-11-02T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38470","summary":"A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01019,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38470","https://bugzilla.redhat.com/show_bug.cgi?id=2191690","https://access.redhat.com/security/cve/CVE-2023-38470","https://bugzilla.redhat.com/show_bug.cgi?id=2191690","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-11-02T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38471","summary":"A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38471","https://bugzilla.redhat.com/show_bug.cgi?id=2191691","https://access.redhat.com/security/cve/CVE-2023-38471","https://bugzilla.redhat.com/show_bug.cgi?id=2191691","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-11-02T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38472","summary":"A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01019,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38472","https://bugzilla.redhat.com/show_bug.cgi?id=2191692","https://access.redhat.com/security/cve/CVE-2023-38472","https://bugzilla.redhat.com/show_bug.cgi?id=2191692","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-11-02T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3164","summary":"A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01108,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3164","https://bugzilla.redhat.com/show_bug.cgi?id=2213531","https://gitlab.com/libtiff/libtiff/-/issues/542","https://access.redhat.com/security/cve/CVE-2023-3164","https://bugzilla.redhat.com/show_bug.cgi?id=2213531","https://gitlab.com/libtiff/libtiff/-/issues/542"],"published_time":"2023-11-02T12:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1192","summary":"A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-1192","https://bugzilla.redhat.com/show_bug.cgi?id=2154178","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f","https://access.redhat.com/security/cve/CVE-2023-1192","https://bugzilla.redhat.com/show_bug.cgi?id=2154178","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d527f51331cace562393a8038d870b3e9916686f"],"published_time":"2023-11-01T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5178","summary":"A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.08634,"ranking_epss":0.92443,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7548","https://access.redhat.com/errata/RHSA-2023:7549","https://access.redhat.com/errata/RHSA-2023:7551","https://access.redhat.com/errata/RHSA-2023:7554","https://access.redhat.com/errata/RHSA-2023:7557","https://access.redhat.com/errata/RHSA-2023:7559","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0386","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0431","https://access.redhat.com/errata/RHSA-2024:0432","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0554","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:1268","https://access.redhat.com/errata/RHSA-2024:1269","https://access.redhat.com/errata/RHSA-2024:1278","https://access.redhat.com/security/cve/CVE-2023-5178","https://bugzilla.redhat.com/show_bug.cgi?id=2241924","https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7548","https://access.redhat.com/errata/RHSA-2023:7549","https://access.redhat.com/errata/RHSA-2023:7551","https://access.redhat.com/errata/RHSA-2023:7554","https://access.redhat.com/errata/RHSA-2023:7557","https://access.redhat.com/errata/RHSA-2023:7559","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0386","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0431","https://access.redhat.com/errata/RHSA-2024:0432","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0554","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:1268","https://access.redhat.com/errata/RHSA-2024:1269","https://access.redhat.com/errata/RHSA-2024:1278","https://access.redhat.com/security/cve/CVE-2023-5178","https://bugzilla.redhat.com/show_bug.cgi?id=2241924","https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/","https://security.netapp.com/advisory/ntap-20231208-0004/"],"published_time":"2023-11-01T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3972","summary":"A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00773,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6264","https://access.redhat.com/errata/RHSA-2023:6282","https://access.redhat.com/errata/RHSA-2023:6283","https://access.redhat.com/errata/RHSA-2023:6284","https://access.redhat.com/errata/RHSA-2023:6795","https://access.redhat.com/errata/RHSA-2023:6796","https://access.redhat.com/errata/RHSA-2023:6798","https://access.redhat.com/errata/RHSA-2023:6811","https://access.redhat.com/security/cve/CVE-2023-3972","https://bugzilla.redhat.com/show_bug.cgi?id=2227027","https://github.com/RedHatInsights/insights-core/pull/3878","https://access.redhat.com/errata/RHSA-2023:6264","https://access.redhat.com/errata/RHSA-2023:6282","https://access.redhat.com/errata/RHSA-2023:6283","https://access.redhat.com/errata/RHSA-2023:6284","https://access.redhat.com/errata/RHSA-2023:6795","https://access.redhat.com/errata/RHSA-2023:6796","https://access.redhat.com/errata/RHSA-2023:6798","https://access.redhat.com/errata/RHSA-2023:6811","https://access.redhat.com/security/cve/CVE-2023-3972","https://bugzilla.redhat.com/show_bug.cgi?id=2227027","https://github.com/RedHatInsights/insights-core/pull/3878"],"published_time":"2023-11-01T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5625","summary":"A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.28047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6128","https://access.redhat.com/errata/RHSA-2024:0188","https://access.redhat.com/errata/RHSA-2024:0213","https://access.redhat.com/security/cve/CVE-2023-5625","https://bugzilla.redhat.com/show_bug.cgi?id=2244717","https://access.redhat.com/errata/RHSA-2023:6128","https://access.redhat.com/errata/RHSA-2024:0188","https://access.redhat.com/errata/RHSA-2024:0213","https://access.redhat.com/security/cve/CVE-2023-5625","https://bugzilla.redhat.com/show_bug.cgi?id=2244717"],"published_time":"2023-11-01T14:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5367","summary":"A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00064,"ranking_epss":0.19927,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6802","https://access.redhat.com/errata/RHSA-2023:6808","https://access.redhat.com/errata/RHSA-2023:7373","https://access.redhat.com/errata/RHSA-2023:7388","https://access.redhat.com/errata/RHSA-2023:7405","https://access.redhat.com/errata/RHSA-2023:7428","https://access.redhat.com/errata/RHSA-2023:7436","https://access.redhat.com/errata/RHSA-2023:7526","https://access.redhat.com/errata/RHSA-2023:7533","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0128","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/errata/RHSA-2025:12751","https://access.redhat.com/security/cve/CVE-2023-5367","https://bugzilla.redhat.com/show_bug.cgi?id=2243091","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://access.redhat.com/errata/RHSA-2023:6802","https://access.redhat.com/errata/RHSA-2023:6808","https://access.redhat.com/errata/RHSA-2023:7373","https://access.redhat.com/errata/RHSA-2023:7388","https://access.redhat.com/errata/RHSA-2023:7405","https://access.redhat.com/errata/RHSA-2023:7428","https://access.redhat.com/errata/RHSA-2023:7436","https://access.redhat.com/errata/RHSA-2023:7526","https://access.redhat.com/errata/RHSA-2023:7533","https://access.redhat.com/errata/RHSA-2024:0010","https://access.redhat.com/errata/RHSA-2024:0128","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2170","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:2996","https://access.redhat.com/security/cve/CVE-2023-5367","https://bugzilla.redhat.com/show_bug.cgi?id=2243091","https://lists.debian.org/debian-lts-announce/2023/10/msg00036.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20231130-0004/","https://www.debian.org/security/2023/dsa-5534"],"published_time":"2023-10-25T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5380","summary":"A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.23961,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7428","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2298","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:3067","https://access.redhat.com/security/cve/CVE-2023-5380","https://bugzilla.redhat.com/show_bug.cgi?id=2244736","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://access.redhat.com/errata/RHSA-2023:7428","https://access.redhat.com/errata/RHSA-2024:2169","https://access.redhat.com/errata/RHSA-2024:2298","https://access.redhat.com/errata/RHSA-2024:2995","https://access.redhat.com/errata/RHSA-2024:3067","https://access.redhat.com/security/cve/CVE-2023-5380","https://bugzilla.redhat.com/show_bug.cgi?id=2244736","https://lists.debian.org/debian-lts-announce/2023/10/msg00036.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://security.gentoo.org/glsa/202401-30","https://security.netapp.com/advisory/ntap-20231130-0004/","https://www.debian.org/security/2023/dsa-5534"],"published_time":"2023-10-25T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5574","summary":"A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2298","https://access.redhat.com/security/cve/CVE-2023-5574","https://bugzilla.redhat.com/show_bug.cgi?id=2244735","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://access.redhat.com/errata/RHSA-2024:2298","https://access.redhat.com/security/cve/CVE-2023-5574","https://bugzilla.redhat.com/show_bug.cgi?id=2244735","https://lists.x.org/archives/xorg-announce/2023-October/003430.html","https://security.netapp.com/advisory/ntap-20231130-0004/"],"published_time":"2023-10-25T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4692","summary":"An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":4e-05,"ranking_epss":0.00164,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2023-4692","https://bugzilla.redhat.com/show_bug.cgi?id=2236613","https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","https://seclists.org/oss-sec/2023/q4/37","https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2023-4692","https://bugzilla.redhat.com/show_bug.cgi?id=2236613","https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","https://lists.debian.org/debian-lts-announce/2023/10/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/","https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","https://seclists.org/oss-sec/2023/q4/37","https://security.gentoo.org/glsa/202311-14","https://security.netapp.com/advisory/ntap-20231208-0002/"],"published_time":"2023-10-25T18:17:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4693","summary":"An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2023-4693","https://bugzilla.redhat.com/show_bug.cgi?id=2238343","https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","https://seclists.org/oss-sec/2023/q4/37","https://access.redhat.com/errata/RHSA-2024:2456","https://access.redhat.com/errata/RHSA-2024:3184","https://access.redhat.com/security/cve/CVE-2023-4693","https://bugzilla.redhat.com/show_bug.cgi?id=2238343","https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/","https://lists.debian.org/debian-lts-announce/2023/10/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/","https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html","https://seclists.org/oss-sec/2023/q4/37","https://security.gentoo.org/glsa/202311-14","https://security.netapp.com/advisory/ntap-20231208-0002/"],"published_time":"2023-10-25T18:17:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5633","summary":"The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02863,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0113","https://access.redhat.com/errata/RHSA-2024:0134","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-5633","https://bugzilla.redhat.com/show_bug.cgi?id=2245663","https://access.redhat.com/errata/RHSA-2024:0113","https://access.redhat.com/errata/RHSA-2024:0134","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-5633","https://bugzilla.redhat.com/show_bug.cgi?id=2245663"],"published_time":"2023-10-23T22:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5557","summary":"A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13817,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7712","https://access.redhat.com/errata/RHSA-2023:7713","https://access.redhat.com/errata/RHSA-2023:7730","https://access.redhat.com/errata/RHSA-2023:7731","https://access.redhat.com/errata/RHSA-2023:7732","https://access.redhat.com/errata/RHSA-2023:7733","https://access.redhat.com/errata/RHSA-2023:7739","https://access.redhat.com/errata/RHSA-2023:7744","https://access.redhat.com/security/cve/CVE-2023-5557","https://bugzilla.redhat.com/show_bug.cgi?id=2243096","https://access.redhat.com/errata/RHSA-2023:7712","https://access.redhat.com/errata/RHSA-2023:7713","https://access.redhat.com/errata/RHSA-2023:7730","https://access.redhat.com/errata/RHSA-2023:7731","https://access.redhat.com/errata/RHSA-2023:7732","https://access.redhat.com/errata/RHSA-2023:7733","https://access.redhat.com/errata/RHSA-2023:7739","https://access.redhat.com/errata/RHSA-2023:7744","https://access.redhat.com/security/cve/CVE-2023-5557","https://bugzilla.redhat.com/show_bug.cgi?id=2243096"],"published_time":"2023-10-13T02:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43789","summary":"A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2146","https://access.redhat.com/errata/RHSA-2024:2217","https://access.redhat.com/errata/RHSA-2024:2974","https://access.redhat.com/errata/RHSA-2024:3022","https://access.redhat.com/security/cve/CVE-2023-43789","https://bugzilla.redhat.com/show_bug.cgi?id=2242249","https://access.redhat.com/errata/RHSA-2024:2146","https://access.redhat.com/errata/RHSA-2024:2217","https://access.redhat.com/errata/RHSA-2024:2974","https://access.redhat.com/errata/RHSA-2024:3022","https://access.redhat.com/security/cve/CVE-2023-43789","https://bugzilla.redhat.com/show_bug.cgi?id=2242249","https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/"],"published_time":"2023-10-12T12:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-44487","summary":"The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.94385,"ranking_epss":0.99971,"kev":true,"propose_action":"HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).","ransomware_campaign":"Unknown","references":["http://www.openwall.com/lists/oss-security/2023/10/10/6","http://www.openwall.com/lists/oss-security/2023/10/10/7","http://www.openwall.com/lists/oss-security/2023/10/13/4","http://www.openwall.com/lists/oss-security/2023/10/13/9","http://www.openwall.com/lists/oss-security/2023/10/18/4","http://www.openwall.com/lists/oss-security/2023/10/18/8","http://www.openwall.com/lists/oss-security/2023/10/19/6","http://www.openwall.com/lists/oss-security/2023/10/20/8","https://access.redhat.com/security/cve/cve-2023-44487","https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/","https://aws.amazon.com/security/security-bulletins/AWS-2023-011/","https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/","https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/","https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/","https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack","https://blog.vespa.ai/cve-2023-44487/","https://bugzilla.proxmox.com/show_bug.cgi?id=4988","https://bugzilla.redhat.com/show_bug.cgi?id=2242803","https://bugzilla.suse.com/show_bug.cgi?id=1216123","https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/","https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack","https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125","https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715","https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve","https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764","https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088","https://github.com/Azure/AKS/issues/3947","https://github.com/Kong/kong/discussions/11741","https://github.com/advisories/GHSA-qppj-fm5r-hxr3","https://github.com/advisories/GHSA-vx74-f528-fxqg","https://github.com/advisories/GHSA-xpw8-rcwv-8f8p","https://github.com/akka/akka-http/issues/4323","https://github.com/alibaba/tengine/issues/1872","https://github.com/apache/apisix/issues/10320","https://github.com/apache/httpd-site/pull/10","https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113","https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2","https://github.com/apache/trafficserver/pull/10564","https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487","https://github.com/bcdannyboy/CVE-2023-44487","https://github.com/caddyserver/caddy/issues/5877","https://github.com/caddyserver/caddy/releases/tag/v2.7.5","https://github.com/dotnet/announcements/issues/277","https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73","https://github.com/eclipse/jetty.project/issues/10679","https://github.com/envoyproxy/envoy/pull/30055","https://github.com/etcd-io/etcd/issues/16740","https://github.com/facebook/proxygen/pull/466","https://github.com/golang/go/issues/63417","https://github.com/grpc/grpc-go/pull/6703","https://github.com/grpc/grpc/releases/tag/v1.59.2","https://github.com/h2o/h2o/pull/3291","https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf","https://github.com/haproxy/haproxy/issues/2312","https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244","https://github.com/junkurihara/rust-rpxy/issues/97","https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","https://github.com/kazu-yamamoto/http2/issues/93","https://github.com/kubernetes/kubernetes/pull/121120","https://github.com/line/armeria/pull/5232","https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632","https://github.com/micrictor/http2-rst-stream","https://github.com/microsoft/CBL-Mariner/pull/6381","https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61","https://github.com/nghttp2/nghttp2/pull/1961","https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0","https://github.com/ninenines/cowboy/issues/1615","https://github.com/nodejs/node/pull/50121","https://github.com/openresty/openresty/issues/930","https://github.com/opensearch-project/data-prepper/issues/3474","https://github.com/oqtane/oqtane.framework/discussions/3367","https://github.com/projectcontour/contour/pull/5826","https://github.com/tempesta-tech/tempesta/issues/1986","https://github.com/varnishcache/varnish-cache/issues/3996","https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo","https://istio.io/latest/news/security/istio-security-2023-004/","https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/","https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html","https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html","https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html","https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487","https://my.f5.com/manage/s/article/K000137106","https://netty.io/news/2023/10/10/4-1-100-Final.html","https://news.ycombinator.com/item?id=37830987","https://news.ycombinator.com/item?id=37830998","https://news.ycombinator.com/item?id=37831062","https://news.ycombinator.com/item?id=37837043","https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/","https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected","https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ","https://security.gentoo.org/glsa/202311-09","https://security.netapp.com/advisory/ntap-20231016-0001/","https://security.netapp.com/advisory/ntap-20240426-0007/","https://security.netapp.com/advisory/ntap-20240621-0006/","https://security.netapp.com/advisory/ntap-20240621-0007/","https://security.paloaltonetworks.com/CVE-2023-44487","https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14","https://ubuntu.com/security/CVE-2023-44487","https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/","https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487","https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","https://www.debian.org/security/2023/dsa-5521","https://www.debian.org/security/2023/dsa-5522","https://www.debian.org/security/2023/dsa-5540","https://www.debian.org/security/2023/dsa-5549","https://www.debian.org/security/2023/dsa-5558","https://www.debian.org/security/2023/dsa-5570","https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/","https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/","https://www.openwall.com/lists/oss-security/2023/10/10/6","https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack","https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/","http://www.openwall.com/lists/oss-security/2023/10/13/4","http://www.openwall.com/lists/oss-security/2023/10/13/9","http://www.openwall.com/lists/oss-security/2023/10/18/4","http://www.openwall.com/lists/oss-security/2023/10/18/8","http://www.openwall.com/lists/oss-security/2023/10/19/6","http://www.openwall.com/lists/oss-security/2023/10/20/8","http://www.openwall.com/lists/oss-security/2025/08/13/6","https://access.redhat.com/security/cve/cve-2023-44487","https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/","https://aws.amazon.com/security/security-bulletins/AWS-2023-011/","https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/","https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/","https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/","https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack","https://blog.vespa.ai/cve-2023-44487/","https://bugzilla.proxmox.com/show_bug.cgi?id=4988","https://bugzilla.redhat.com/show_bug.cgi?id=2242803","https://bugzilla.suse.com/show_bug.cgi?id=1216123","https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9","https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/","https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack","https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125","https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715","https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve","https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764","https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088","https://github.com/Azure/AKS/issues/3947","https://github.com/Kong/kong/discussions/11741","https://github.com/advisories/GHSA-qppj-fm5r-hxr3","https://github.com/advisories/GHSA-vx74-f528-fxqg","https://github.com/advisories/GHSA-xpw8-rcwv-8f8p","https://github.com/akka/akka-http/issues/4323","https://github.com/alibaba/tengine/issues/1872","https://github.com/apache/apisix/issues/10320","https://github.com/apache/httpd-site/pull/10","https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113","https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2","https://github.com/apache/trafficserver/pull/10564","https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487","https://github.com/bcdannyboy/CVE-2023-44487","https://github.com/caddyserver/caddy/issues/5877","https://github.com/caddyserver/caddy/releases/tag/v2.7.5","https://github.com/dotnet/announcements/issues/277","https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73","https://github.com/eclipse/jetty.project/issues/10679","https://github.com/envoyproxy/envoy/pull/30055","https://github.com/etcd-io/etcd/issues/16740","https://github.com/facebook/proxygen/pull/466","https://github.com/golang/go/issues/63417","https://github.com/grpc/grpc-go/pull/6703","https://github.com/h2o/h2o/pull/3291","https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf","https://github.com/haproxy/haproxy/issues/2312","https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244","https://github.com/junkurihara/rust-rpxy/issues/97","https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1","https://github.com/kazu-yamamoto/http2/issues/93","https://github.com/kubernetes/kubernetes/pull/121120","https://github.com/line/armeria/pull/5232","https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632","https://github.com/micrictor/http2-rst-stream","https://github.com/microsoft/CBL-Mariner/pull/6381","https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61","https://github.com/nghttp2/nghttp2/pull/1961","https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0","https://github.com/ninenines/cowboy/issues/1615","https://github.com/nodejs/node/pull/50121","https://github.com/openresty/openresty/issues/930","https://github.com/opensearch-project/data-prepper/issues/3474","https://github.com/oqtane/oqtane.framework/discussions/3367","https://github.com/projectcontour/contour/pull/5826","https://github.com/tempesta-tech/tempesta/issues/1986","https://github.com/varnishcache/varnish-cache/issues/3996","https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo","https://istio.io/latest/news/security/istio-security-2023-004/","https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/","https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q","https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html","https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html","https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/","https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html","https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html","https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html","https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487","https://my.f5.com/manage/s/article/K000137106","https://netty.io/news/2023/10/10/4-1-100-Final.html","https://news.ycombinator.com/item?id=37830987","https://news.ycombinator.com/item?id=37830998","https://news.ycombinator.com/item?id=37831062","https://news.ycombinator.com/item?id=37837043","https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/","https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected","https://security.gentoo.org/glsa/202311-09","https://security.netapp.com/advisory/ntap-20231016-0001/","https://security.netapp.com/advisory/ntap-20240426-0007/","https://security.netapp.com/advisory/ntap-20240621-0006/","https://security.netapp.com/advisory/ntap-20240621-0007/","https://security.paloaltonetworks.com/CVE-2023-44487","https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14","https://ubuntu.com/security/CVE-2023-44487","https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/","https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487","https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event","https://www.debian.org/security/2023/dsa-5521","https://www.debian.org/security/2023/dsa-5522","https://www.debian.org/security/2023/dsa-5540","https://www.debian.org/security/2023/dsa-5549","https://www.debian.org/security/2023/dsa-5558","https://www.debian.org/security/2023/dsa-5570","https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487","https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/","https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/","https://www.openwall.com/lists/oss-security/2023/10/10/6","https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack","https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/","https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487"],"published_time":"2023-10-10T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43786","summary":"A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43786","https://bugzilla.redhat.com/show_bug.cgi?id=2242253","http://www.openwall.com/lists/oss-security/2024/01/24/9","https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43786","https://bugzilla.redhat.com/show_bug.cgi?id=2242253","https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/","https://security.netapp.com/advisory/ntap-20231103-0006/"],"published_time":"2023-10-10T13:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43787","summary":"A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12669,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43787","https://bugzilla.redhat.com/show_bug.cgi?id=2242254","http://www.openwall.com/lists/oss-security/2024/01/24/9","https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43787","https://bugzilla.redhat.com/show_bug.cgi?id=2242254","https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/","https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html","https://security.netapp.com/advisory/ntap-20231103-0006/"],"published_time":"2023-10-10T13:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43788","summary":"A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06072,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2146","https://access.redhat.com/errata/RHSA-2024:2217","https://access.redhat.com/errata/RHSA-2024:2974","https://access.redhat.com/errata/RHSA-2024:3022","https://access.redhat.com/security/cve/CVE-2023-43788","https://bugzilla.redhat.com/show_bug.cgi?id=2242248","https://access.redhat.com/errata/RHSA-2024:2146","https://access.redhat.com/errata/RHSA-2024:2217","https://access.redhat.com/errata/RHSA-2024:2974","https://access.redhat.com/errata/RHSA-2024:3022","https://access.redhat.com/security/cve/CVE-2023-43788","https://bugzilla.redhat.com/show_bug.cgi?id=2242248","https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63IBRFLQVZSMOAZBZOBKFWJP26ILRAGQ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3KFUQT42R7TB4D7RISNSBQFJGLTQGUL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFAJTBNO3PAIA6EGZR4PN62H6RLKNDTE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZECBCLDYUGLDSVV75ECPIBW7JXOB3747/"],"published_time":"2023-10-10T13:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43785","summary":"A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27616,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43785","https://bugzilla.redhat.com/show_bug.cgi?id=2242252","https://access.redhat.com/errata/RHSA-2024:2145","https://access.redhat.com/errata/RHSA-2024:2973","https://access.redhat.com/security/cve/CVE-2023-43785","https://bugzilla.redhat.com/show_bug.cgi?id=2242252","https://lists.debian.org/debian-lts-announce/2023/10/msg00004.html","https://security.netapp.com/advisory/ntap-20231103-0006/"],"published_time":"2023-10-10T13:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39189","summary":"A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39189","https://bugzilla.redhat.com/show_bug.cgi?id=2226777","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39189","https://bugzilla.redhat.com/show_bug.cgi?id=2226777","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"],"published_time":"2023-10-09T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39192","summary":"A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39192","https://bugzilla.redhat.com/show_bug.cgi?id=2226784","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39192","https://bugzilla.redhat.com/show_bug.cgi?id=2226784","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/"],"published_time":"2023-10-09T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39193","summary":"A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00672,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39193","https://bugzilla.redhat.com/show_bug.cgi?id=2226787","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39193","https://bugzilla.redhat.com/show_bug.cgi?id=2226787","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/"],"published_time":"2023-10-09T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39194","summary":"A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.","cvss":3.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.2,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00815,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39194","https://bugzilla.redhat.com/show_bug.cgi?id=2226788","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-39194","https://bugzilla.redhat.com/show_bug.cgi?id=2226788","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/"],"published_time":"2023-10-09T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5366","summary":"A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05327,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2024/02/08/4","https://access.redhat.com/security/cve/CVE-2023-5366","https://bugzilla.redhat.com/show_bug.cgi?id=2006347","https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/","http://www.openwall.com/lists/oss-security/2024/02/08/4","https://access.redhat.com/security/cve/CVE-2023-5366","https://bugzilla.redhat.com/show_bug.cgi?id=2006347","https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/"],"published_time":"2023-10-06T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-40745","summary":"LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00338,"ranking_epss":0.5665,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/security/cve/CVE-2023-40745","https://bugzilla.redhat.com/show_bug.cgi?id=2235265","https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/security/cve/CVE-2023-40745","https://bugzilla.redhat.com/show_bug.cgi?id=2235265","https://security.netapp.com/advisory/ntap-20231110-0005/"],"published_time":"2023-10-05T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-41175","summary":"A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0034,"ranking_epss":0.56784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/security/cve/CVE-2023-41175","https://bugzilla.redhat.com/show_bug.cgi?id=2235264","https://access.redhat.com/errata/RHSA-2024:2289","https://access.redhat.com/security/cve/CVE-2023-41175","https://bugzilla.redhat.com/show_bug.cgi?id=2235264"],"published_time":"2023-10-05T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-42754","summary":"A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01066,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-42754","https://bugzilla.redhat.com/show_bug.cgi?id=2239845","https://seclists.org/oss-sec/2023/q4/14","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-42754","https://bugzilla.redhat.com/show_bug.cgi?id=2239845","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/","https://seclists.org/oss-sec/2023/q4/14"],"published_time":"2023-10-05T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-42755","summary":"A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-42755","https://bugzilla.redhat.com/show_bug.cgi?id=2239847","https://seclists.org/oss-sec/2023/q3/229","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-42755","https://bugzilla.redhat.com/show_bug.cgi?id=2239847","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://seclists.org/oss-sec/2023/q3/229"],"published_time":"2023-10-05T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39191","summary":"An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.","cvss":8.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02675,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2024:0381","https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/security/cve/CVE-2023-39191","https://bugzilla.redhat.com/show_bug.cgi?id=2226783","https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2024:0381","https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/security/cve/CVE-2023-39191","https://bugzilla.redhat.com/show_bug.cgi?id=2226783","https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/"],"published_time":"2023-10-04T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3576","summary":"A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05745,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6575","https://access.redhat.com/security/cve/CVE-2023-3576","https://bugzilla.redhat.com/show_bug.cgi?id=2219340","https://access.redhat.com/errata/RHSA-2023:6575","https://access.redhat.com/security/cve/CVE-2023-3576","https://bugzilla.redhat.com/show_bug.cgi?id=2219340","https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html"],"published_time":"2023-10-04T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3971","summary":"An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.00395,"ranking_epss":0.60343,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4340","https://access.redhat.com/errata/RHSA-2023:4590","https://access.redhat.com/security/cve/CVE-2023-3971","https://bugzilla.redhat.com/show_bug.cgi?id=2226965","https://access.redhat.com/errata/RHSA-2023:4340","https://access.redhat.com/errata/RHSA-2023:4590","https://access.redhat.com/security/cve/CVE-2023-3971","https://bugzilla.redhat.com/show_bug.cgi?id=2226965"],"published_time":"2023-10-04T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4380","summary":"A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credentials from the log, resulting in the loss of confidentiality, integrity, and availability.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.2234,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4693","https://access.redhat.com/security/cve/CVE-2023-4380","https://bugzilla.redhat.com/show_bug.cgi?id=2232324","https://access.redhat.com/errata/RHSA-2023:4693","https://access.redhat.com/security/cve/CVE-2023-4380","https://bugzilla.redhat.com/show_bug.cgi?id=2232324"],"published_time":"2023-10-04T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4132","summary":"A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-4132","https://bugzilla.redhat.com/show_bug.cgi?id=2147372","https://access.redhat.com/security/cve/CVE-2022-4132","https://bugzilla.redhat.com/show_bug.cgi?id=2147372"],"published_time":"2023-10-04T12:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3153","summary":"A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00069,"ranking_epss":0.21223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3153","https://bugzilla.redhat.com/show_bug.cgi?id=2213279","https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd","https://github.com/ovn-org/ovn/issues/198","https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html","https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html","https://access.redhat.com/security/cve/CVE-2023-3153","https://bugzilla.redhat.com/show_bug.cgi?id=2213279","https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd","https://github.com/ovn-org/ovn/issues/198","https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html","https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html"],"published_time":"2023-10-04T12:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2422","summary":"A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00294,"ranking_epss":0.52736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/security/cve/CVE-2023-2422","https://bugzilla.redhat.com/show_bug.cgi?id=2191668","https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/security/cve/CVE-2023-2422","https://bugzilla.redhat.com/show_bug.cgi?id=2191668"],"published_time":"2023-10-04T11:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4911","summary":"A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.74256,"ranking_epss":0.9884,"kev":true,"propose_action":"GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileges.","ransomware_campaign":"Unknown","references":["https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5454","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:5476","https://access.redhat.com/errata/RHSA-2024:0033","https://access.redhat.com/security/cve/CVE-2023-4911","https://bugzilla.redhat.com/show_bug.cgi?id=2238352","https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt","https://www.qualys.com/cve-2023-4911/","http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html","http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html","http://seclists.org/fulldisclosure/2023/Oct/11","http://www.openwall.com/lists/oss-security/2023/10/03/2","http://www.openwall.com/lists/oss-security/2023/10/03/3","http://www.openwall.com/lists/oss-security/2023/10/05/1","http://www.openwall.com/lists/oss-security/2023/10/13/11","http://www.openwall.com/lists/oss-security/2023/10/14/3","http://www.openwall.com/lists/oss-security/2023/10/14/5","http://www.openwall.com/lists/oss-security/2023/10/14/6","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5454","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:5476","https://access.redhat.com/errata/RHSA-2024:0033","https://access.redhat.com/security/cve/CVE-2023-4911","https://bugzilla.redhat.com/show_bug.cgi?id=2238352","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/","https://security.gentoo.org/glsa/202310-03","https://security.netapp.com/advisory/ntap-20231013-0006/","https://www.debian.org/security/2023/dsa-5514","https://www.exploit-db.com/exploits/52479","https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt","https://www.qualys.com/cve-2023-4911/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"],"published_time":"2023-10-03T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4732","summary":"A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02254,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2023:7539","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/security/cve/CVE-2023-4732","https://bugzilla.redhat.com/show_bug.cgi?id=2236982","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2023:7539","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/security/cve/CVE-2023-4732","https://bugzilla.redhat.com/show_bug.cgi?id=2236982"],"published_time":"2023-10-03T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-44488","summary":"VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01446,"ranking_epss":0.80745,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/09/30/4","https://bugzilla.redhat.com/show_bug.cgi?id=2241806","https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f","https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937","https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1","https://github.com/webmproject/libvpx/releases/tag/v1.13.1","https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","https://security.gentoo.org/glsa/202310-04","https://www.debian.org/security/2023/dsa-5518","http://www.openwall.com/lists/oss-security/2023/09/30/4","https://bugzilla.redhat.com/show_bug.cgi?id=2241806","https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f","https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937","https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1","https://github.com/webmproject/libvpx/releases/tag/v1.13.1","https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","https://security.gentoo.org/glsa/202310-04","https://www.debian.org/security/2023/dsa-5518"],"published_time":"2023-09-30T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5217","summary":"Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.03573,"ranking_epss":0.87731,"kev":true,"propose_action":"Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.","ransomware_campaign":"Unknown","references":["http://seclists.org/fulldisclosure/2023/Oct/12","http://seclists.org/fulldisclosure/2023/Oct/16","http://www.openwall.com/lists/oss-security/2023/09/28/5","http://www.openwall.com/lists/oss-security/2023/09/28/6","http://www.openwall.com/lists/oss-security/2023/09/29/1","http://www.openwall.com/lists/oss-security/2023/09/29/11","http://www.openwall.com/lists/oss-security/2023/09/29/12","http://www.openwall.com/lists/oss-security/2023/09/29/14","http://www.openwall.com/lists/oss-security/2023/09/29/2","http://www.openwall.com/lists/oss-security/2023/09/29/7","http://www.openwall.com/lists/oss-security/2023/09/29/9","http://www.openwall.com/lists/oss-security/2023/09/30/1","http://www.openwall.com/lists/oss-security/2023/09/30/2","http://www.openwall.com/lists/oss-security/2023/09/30/3","http://www.openwall.com/lists/oss-security/2023/09/30/4","http://www.openwall.com/lists/oss-security/2023/09/30/5","http://www.openwall.com/lists/oss-security/2023/10/01/1","http://www.openwall.com/lists/oss-security/2023/10/01/2","http://www.openwall.com/lists/oss-security/2023/10/01/5","http://www.openwall.com/lists/oss-security/2023/10/02/6","http://www.openwall.com/lists/oss-security/2023/10/03/11","https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","https://bugzilla.redhat.com/show_bug.cgi?id=2241191","https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","https://crbug.com/1486441","https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","https://github.com/webmproject/libvpx/releases/tag/v1.13.1","https://github.com/webmproject/libvpx/tags","https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","https://pastebin.com/TdkC4pDv","https://security-tracker.debian.org/tracker/CVE-2023-5217","https://security.gentoo.org/glsa/202310-04","https://security.gentoo.org/glsa/202401-34","https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","https://support.apple.com/kb/HT213961","https://support.apple.com/kb/HT213972","https://twitter.com/maddiestone/status/1707163313711497266","https://www.debian.org/security/2023/dsa-5508","https://www.debian.org/security/2023/dsa-5509","https://www.debian.org/security/2023/dsa-5510","https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","https://www.openwall.com/lists/oss-security/2023/09/28/5","http://seclists.org/fulldisclosure/2023/Oct/12","http://seclists.org/fulldisclosure/2023/Oct/16","http://www.openwall.com/lists/oss-security/2023/09/28/5","http://www.openwall.com/lists/oss-security/2023/09/28/6","http://www.openwall.com/lists/oss-security/2023/09/29/1","http://www.openwall.com/lists/oss-security/2023/09/29/11","http://www.openwall.com/lists/oss-security/2023/09/29/12","http://www.openwall.com/lists/oss-security/2023/09/29/14","http://www.openwall.com/lists/oss-security/2023/09/29/2","http://www.openwall.com/lists/oss-security/2023/09/29/7","http://www.openwall.com/lists/oss-security/2023/09/29/9","http://www.openwall.com/lists/oss-security/2023/09/30/1","http://www.openwall.com/lists/oss-security/2023/09/30/2","http://www.openwall.com/lists/oss-security/2023/09/30/3","http://www.openwall.com/lists/oss-security/2023/09/30/4","http://www.openwall.com/lists/oss-security/2023/09/30/5","http://www.openwall.com/lists/oss-security/2023/10/01/1","http://www.openwall.com/lists/oss-security/2023/10/01/2","http://www.openwall.com/lists/oss-security/2023/10/01/5","http://www.openwall.com/lists/oss-security/2023/10/02/6","http://www.openwall.com/lists/oss-security/2023/10/03/11","https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","https://bugzilla.redhat.com/show_bug.cgi?id=2241191","https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","https://crbug.com/1486441","https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","https://github.com/webmproject/libvpx/releases/tag/v1.13.1","https://github.com/webmproject/libvpx/tags","https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","https://pastebin.com/TdkC4pDv","https://security-tracker.debian.org/tracker/CVE-2023-5217","https://security.gentoo.org/glsa/202310-04","https://security.gentoo.org/glsa/202401-34","https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","https://support.apple.com/kb/HT213961","https://support.apple.com/kb/HT213972","https://twitter.com/maddiestone/status/1707163313711497266","https://www.debian.org/security/2023/dsa-5508","https://www.debian.org/security/2023/dsa-5509","https://www.debian.org/security/2023/dsa-5510","https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","https://www.openwall.com/lists/oss-security/2023/09/28/5","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217"],"published_time":"2023-09-28T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5215","summary":"A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14329,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2204","https://access.redhat.com/security/cve/CVE-2023-5215","https://bugzilla.redhat.com/show_bug.cgi?id=2241041","https://listman.redhat.com/archives/libguestfs/2023-September/032635.html","https://access.redhat.com/errata/RHSA-2024:2204","https://access.redhat.com/security/cve/CVE-2023-5215","https://bugzilla.redhat.com/show_bug.cgi?id=2241041","https://listman.redhat.com/archives/libguestfs/2023-September/032635.html"],"published_time":"2023-09-28T14:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-42756","summary":"A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":4e-05,"ranking_epss":0.00197,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/security/cve/CVE-2023-42756","https://bugzilla.redhat.com/show_bug.cgi?id=2239848","https://seclists.org/oss-sec/2023/q3/242","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/security/cve/CVE-2023-42756","https://bugzilla.redhat.com/show_bug.cgi?id=2239848","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/","https://seclists.org/oss-sec/2023/q3/242"],"published_time":"2023-09-28T14:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4066","summary":"A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12533,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4720","https://access.redhat.com/security/cve/CVE-2023-4066","https://bugzilla.redhat.com/show_bug.cgi?id=2224677","https://access.redhat.com/errata/RHSA-2023:4720","https://access.redhat.com/security/cve/CVE-2023-4066","https://bugzilla.redhat.com/show_bug.cgi?id=2224677"],"published_time":"2023-09-27T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5157","summary":"A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00596,"ranking_epss":0.69331,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5259","https://access.redhat.com/errata/RHSA-2023:5683","https://access.redhat.com/errata/RHSA-2023:5684","https://access.redhat.com/errata/RHSA-2023:6821","https://access.redhat.com/errata/RHSA-2023:6822","https://access.redhat.com/errata/RHSA-2023:6883","https://access.redhat.com/errata/RHSA-2023:7633","https://access.redhat.com/security/cve/CVE-2023-5157","https://bugzilla.redhat.com/show_bug.cgi?id=2240246","https://access.redhat.com/errata/RHSA-2023:5683","https://access.redhat.com/errata/RHSA-2023:5684","https://access.redhat.com/errata/RHSA-2023:6821","https://access.redhat.com/errata/RHSA-2023:6822","https://access.redhat.com/errata/RHSA-2023:6883","https://access.redhat.com/errata/RHSA-2023:7633","https://access.redhat.com/security/cve/CVE-2023-5157","https://bugzilla.redhat.com/show_bug.cgi?id=2240246"],"published_time":"2023-09-27T15:19:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4065","summary":"A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4720","https://access.redhat.com/security/cve/CVE-2023-4065","https://bugzilla.redhat.com/show_bug.cgi?id=2224630","https://access.redhat.com/errata/RHSA-2023:4720","https://access.redhat.com/security/cve/CVE-2023-4065","https://bugzilla.redhat.com/show_bug.cgi?id=2224630"],"published_time":"2023-09-27T15:19:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3223","summary":"A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00879,"ranking_epss":0.75346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4505","https://access.redhat.com/errata/RHSA-2023:4506","https://access.redhat.com/errata/RHSA-2023:4507","https://access.redhat.com/errata/RHSA-2023:4509","https://access.redhat.com/errata/RHSA-2023:4918","https://access.redhat.com/errata/RHSA-2023:4919","https://access.redhat.com/errata/RHSA-2023:4920","https://access.redhat.com/errata/RHSA-2023:4921","https://access.redhat.com/errata/RHSA-2023:4924","https://access.redhat.com/errata/RHSA-2023:7247","https://access.redhat.com/security/cve/CVE-2023-3223","https://bugzilla.redhat.com/show_bug.cgi?id=2209689","https://security.netapp.com/advisory/ntap-20231027-0004/","https://access.redhat.com/errata/RHSA-2023:4505","https://access.redhat.com/errata/RHSA-2023:4506","https://access.redhat.com/errata/RHSA-2023:4507","https://access.redhat.com/errata/RHSA-2023:4509","https://access.redhat.com/errata/RHSA-2023:4918","https://access.redhat.com/errata/RHSA-2023:4919","https://access.redhat.com/errata/RHSA-2023:4920","https://access.redhat.com/errata/RHSA-2023:4921","https://access.redhat.com/errata/RHSA-2023:4924","https://access.redhat.com/errata/RHSA-2023:7247","https://access.redhat.com/security/cve/CVE-2023-3223","https://bugzilla.redhat.com/show_bug.cgi?id=2209689","https://security.netapp.com/advisory/ntap-20231027-0004/"],"published_time":"2023-09-27T15:18:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-42753","summary":"An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.0237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7539","https://access.redhat.com/errata/RHSA-2023:7558","https://access.redhat.com/errata/RHSA-2024:0089","https://access.redhat.com/errata/RHSA-2024:0113","https://access.redhat.com/errata/RHSA-2024:0134","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0346","https://access.redhat.com/errata/RHSA-2024:0347","https://access.redhat.com/errata/RHSA-2024:0371","https://access.redhat.com/errata/RHSA-2024:0376","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0402","https://access.redhat.com/errata/RHSA-2024:0403","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0562","https://access.redhat.com/errata/RHSA-2024:0563","https://access.redhat.com/errata/RHSA-2024:0593","https://access.redhat.com/errata/RHSA-2024:0999","https://access.redhat.com/security/cve/CVE-2023-42753","https://bugzilla.redhat.com/show_bug.cgi?id=2239843","https://seclists.org/oss-sec/2023/q3/216","http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7539","https://access.redhat.com/errata/RHSA-2023:7558","https://access.redhat.com/errata/RHSA-2024:0089","https://access.redhat.com/errata/RHSA-2024:0113","https://access.redhat.com/errata/RHSA-2024:0134","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0346","https://access.redhat.com/errata/RHSA-2024:0347","https://access.redhat.com/errata/RHSA-2024:0371","https://access.redhat.com/errata/RHSA-2024:0376","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0402","https://access.redhat.com/errata/RHSA-2024:0403","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0562","https://access.redhat.com/errata/RHSA-2024:0563","https://access.redhat.com/errata/RHSA-2024:0593","https://access.redhat.com/errata/RHSA-2024:0999","https://access.redhat.com/security/cve/CVE-2023-42753","https://bugzilla.redhat.com/show_bug.cgi?id=2239843","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://seclists.org/oss-sec/2023/q3/216","https://www.openwall.com/lists/oss-security/2023/09/22/10"],"published_time":"2023-09-25T21:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4318","summary":"A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12659,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:1033","https://access.redhat.com/errata/RHSA-2023:1503","https://access.redhat.com/security/cve/CVE-2022-4318","https://bugzilla.redhat.com/show_bug.cgi?id=2152703","https://access.redhat.com/errata/RHSA-2023:1033","https://access.redhat.com/errata/RHSA-2023:1503","https://access.redhat.com/security/cve/CVE-2022-4318","https://bugzilla.redhat.com/show_bug.cgi?id=2152703"],"published_time":"2023-09-25T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4137","summary":"A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00529,"ranking_epss":0.67192,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:1043","https://access.redhat.com/errata/RHSA-2023:1044","https://access.redhat.com/errata/RHSA-2023:1045","https://access.redhat.com/errata/RHSA-2023:1049","https://access.redhat.com/security/cve/CVE-2022-4137","https://bugzilla.redhat.com/show_bug.cgi?id=2148496","https://access.redhat.com/errata/RHSA-2023:1043","https://access.redhat.com/errata/RHSA-2023:1044","https://access.redhat.com/errata/RHSA-2023:1045","https://access.redhat.com/errata/RHSA-2023:1049","https://access.redhat.com/security/cve/CVE-2022-4137","https://bugzilla.redhat.com/show_bug.cgi?id=2148496"],"published_time":"2023-09-25T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4156","summary":"A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-4156","https://bugzilla.redhat.com/show_bug.cgi?id=2215930","https://access.redhat.com/security/cve/CVE-2023-4156","https://bugzilla.redhat.com/show_bug.cgi?id=2215930"],"published_time":"2023-09-25T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-5156","summary":"A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.18106,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-5156","https://bugzilla.redhat.com/show_bug.cgi?id=2240541","https://sourceware.org/bugzilla/show_bug.cgi?id=30884","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796","http://www.openwall.com/lists/oss-security/2023/10/03/4","http://www.openwall.com/lists/oss-security/2023/10/03/5","http://www.openwall.com/lists/oss-security/2023/10/03/6","http://www.openwall.com/lists/oss-security/2023/10/03/8","https://access.redhat.com/security/cve/CVE-2023-5156","https://bugzilla.redhat.com/show_bug.cgi?id=2240541","https://security.gentoo.org/glsa/202402-01","https://sourceware.org/bugzilla/show_bug.cgi?id=30884","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"],"published_time":"2023-09-25T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3962","summary":"A content spoofing vulnerability was found in Kiali. It was discovered that Kiali does not implement error handling when the page or endpoint being accessed cannot be found. This issue allows an attacker to perform arbitrary text injection when an error response is retrieved from the URL being accessed.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00107,"ranking_epss":0.28943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:0542","https://access.redhat.com/security/cve/CVE-2022-3962","https://bugzilla.redhat.com/show_bug.cgi?id=2148661","https://access.redhat.com/errata/RHSA-2023:0542","https://access.redhat.com/security/cve/CVE-2022-3962","https://bugzilla.redhat.com/show_bug.cgi?id=2148661"],"published_time":"2023-09-23T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4039","summary":"A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.","cvss":8.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.0,"cvss_v4":null,"epss":0.00121,"ranking_epss":0.31197,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:1047","https://access.redhat.com/security/cve/CVE-2022-4039","https://bugzilla.redhat.com/show_bug.cgi?id=2143416","https://access.redhat.com/errata/RHSA-2023:1047","https://access.redhat.com/security/cve/CVE-2022-4039","https://bugzilla.redhat.com/show_bug.cgi?id=2143416"],"published_time":"2023-09-22T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3916","summary":"A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00226,"ranking_epss":0.4543,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2022:8961","https://access.redhat.com/errata/RHSA-2022:8962","https://access.redhat.com/errata/RHSA-2022:8963","https://access.redhat.com/errata/RHSA-2022:8964","https://access.redhat.com/errata/RHSA-2022:8965","https://access.redhat.com/errata/RHSA-2023:1043","https://access.redhat.com/errata/RHSA-2023:1044","https://access.redhat.com/errata/RHSA-2023:1045","https://access.redhat.com/errata/RHSA-2023:1047","https://access.redhat.com/errata/RHSA-2023:1049","https://access.redhat.com/security/cve/CVE-2022-3916","https://bugzilla.redhat.com/show_bug.cgi?id=2141404","https://access.redhat.com/errata/RHSA-2022:8961","https://access.redhat.com/errata/RHSA-2022:8962","https://access.redhat.com/errata/RHSA-2022:8963","https://access.redhat.com/errata/RHSA-2022:8964","https://access.redhat.com/errata/RHSA-2022:8965","https://access.redhat.com/errata/RHSA-2023:1043","https://access.redhat.com/errata/RHSA-2023:1044","https://access.redhat.com/errata/RHSA-2023:1045","https://access.redhat.com/errata/RHSA-2023:1047","https://access.redhat.com/errata/RHSA-2023:1049","https://access.redhat.com/security/cve/CVE-2022-3916","https://bugzilla.redhat.com/show_bug.cgi?id=2141404"],"published_time":"2023-09-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0118","summary":"An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4466","https://access.redhat.com/errata/RHSA-2023:5979","https://access.redhat.com/errata/RHSA-2023:5980","https://access.redhat.com/errata/RHSA-2023:6818","https://access.redhat.com/security/cve/CVE-2023-0118","https://bugzilla.redhat.com/show_bug.cgi?id=2159291","https://access.redhat.com/errata/RHSA-2023:4466","https://access.redhat.com/errata/RHSA-2023:5979","https://access.redhat.com/errata/RHSA-2023:5980","https://access.redhat.com/errata/RHSA-2023:6818","https://access.redhat.com/security/cve/CVE-2023-0118","https://bugzilla.redhat.com/show_bug.cgi?id=2159291"],"published_time":"2023-09-20T14:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4853","summary":"A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00455,"ranking_epss":0.63826,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5170","https://access.redhat.com/errata/RHSA-2023:5310","https://access.redhat.com/errata/RHSA-2023:5337","https://access.redhat.com/errata/RHSA-2023:5446","https://access.redhat.com/errata/RHSA-2023:5479","https://access.redhat.com/errata/RHSA-2023:5480","https://access.redhat.com/errata/RHSA-2023:6107","https://access.redhat.com/errata/RHSA-2023:6112","https://access.redhat.com/errata/RHSA-2023:7653","https://access.redhat.com/security/cve/CVE-2023-4853","https://access.redhat.com/security/vulnerabilities/RHSB-2023-002","https://bugzilla.redhat.com/show_bug.cgi?id=2238034","https://access.redhat.com/errata/RHSA-2023:5170","https://access.redhat.com/errata/RHSA-2023:5310","https://access.redhat.com/errata/RHSA-2023:5337","https://access.redhat.com/errata/RHSA-2023:5446","https://access.redhat.com/errata/RHSA-2023:5479","https://access.redhat.com/errata/RHSA-2023:5480","https://access.redhat.com/errata/RHSA-2023:6107","https://access.redhat.com/errata/RHSA-2023:6112","https://access.redhat.com/errata/RHSA-2023:7653","https://access.redhat.com/security/cve/CVE-2023-4853","https://access.redhat.com/security/vulnerabilities/RHSB-2023-002","https://bugzilla.redhat.com/show_bug.cgi?id=2238034"],"published_time":"2023-09-20T10:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4527","summary":"A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28565,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/security/cve/CVE-2023-4527","https://bugzilla.redhat.com/show_bug.cgi?id=2234712","http://www.openwall.com/lists/oss-security/2023/09/25/1","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/security/cve/CVE-2023-4527","https://bugzilla.redhat.com/show_bug.cgi?id=2234712","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/","https://security.gentoo.org/glsa/202310-03","https://security.netapp.com/advisory/ntap-20231116-0012/"],"published_time":"2023-09-18T17:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4806","summary":"A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01895,"ranking_epss":0.83206,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHBA-2024:2413","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:7409","https://access.redhat.com/security/cve/CVE-2023-4806","https://bugzilla.redhat.com/show_bug.cgi?id=2237782","http://www.openwall.com/lists/oss-security/2023/10/03/4","http://www.openwall.com/lists/oss-security/2023/10/03/5","http://www.openwall.com/lists/oss-security/2023/10/03/6","http://www.openwall.com/lists/oss-security/2023/10/03/8","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:7409","https://access.redhat.com/security/cve/CVE-2023-4806","https://bugzilla.redhat.com/show_bug.cgi?id=2237782","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/","https://security.gentoo.org/glsa/202310-03","https://security.netapp.com/advisory/ntap-20240125-0008/"],"published_time":"2023-09-18T17:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0923","summary":"A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00137,"ranking_epss":0.33421,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:0977","https://access.redhat.com/security/cve/CVE-2023-0923","https://bugzilla.redhat.com/show_bug.cgi?id=2171870","https://access.redhat.com/errata/RHSA-2023:0977","https://access.redhat.com/security/cve/CVE-2023-0923","https://bugzilla.redhat.com/show_bug.cgi?id=2171870"],"published_time":"2023-09-15T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0813","summary":"A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29878,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:0786","https://access.redhat.com/security/cve/CVE-2023-0813","https://bugzilla.redhat.com/show_bug.cgi?id=2169468","https://access.redhat.com/errata/RHSA-2023:0786","https://access.redhat.com/security/cve/CVE-2023-0813","https://bugzilla.redhat.com/show_bug.cgi?id=2169468"],"published_time":"2023-09-15T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1108","summary":"A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00567,"ranking_epss":0.68502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:1184","https://access.redhat.com/errata/RHSA-2023:1185","https://access.redhat.com/errata/RHSA-2023:1512","https://access.redhat.com/errata/RHSA-2023:1513","https://access.redhat.com/errata/RHSA-2023:1514","https://access.redhat.com/errata/RHSA-2023:1516","https://access.redhat.com/errata/RHSA-2023:2135","https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/errata/RHSA-2023:3954","https://access.redhat.com/errata/RHSA-2023:4612","https://access.redhat.com/security/cve/CVE-2023-1108","https://bugzilla.redhat.com/show_bug.cgi?id=2174246","https://github.com/advisories/GHSA-m4mm-pg93-fv78","https://security.netapp.com/advisory/ntap-20231020-0002/","https://access.redhat.com/errata/RHSA-2023:1184","https://access.redhat.com/errata/RHSA-2023:1185","https://access.redhat.com/errata/RHSA-2023:1512","https://access.redhat.com/errata/RHSA-2023:1513","https://access.redhat.com/errata/RHSA-2023:1514","https://access.redhat.com/errata/RHSA-2023:1516","https://access.redhat.com/errata/RHSA-2023:2135","https://access.redhat.com/errata/RHSA-2023:3883","https://access.redhat.com/errata/RHSA-2023:3884","https://access.redhat.com/errata/RHSA-2023:3885","https://access.redhat.com/errata/RHSA-2023:3888","https://access.redhat.com/errata/RHSA-2023:3892","https://access.redhat.com/errata/RHSA-2023:3954","https://access.redhat.com/errata/RHSA-2023:4612","https://access.redhat.com/security/cve/CVE-2023-1108","https://bugzilla.redhat.com/show_bug.cgi?id=2174246","https://github.com/advisories/GHSA-m4mm-pg93-fv78","https://security.netapp.com/advisory/ntap-20231020-0002/"],"published_time":"2023-09-14T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3301","summary":"A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.","cvss":5.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.6,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00302,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3301","https://bugzilla.redhat.com/show_bug.cgi?id=2215784","https://security.netapp.com/advisory/ntap-20231020-0008/","https://access.redhat.com/security/cve/CVE-2023-3301","https://bugzilla.redhat.com/show_bug.cgi?id=2215784","https://security.netapp.com/advisory/ntap-20231020-0008/"],"published_time":"2023-09-13T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4155","summary":"A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`).","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-4155","https://bugzilla.redhat.com/show_bug.cgi?id=2213802","https://access.redhat.com/security/cve/CVE-2023-4155","https://bugzilla.redhat.com/show_bug.cgi?id=2213802"],"published_time":"2023-09-13T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2680","summary":"This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2680","https://bugzilla.redhat.com/show_bug.cgi?id=2203387","https://security.netapp.com/advisory/ntap-20231116-0001/","https://access.redhat.com/security/cve/CVE-2023-2680","https://bugzilla.redhat.com/show_bug.cgi?id=2203387","https://security.netapp.com/advisory/ntap-20231116-0001/"],"published_time":"2023-09-13T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3255","summary":"A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00117,"ranking_epss":0.30537,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-3255","https://bugzilla.redhat.com/show_bug.cgi?id=2218486","https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/errata/RHSA-2024:2962","https://access.redhat.com/security/cve/CVE-2023-3255","https://bugzilla.redhat.com/show_bug.cgi?id=2218486","https://security.netapp.com/advisory/ntap-20231020-0008/"],"published_time":"2023-09-13T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4813","summary":"A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00304,"ranking_epss":0.53668,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHBA-2024:2413","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:7409","https://access.redhat.com/security/cve/CVE-2023-4813","https://bugzilla.redhat.com/show_bug.cgi?id=2237798","http://www.openwall.com/lists/oss-security/2023/10/03/8","https://access.redhat.com/errata/RHSA-2023:5453","https://access.redhat.com/errata/RHSA-2023:5455","https://access.redhat.com/errata/RHSA-2023:7409","https://access.redhat.com/security/cve/CVE-2023-4813","https://bugzilla.redhat.com/show_bug.cgi?id=2237798","https://security.netapp.com/advisory/ntap-20231110-0003/"],"published_time":"2023-09-12T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0119","summary":"A stored Cross-site scripting vulnerability was found in foreman. The Comment section in the Hosts tab has incorrect filtering of user input data. As a result of the attack, an attacker with an existing account on the system can steal another user's session, make requests on behalf of the user, and obtain user credentials.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00231,"ranking_epss":0.45966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:3387","https://access.redhat.com/errata/RHSA-2023:6818","https://access.redhat.com/security/cve/CVE-2023-0119","https://bugzilla.redhat.com/show_bug.cgi?id=2159104","https://projects.theforeman.org/issues/35977","https://access.redhat.com/errata/RHSA-2023:3387","https://access.redhat.com/errata/RHSA-2023:6818","https://access.redhat.com/security/cve/CVE-2023-0119","https://bugzilla.redhat.com/show_bug.cgi?id=2159104","https://projects.theforeman.org/issues/35977"],"published_time":"2023-09-12T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4569","summary":"A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01896,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-4569","https://bugzilla.redhat.com/show_bug.cgi?id=2235470","https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230812110526.49808-1-fw@strlen.de/","https://www.debian.org/security/2023/dsa-5492","https://access.redhat.com/security/cve/CVE-2023-4569","https://bugzilla.redhat.com/show_bug.cgi?id=2235470","https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230812110526.49808-1-fw@strlen.de/","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-08-28T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38201","summary":"A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06129,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5080","https://access.redhat.com/security/cve/CVE-2023-38201","https://bugzilla.redhat.com/show_bug.cgi?id=2222693","https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a","https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww","https://access.redhat.com/errata/RHSA-2023:5080","https://access.redhat.com/security/cve/CVE-2023-38201","https://bugzilla.redhat.com/show_bug.cgi?id=2222693","https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a","https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/"],"published_time":"2023-08-25T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4042","summary":"A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7053","https://access.redhat.com/security/cve/CVE-2023-4042","https://bugzilla.redhat.com/show_bug.cgi?id=1870257","https://bugzilla.redhat.com/show_bug.cgi?id=2228151","https://access.redhat.com/errata/RHSA-2023:7053","https://access.redhat.com/security/cve/CVE-2023-4042","https://bugzilla.redhat.com/show_bug.cgi?id=1870257","https://bugzilla.redhat.com/show_bug.cgi?id=2228151"],"published_time":"2023-08-23T13:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3899","summary":"A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.0724,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4701","https://access.redhat.com/errata/RHSA-2023:4702","https://access.redhat.com/errata/RHSA-2023:4703","https://access.redhat.com/errata/RHSA-2023:4704","https://access.redhat.com/errata/RHSA-2023:4705","https://access.redhat.com/errata/RHSA-2023:4706","https://access.redhat.com/errata/RHSA-2023:4707","https://access.redhat.com/errata/RHSA-2023:4708","https://access.redhat.com/security/cve/CVE-2023-3899","https://bugzilla.redhat.com/show_bug.cgi?id=2225407","https://access.redhat.com/errata/RHSA-2023:4701","https://access.redhat.com/errata/RHSA-2023:4702","https://access.redhat.com/errata/RHSA-2023:4703","https://access.redhat.com/errata/RHSA-2023:4704","https://access.redhat.com/errata/RHSA-2023:4705","https://access.redhat.com/errata/RHSA-2023:4706","https://access.redhat.com/errata/RHSA-2023:4707","https://access.redhat.com/errata/RHSA-2023:4708","https://access.redhat.com/security/cve/CVE-2023-3899","https://bugzilla.redhat.com/show_bug.cgi?id=2225407","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJHKSBBZRDFOBNDU35FUKMYQIQYT6UJQ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDIHGNLS3TZVX7X2F735OKI4KXPY4AH6/"],"published_time":"2023-08-23T11:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4459","summary":"A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00688,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-4459","https://bugzilla.redhat.com/show_bug.cgi?id=2219268","https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:1250","https://access.redhat.com/errata/RHSA-2024:1306","https://access.redhat.com/errata/RHSA-2024:1367","https://access.redhat.com/errata/RHSA-2024:1382","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-4459","https://bugzilla.redhat.com/show_bug.cgi?id=2219268","https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd"],"published_time":"2023-08-21T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4387","summary":"A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00917,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2022:7683","https://access.redhat.com/errata/RHSA-2022:8267","https://access.redhat.com/security/cve/CVE-2023-4387","https://bugzilla.redhat.com/show_bug.cgi?id=2219270","https://github.com/torvalds/linux/commit/9e7fef9521e73ca8afd7da9e58c14654b02dfad8","https://access.redhat.com/security/cve/CVE-2023-4387","https://bugzilla.redhat.com/show_bug.cgi?id=2219270","https://github.com/torvalds/linux/commit/9e7fef9521e73ca8afd7da9e58c14654b02dfad8"],"published_time":"2023-08-16T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39417","summary":"IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00659,"ranking_epss":0.71053,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-39417","https://bugzilla.redhat.com/show_bug.cgi?id=2228111","https://www.postgresql.org/support/security/CVE-2023-39417","https://access.redhat.com/errata/RHSA-2023:7545","https://access.redhat.com/errata/RHSA-2023:7579","https://access.redhat.com/errata/RHSA-2023:7580","https://access.redhat.com/errata/RHSA-2023:7581","https://access.redhat.com/errata/RHSA-2023:7616","https://access.redhat.com/errata/RHSA-2023:7656","https://access.redhat.com/errata/RHSA-2023:7666","https://access.redhat.com/errata/RHSA-2023:7667","https://access.redhat.com/errata/RHSA-2023:7694","https://access.redhat.com/errata/RHSA-2023:7695","https://access.redhat.com/errata/RHSA-2023:7714","https://access.redhat.com/errata/RHSA-2023:7770","https://access.redhat.com/errata/RHSA-2023:7772","https://access.redhat.com/errata/RHSA-2023:7784","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/errata/RHSA-2024:0304","https://access.redhat.com/errata/RHSA-2024:0332","https://access.redhat.com/errata/RHSA-2024:0337","https://access.redhat.com/security/cve/CVE-2023-39417","https://bugzilla.redhat.com/show_bug.cgi?id=2228111","https://lists.debian.org/debian-lts-announce/2023/10/msg00003.html","https://security.netapp.com/advisory/ntap-20230915-0002/","https://www.debian.org/security/2023/dsa-5553","https://www.debian.org/security/2023/dsa-5554","https://www.postgresql.org/support/security/CVE-2023-39417"],"published_time":"2023-08-11T13:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-39418","summary":"A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00439,"ranking_epss":0.6313,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/security/cve/CVE-2023-39418","https://bugzilla.redhat.com/show_bug.cgi?id=2228112","https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229","https://www.postgresql.org/support/security/CVE-2023-39418/","https://access.redhat.com/errata/RHSA-2023:7785","https://access.redhat.com/errata/RHSA-2023:7883","https://access.redhat.com/errata/RHSA-2023:7884","https://access.redhat.com/errata/RHSA-2023:7885","https://access.redhat.com/security/cve/CVE-2023-39418","https://bugzilla.redhat.com/show_bug.cgi?id=2228112","https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229","https://security.netapp.com/advisory/ntap-20230915-0002/","https://www.debian.org/security/2023/dsa-5553","https://www.postgresql.org/support/security/CVE-2023-39418/"],"published_time":"2023-08-11T13:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-40982","summary":"Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00853,"ranking_epss":0.74921,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html","https://access.redhat.com/solutions/7027704","https://aws.amazon.com/security/security-bulletins/AWS-2023-007/","https://downfall.page","https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html","https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/","https://security.netapp.com/advisory/ntap-20230811-0001/","https://www.debian.org/security/2023/dsa-5474","https://www.debian.org/security/2023/dsa-5475","https://xenbits.xen.org/xsa/advisory-435.html","http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html","http://xenbits.xen.org/xsa/advisory-435.html","https://access.redhat.com/solutions/7027704","https://aws.amazon.com/security/security-bulletins/AWS-2023-007/","https://downfall.page","https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html","https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF/","https://security.netapp.com/advisory/ntap-20230811-0001/","https://www.debian.org/security/2023/dsa-5474","https://www.debian.org/security/2023/dsa-5475","https://xenbits.xen.org/xsa/advisory-435.html"],"published_time":"2023-08-11T03:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4273","summary":"A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20311,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-4273","https://bugzilla.redhat.com/show_bug.cgi?id=2221609","https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-4273","https://bugzilla.redhat.com/show_bug.cgi?id=2221609","https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/","https://security.netapp.com/advisory/ntap-20231027-0002/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-08-09T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4147","summary":"A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.36982,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5069","https://access.redhat.com/errata/RHSA-2023:5091","https://access.redhat.com/errata/RHSA-2023:5093","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/security/cve/CVE-2023-4147","https://bugzilla.redhat.com/show_bug.cgi?id=2225239","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211","https://www.spinics.net/lists/stable/msg671573.html","https://access.redhat.com/errata/RHSA-2023:5069","https://access.redhat.com/errata/RHSA-2023:5091","https://access.redhat.com/errata/RHSA-2023:5093","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/security/cve/CVE-2023-4147","https://bugzilla.redhat.com/show_bug.cgi?id=2225239","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://security.netapp.com/advisory/ntap-20231020-0006/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492","https://www.spinics.net/lists/stable/msg671573.html"],"published_time":"2023-08-07T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4194","summary":"A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 (\"tun: tun_chr_open(): correctly initialize socket uid\"), - 66b2c338adce (\"tap: tap_open(): correctly initialize socket uid\"), pass \"inode->i_uid\" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00282,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-4194","https://bugzilla.redhat.com/show_bug.cgi?id=2229498","https://lore.kernel.org/all/20230731164237.48365-1-lersek@redhat.com/","https://lore.kernel.org/all/20230731164237.48365-2-lersek@redhat.com/","https://lore.kernel.org/all/20230731164237.48365-3-lersek@redhat.com/","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-4194","https://bugzilla.redhat.com/show_bug.cgi?id=2229498","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/","https://lore.kernel.org/all/20230731164237.48365-1-lersek@redhat.com/","https://lore.kernel.org/all/20230731164237.48365-2-lersek@redhat.com/","https://lore.kernel.org/all/20230731164237.48365-3-lersek@redhat.com/","https://security.netapp.com/advisory/ntap-20231027-0002/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-08-07T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0264","summary":"A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.03942,"ranking_epss":0.88345,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-0264","https://access.redhat.com/security/cve/CVE-2023-0264"],"published_time":"2023-08-04T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4133","summary":"A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01299,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-4133","https://bugzilla.redhat.com/show_bug.cgi?id=2221702","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-4133","https://bugzilla.redhat.com/show_bug.cgi?id=2221702"],"published_time":"2023-08-03T15:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4132","summary":"A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user to crash the system, causing a denial of service condition.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01444,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/security/cve/CVE-2023-4132","https://bugzilla.redhat.com/show_bug.cgi?id=2221707","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:0724","https://access.redhat.com/security/cve/CVE-2023-4132","https://bugzilla.redhat.com/show_bug.cgi?id=2221707","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://security.netapp.com/advisory/ntap-20231020-0005/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-08-03T15:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38559","summary":"A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01937,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6544","https://access.redhat.com/errata/RHSA-2023:7053","https://access.redhat.com/security/cve/CVE-2023-38559","https://bugs.ghostscript.com/show_bug.cgi?id=706897","https://bugzilla.redhat.com/show_bug.cgi?id=2224367","https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1","https://access.redhat.com/errata/RHSA-2023:6544","https://access.redhat.com/errata/RHSA-2023:7053","https://access.redhat.com/security/cve/CVE-2023-38559","https://bugs.ghostscript.com/show_bug.cgi?id=706897","https://bugzilla.redhat.com/show_bug.cgi?id=2224367","https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1","https://lists.debian.org/debian-lts-announce/2023/08/msg00006.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBV6BTUREXM6DB3OGHGLMWGAZ3I45TXE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QH7ERAYSSXEYDWWY7LOV7CA5MIDZN3Z6/"],"published_time":"2023-08-01T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4004","summary":"A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03124,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4961","https://access.redhat.com/errata/RHSA-2023:4962","https://access.redhat.com/errata/RHSA-2023:4967","https://access.redhat.com/errata/RHSA-2023:5069","https://access.redhat.com/errata/RHSA-2023:5091","https://access.redhat.com/errata/RHSA-2023:5093","https://access.redhat.com/errata/RHSA-2023:5221","https://access.redhat.com/errata/RHSA-2023:5244","https://access.redhat.com/errata/RHSA-2023:5255","https://access.redhat.com/errata/RHSA-2023:5548","https://access.redhat.com/errata/RHSA-2023:5627","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7417","https://access.redhat.com/errata/RHSA-2023:7431","https://access.redhat.com/errata/RHSA-2023:7434","https://access.redhat.com/security/cve/CVE-2023-4004","https://bugzilla.redhat.com/show_bug.cgi?id=2225275","https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/","http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html","http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html","https://access.redhat.com/errata/RHSA-2023:4961","https://access.redhat.com/errata/RHSA-2023:4962","https://access.redhat.com/errata/RHSA-2023:4967","https://access.redhat.com/errata/RHSA-2023:5069","https://access.redhat.com/errata/RHSA-2023:5091","https://access.redhat.com/errata/RHSA-2023:5093","https://access.redhat.com/errata/RHSA-2023:5221","https://access.redhat.com/errata/RHSA-2023:5244","https://access.redhat.com/errata/RHSA-2023:5255","https://access.redhat.com/errata/RHSA-2023:5548","https://access.redhat.com/errata/RHSA-2023:5627","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7417","https://access.redhat.com/errata/RHSA-2023:7431","https://access.redhat.com/errata/RHSA-2023:7434","https://access.redhat.com/security/cve/CVE-2023-4004","https://bugzilla.redhat.com/show_bug.cgi?id=2225275","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/","https://security.netapp.com/advisory/ntap-20231027-0001/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-07-31T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-4010","summary":"A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.","cvss":4.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.6,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01902,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-4010","https://bugzilla.redhat.com/show_bug.cgi?id=2227726","https://github.com/wanrenmi/a-usb-kernel-bug","https://access.redhat.com/security/cve/CVE-2023-4010","https://bugzilla.redhat.com/show_bug.cgi?id=2227726","https://github.com/wanrenmi/a-usb-kernel-bug"],"published_time":"2023-07-31T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3772","summary":"A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01462,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/security/cve/CVE-2023-3772","https://bugzilla.redhat.com/show_bug.cgi?id=2218943","http://www.openwall.com/lists/oss-security/2023/08/10/1","http://www.openwall.com/lists/oss-security/2023/08/10/3","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/security/cve/CVE-2023-3772","https://bugzilla.redhat.com/show_bug.cgi?id=2218943","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-07-25T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3773","summary":"A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-3773","https://bugzilla.redhat.com/show_bug.cgi?id=2218944","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-3773","https://bugzilla.redhat.com/show_bug.cgi?id=2218944","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-07-25T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3640","summary":"A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00151,"ranking_epss":0.35774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/security/cve/CVE-2023-3640","https://bugzilla.redhat.com/show_bug.cgi?id=2217523","https://access.redhat.com/security/cve/CVE-2023-3640","https://bugzilla.redhat.com/show_bug.cgi?id=2217523"],"published_time":"2023-07-24T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3750","summary":"A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00115,"ranking_epss":0.30127,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6409","https://access.redhat.com/security/cve/CVE-2023-3750","https://bugzilla.redhat.com/show_bug.cgi?id=2222210","https://access.redhat.com/errata/RHSA-2023:6409","https://access.redhat.com/security/cve/CVE-2023-3750","https://bugzilla.redhat.com/show_bug.cgi?id=2222210","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/"],"published_time":"2023-07-24T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3812","summary":"An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00721,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6799","https://access.redhat.com/errata/RHSA-2023:6813","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7548","https://access.redhat.com/errata/RHSA-2023:7549","https://access.redhat.com/errata/RHSA-2023:7554","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0554","https://access.redhat.com/errata/RHSA-2024:0562","https://access.redhat.com/errata/RHSA-2024:0563","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:0593","https://access.redhat.com/errata/RHSA-2024:1961","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-3812","https://bugzilla.redhat.com/show_bug.cgi?id=2224048","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0","https://access.redhat.com/errata/RHSA-2023:6799","https://access.redhat.com/errata/RHSA-2023:6813","https://access.redhat.com/errata/RHSA-2023:7370","https://access.redhat.com/errata/RHSA-2023:7379","https://access.redhat.com/errata/RHSA-2023:7382","https://access.redhat.com/errata/RHSA-2023:7389","https://access.redhat.com/errata/RHSA-2023:7411","https://access.redhat.com/errata/RHSA-2023:7418","https://access.redhat.com/errata/RHSA-2023:7548","https://access.redhat.com/errata/RHSA-2023:7549","https://access.redhat.com/errata/RHSA-2023:7554","https://access.redhat.com/errata/RHSA-2024:0340","https://access.redhat.com/errata/RHSA-2024:0378","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0461","https://access.redhat.com/errata/RHSA-2024:0554","https://access.redhat.com/errata/RHSA-2024:0562","https://access.redhat.com/errata/RHSA-2024:0563","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:0593","https://access.redhat.com/errata/RHSA-2024:1961","https://access.redhat.com/errata/RHSA-2024:2006","https://access.redhat.com/errata/RHSA-2024:2008","https://access.redhat.com/security/cve/CVE-2023-3812","https://bugzilla.redhat.com/show_bug.cgi?id=2224048","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0"],"published_time":"2023-07-24T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38200","summary":"A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00711,"ranking_epss":0.72256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:5080","https://access.redhat.com/security/cve/CVE-2023-38200","https://bugzilla.redhat.com/show_bug.cgi?id=2222692","https://github.com/keylime/keylime/pull/1421","https://access.redhat.com/errata/RHSA-2023:5080","https://access.redhat.com/security/cve/CVE-2023-38200","https://bugzilla.redhat.com/show_bug.cgi?id=2222692","https://github.com/keylime/keylime/pull/1421","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/"],"published_time":"2023-07-24T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3019","summary":"A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01534,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0135","https://access.redhat.com/errata/RHSA-2024:0404","https://access.redhat.com/errata/RHSA-2024:0569","https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/security/cve/CVE-2023-3019","https://bugzilla.redhat.com/show_bug.cgi?id=2222351","https://access.redhat.com/errata/RHSA-2024:0135","https://access.redhat.com/errata/RHSA-2024:0404","https://access.redhat.com/errata/RHSA-2024:0569","https://access.redhat.com/errata/RHSA-2024:2135","https://access.redhat.com/security/cve/CVE-2023-3019","https://bugzilla.redhat.com/show_bug.cgi?id=2222351","https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html","https://security.netapp.com/advisory/ntap-20230831-0005/"],"published_time":"2023-07-24T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3567","summary":"A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00692,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0431","https://access.redhat.com/errata/RHSA-2024:0432","https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-3567","https://bugzilla.redhat.com/show_bug.cgi?id=2221463","https://www.spinics.net/lists/stable-commits/msg285184.html","http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html","http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html","https://access.redhat.com/errata/RHSA-2024:0412","https://access.redhat.com/errata/RHSA-2024:0431","https://access.redhat.com/errata/RHSA-2024:0432","https://access.redhat.com/errata/RHSA-2024:0439","https://access.redhat.com/errata/RHSA-2024:0448","https://access.redhat.com/errata/RHSA-2024:0575","https://access.redhat.com/errata/RHSA-2024:2394","https://access.redhat.com/errata/RHSA-2024:2950","https://access.redhat.com/errata/RHSA-2024:3138","https://access.redhat.com/security/cve/CVE-2023-3567","https://bugzilla.redhat.com/show_bug.cgi?id=2221463","https://www.spinics.net/lists/stable-commits/msg285184.html"],"published_time":"2023-07-24T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-33951","summary":"A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context of the kernel.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00293,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-33951","https://bugzilla.redhat.com/show_bug.cgi?id=2218195","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-33951","https://bugzilla.redhat.com/show_bug.cgi?id=2218195","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20110/"],"published_time":"2023-07-24T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-33952","summary":"A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.0093,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-33952","https://bugzilla.redhat.com/show_bug.cgi?id=2218212","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292","https://access.redhat.com/errata/RHSA-2023:6583","https://access.redhat.com/errata/RHSA-2023:6901","https://access.redhat.com/errata/RHSA-2023:7077","https://access.redhat.com/errata/RHSA-2024:1404","https://access.redhat.com/errata/RHSA-2024:4823","https://access.redhat.com/errata/RHSA-2024:4831","https://access.redhat.com/security/cve/CVE-2023-33952","https://bugzilla.redhat.com/show_bug.cgi?id=2218212","https://www.zerodayinitiative.com/advisories/ZDI-CAN-20292"],"published_time":"2023-07-24T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2127","summary":"An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01247,"ranking_epss":0.79306,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2022-2127","https://bugzilla.redhat.com/show_bug.cgi?id=2222791","https://www.samba.org/samba/security/CVE-2022-2127.html","https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2022-2127","https://bugzilla.redhat.com/show_bug.cgi?id=2222791","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","https://security.netapp.com/advisory/ntap-20230731-0010/","https://www.debian.org/security/2023/dsa-5477","https://www.samba.org/samba/security/CVE-2022-2127.html"],"published_time":"2023-07-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34966","summary":"An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.15899,"ranking_epss":0.94752,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/errata/RHSA-2024:4101","https://access.redhat.com/security/cve/CVE-2023-34966","https://bugzilla.redhat.com/show_bug.cgi?id=2222793","https://www.samba.org/samba/security/CVE-2023-34966","https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/errata/RHSA-2024:4101","https://access.redhat.com/security/cve/CVE-2023-34966","https://bugzilla.redhat.com/show_bug.cgi?id=2222793","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","https://security.netapp.com/advisory/ntap-20230731-0010/","https://www.debian.org/security/2023/dsa-5477","https://www.samba.org/samba/security/CVE-2023-34966"],"published_time":"2023-07-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34967","summary":"A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.21174,"ranking_epss":0.95664,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2023-34967","https://bugzilla.redhat.com/show_bug.cgi?id=2222794","https://www.samba.org/samba/security/CVE-2023-34967.html","https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2023-34967","https://bugzilla.redhat.com/show_bug.cgi?id=2222794","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","https://security.netapp.com/advisory/ntap-20230731-0010/","https://www.debian.org/security/2023/dsa-5477","https://www.samba.org/samba/security/CVE-2023-34967.html"],"published_time":"2023-07-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34968","summary":"A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.02387,"ranking_epss":0.8501,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2023-34968","https://bugzilla.redhat.com/show_bug.cgi?id=2222795","https://www.samba.org/samba/security/CVE-2023-34968.html","https://access.redhat.com/errata/RHSA-2023:6667","https://access.redhat.com/errata/RHSA-2023:7139","https://access.redhat.com/errata/RHSA-2024:0423","https://access.redhat.com/errata/RHSA-2024:0580","https://access.redhat.com/security/cve/CVE-2023-34968","https://bugzilla.redhat.com/show_bug.cgi?id=2222795","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","https://security.netapp.com/advisory/ntap-20230731-0010/","https://www.debian.org/security/2023/dsa-5477","https://www.samba.org/samba/security/CVE-2023-34968.html"],"published_time":"2023-07-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3347","summary":"A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured \"server signing = required\" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00419,"ranking_epss":0.61877,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:4325","https://access.redhat.com/errata/RHSA-2023:4328","https://access.redhat.com/security/cve/CVE-2023-3347","https://bugzilla.redhat.com/show_bug.cgi?id=2222792","https://www.samba.org/samba/security/CVE-2023-3347.html","https://access.redhat.com/errata/RHSA-2023:4325","https://access.redhat.com/errata/RHSA-2023:4328","https://access.redhat.com/security/cve/CVE-2023-3347","https://bugzilla.redhat.com/show_bug.cgi?id=2222792","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/","https://security.netapp.com/advisory/ntap-20230731-0010/","https://www.debian.org/security/2023/dsa-5477","https://www.samba.org/samba/security/CVE-2023-3347.html"],"published_time":"2023-07-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38253","summary":"An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06225,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38253","https://bugzilla.redhat.com/show_bug.cgi?id=2222779","https://github.com/tats/w3m/issues/271","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/","https://access.redhat.com/security/cve/CVE-2023-38253","https://bugzilla.redhat.com/show_bug.cgi?id=2222779","https://github.com/tats/w3m/issues/271","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"],"published_time":"2023-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-38252","summary":"An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02301,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-38252","https://bugzilla.redhat.com/show_bug.cgi?id=2222775","https://github.com/tats/w3m/issues/270","https://access.redhat.com/security/cve/CVE-2023-38252","https://bugzilla.redhat.com/show_bug.cgi?id=2222775","https://github.com/tats/w3m/issues/270","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AULOBQJLXE2KCT5UVQMKGEFL4GFIAOED/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKFZQUK7FPWWJQYICDZZ4YWIPUPQ2D3R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TODROGVCWZ435HQIZE6ARQC5LPQLIA5C/"],"published_time":"2023-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3618","summary":"A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00215,"ranking_epss":0.43977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3618","https://bugzilla.redhat.com/show_bug.cgi?id=2215865","https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html","https://security.netapp.com/advisory/ntap-20230824-0012/","https://support.apple.com/kb/HT214036","https://support.apple.com/kb/HT214037","https://support.apple.com/kb/HT214038","https://access.redhat.com/security/cve/CVE-2023-3618","https://bugzilla.redhat.com/show_bug.cgi?id=2215865","https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html","https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html","https://security.netapp.com/advisory/ntap-20230824-0012/","https://support.apple.com/kb/HT214036","https://support.apple.com/kb/HT214037","https://support.apple.com/kb/HT214038"],"published_time":"2023-07-12T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3354","summary":"A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3354","https://bugzilla.redhat.com/show_bug.cgi?id=2216478","https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/","https://access.redhat.com/security/cve/CVE-2023-3354","https://bugzilla.redhat.com/show_bug.cgi?id=2216478","https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/"],"published_time":"2023-07-11T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3269","summary":"A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00225,"ranking_epss":0.45169,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2023/Jul/43","http://www.openwall.com/lists/oss-security/2023/07/28/1","http://www.openwall.com/lists/oss-security/2023/08/25/1","http://www.openwall.com/lists/oss-security/2023/08/25/4","https://access.redhat.com/security/cve/CVE-2023-3269","https://bugzilla.redhat.com/show_bug.cgi?id=2215268","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L/","https://security.netapp.com/advisory/ntap-20230908-0001/","https://www.openwall.com/lists/oss-security/2023/07/05/1","http://seclists.org/fulldisclosure/2023/Jul/43","http://www.openwall.com/lists/oss-security/2023/07/28/1","http://www.openwall.com/lists/oss-security/2023/08/25/1","http://www.openwall.com/lists/oss-security/2023/08/25/4","https://access.redhat.com/security/cve/CVE-2023-3269","https://bugzilla.redhat.com/show_bug.cgi?id=2215268","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L/","https://security.netapp.com/advisory/ntap-20230908-0001/","https://www.openwall.com/lists/oss-security/2023/07/05/1"],"published_time":"2023-07-11T12:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1672","summary":"A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.0791,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-1672","https://bugzilla.redhat.com/show_bug.cgi?id=2180999","https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096","https://lists.debian.org/debian-lts-announce/2023/11/msg00004.html","https://www.openwall.com/lists/oss-security/2023/06/15/1","https://access.redhat.com/security/cve/CVE-2023-1672","https://bugzilla.redhat.com/show_bug.cgi?id=2180999","https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096","https://lists.debian.org/debian-lts-announce/2023/11/msg00004.html","https://www.openwall.com/lists/oss-security/2023/06/15/1"],"published_time":"2023-07-11T12:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34432","summary":"A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10683,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-34432","https://bugzilla.redhat.com/show_bug.cgi?id=2212291","https://access.redhat.com/security/cve/CVE-2023-34432","https://bugzilla.redhat.com/show_bug.cgi?id=2212291"],"published_time":"2023-07-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-26590","summary":"A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.0886,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-26590","https://bugzilla.redhat.com/show_bug.cgi?id=2212279","https://access.redhat.com/security/cve/CVE-2023-26590","https://bugzilla.redhat.com/show_bug.cgi?id=2212279"],"published_time":"2023-07-10T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-32627","summary":"A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.15223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-32627","https://bugzilla.redhat.com/show_bug.cgi?id=2212282","https://lists.debian.org/debian-lts-announce/2023/08/msg00015.html","https://access.redhat.com/security/cve/CVE-2023-32627","https://bugzilla.redhat.com/show_bug.cgi?id=2212282","https://lists.debian.org/debian-lts-announce/2023/08/msg00015.html"],"published_time":"2023-07-10T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34318","summary":"A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09621,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-34318","https://bugzilla.redhat.com/show_bug.cgi?id=2212283","https://access.redhat.com/security/cve/CVE-2023-34318","https://bugzilla.redhat.com/show_bug.cgi?id=2212283"],"published_time":"2023-07-10T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1183","summary":"A flaw was found in the Libreoffice package. An attacker can craft an odb containing a \"database/script\" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.","cvss":5.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":null,"epss":0.06891,"ranking_epss":0.91384,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/12/28/4","http://www.openwall.com/lists/oss-security/2024/01/03/4","https://access.redhat.com/security/cve/CVE-2023-1183","https://bugzilla.redhat.com/show_bug.cgi?id=2208506","https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/","http://www.openwall.com/lists/oss-security/2023/12/28/4","http://www.openwall.com/lists/oss-security/2024/01/03/4","https://access.redhat.com/security/cve/CVE-2023-1183","https://bugzilla.redhat.com/show_bug.cgi?id=2208506","https://www.libreoffice.org/about-us/security/advisories/cve-2023-1183/"],"published_time":"2023-07-10T16:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4361","summary":"Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri.","cvss":10.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":10.0,"cvss_v4":null,"epss":0.01293,"ranking_epss":0.79676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2151618","https://github.com/keycloak/keycloak/commit/a1cfe6e24e5b34792699a00b8b4a8016a5929e3a","https://bugzilla.redhat.com/show_bug.cgi?id=2151618","https://github.com/keycloak/keycloak/commit/a1cfe6e24e5b34792699a00b8b4a8016a5929e3a"],"published_time":"2023-07-07T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3089","summary":"A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20425,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3089","https://bugzilla.redhat.com/show_bug.cgi?id=2212085","https://access.redhat.com/security/cve/CVE-2023-3089","https://bugzilla.redhat.com/show_bug.cgi?id=2212085"],"published_time":"2023-07-05T13:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1206","summary":"A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11378,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2175903","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://security.netapp.com/advisory/ntap-20230929-0006/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492","https://bugzilla.redhat.com/show_bug.cgi?id=2175903","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://security.netapp.com/advisory/ntap-20230929-0006/","https://www.debian.org/security/2023/dsa-5480","https://www.debian.org/security/2023/dsa-5492"],"published_time":"2023-06-30T22:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3138","summary":"A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust that they were called with values provided by an Xserver adhering to the bounds specified in the X11 protocol, as all X servers provided by X.Org do. As the protocol only specifies a single byte for these values, an out-of-bounds value provided by a malicious server (or a malicious proxy-in-the-middle) can only overwrite other portions of the Display structure and not write outside the bounds of the Display structure itself, possibly causing the client to crash with this memory corruption.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00081,"ranking_epss":0.23913,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-3138","https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c","https://lists.x.org/archives/xorg-announce/2023-June/003406.html","https://lists.x.org/archives/xorg-announce/2023-June/003407.html","https://security.netapp.com/advisory/ntap-20231208-0008/","https://access.redhat.com/security/cve/CVE-2023-3138","https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/304a654a0d57bf0f00d8998185f0360332cfa36c","https://lists.x.org/archives/xorg-announce/2023-June/003406.html","https://lists.x.org/archives/xorg-announce/2023-June/003407.html","https://security.netapp.com/advisory/ntap-20231208-0008/"],"published_time":"2023-06-28T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3212","summary":"A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2214348","https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://security.netapp.com/advisory/ntap-20230929-0005/","https://www.debian.org/security/2023/dsa-5448","https://www.debian.org/security/2023/dsa-5480","https://bugzilla.redhat.com/show_bug.cgi?id=2214348","https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","https://security.netapp.com/advisory/ntap-20230929-0005/","https://www.debian.org/security/2023/dsa-5448","https://www.debian.org/security/2023/dsa-5480"],"published_time":"2023-06-23T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-32373","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12861,"kev":true,"propose_action":"Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.","ransomware_campaign":"Unknown","references":["https://security.gentoo.org/glsa/202401-04","https://support.apple.com/en-us/HT213757","https://support.apple.com/en-us/HT213758","https://support.apple.com/en-us/HT213761","https://support.apple.com/en-us/HT213762","https://support.apple.com/en-us/HT213764","https://support.apple.com/en-us/HT213765","https://security.gentoo.org/glsa/202401-04","https://support.apple.com/en-us/HT213757","https://support.apple.com/en-us/HT213758","https://support.apple.com/en-us/HT213761","https://support.apple.com/en-us/HT213762","https://support.apple.com/en-us/HT213764","https://support.apple.com/en-us/HT213765","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-32373"],"published_time":"2023-06-23T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-3161","summary":"A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.0224,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2213485","https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be","https://bugzilla.redhat.com/show_bug.cgi?id=2213485","https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be"],"published_time":"2023-06-12T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2454","summary":"schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.","cvss":7.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.2,"cvss_v4":null,"epss":0.00244,"ranking_epss":0.47636,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2454","https://security.netapp.com/advisory/ntap-20230706-0006/","https://www.postgresql.org/support/security/CVE-2023-2454/","https://access.redhat.com/security/cve/CVE-2023-2454","https://security.netapp.com/advisory/ntap-20230706-0006/","https://www.postgresql.org/support/security/CVE-2023-2454/"],"published_time":"2023-06-09T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2455","summary":"Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00226,"ranking_epss":0.45418,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2455","https://security.netapp.com/advisory/ntap-20230706-0006/","https://www.postgresql.org/support/security/CVE-2023-2455/","https://access.redhat.com/security/cve/CVE-2023-2455","https://security.netapp.com/advisory/ntap-20230706-0006/","https://www.postgresql.org/support/security/CVE-2023-2455/"],"published_time":"2023-06-09T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2603","summary":"A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01222,"ranking_epss":0.79096,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2209113","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/","https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=2209113","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/","https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf"],"published_time":"2023-06-06T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2602","summary":"A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03651,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2209114","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/","https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=2209114","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/","https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf"],"published_time":"2023-06-06T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2977","summary":"A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06122,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2977","https://bugzilla.redhat.com/show_bug.cgi?id=2211088","https://github.com/OpenSC/OpenSC/issues/2785","https://github.com/OpenSC/OpenSC/pull/2787","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/","https://access.redhat.com/security/cve/CVE-2023-2977","https://bugzilla.redhat.com/show_bug.cgi?id=2211088","https://github.com/OpenSC/OpenSC/issues/2785","https://github.com/OpenSC/OpenSC/pull/2787","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/"],"published_time":"2023-06-01T01:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34151","summary":"A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.21026,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-34151","https://bugzilla.redhat.com/show_bug.cgi?id=2210657","https://github.com/ImageMagick/ImageMagick/issues/6341","https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/","https://access.redhat.com/security/cve/CVE-2023-34151","https://bugzilla.redhat.com/show_bug.cgi?id=2210657","https://github.com/ImageMagick/ImageMagick/issues/6341","https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"],"published_time":"2023-05-30T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34152","summary":"A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.74964,"ranking_epss":0.98869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-34152","https://bugzilla.redhat.com/show_bug.cgi?id=2210659","https://github.com/ImageMagick/ImageMagick/issues/6339","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/","https://access.redhat.com/security/cve/CVE-2023-34152","https://bugzilla.redhat.com/show_bug.cgi?id=2210659","https://github.com/ImageMagick/ImageMagick/issues/6339","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"],"published_time":"2023-05-30T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-34153","summary":"A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00703,"ranking_epss":0.72053,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-34153","https://bugzilla.redhat.com/show_bug.cgi?id=2210660","https://github.com/ImageMagick/ImageMagick/issues/6338","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/","https://access.redhat.com/security/cve/CVE-2023-34153","https://bugzilla.redhat.com/show_bug.cgi?id=2210660","https://github.com/ImageMagick/ImageMagick/issues/6338","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/"],"published_time":"2023-05-30T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2953","summary":"A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01578,"ranking_epss":0.81563,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2023/Jul/47","http://seclists.org/fulldisclosure/2023/Jul/48","http://seclists.org/fulldisclosure/2023/Jul/52","https://access.redhat.com/security/cve/CVE-2023-2953","https://bugs.openldap.org/show_bug.cgi?id=9904","https://security.netapp.com/advisory/ntap-20230703-0005/","https://support.apple.com/kb/HT213843","https://support.apple.com/kb/HT213844","https://support.apple.com/kb/HT213845","http://seclists.org/fulldisclosure/2023/Jul/47","http://seclists.org/fulldisclosure/2023/Jul/48","http://seclists.org/fulldisclosure/2023/Jul/52","https://access.redhat.com/security/cve/CVE-2023-2953","https://bugs.openldap.org/show_bug.cgi?id=9904","https://security.netapp.com/advisory/ntap-20230703-0005/","https://support.apple.com/kb/HT213843","https://support.apple.com/kb/HT213844","https://support.apple.com/kb/HT213845"],"published_time":"2023-05-30T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2283","summary":"A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00177,"ranking_epss":0.39215,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/172861/libssh-0.9.6-0.10.4-pki_verify_data_signature-Authorization-Bypass.html","https://access.redhat.com/security/cve/CVE-2023-2283","https://bugzilla.redhat.com/show_bug.cgi?id=2189736","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/","https://security.gentoo.org/glsa/202312-05","https://security.netapp.com/advisory/ntap-20240201-0005/","https://www.libssh.org/security/advisories/CVE-2023-2283.txt","http://packetstormsecurity.com/files/172861/libssh-0.9.6-0.10.4-pki_verify_data_signature-Authorization-Bypass.html","http://seclists.org/fulldisclosure/2025/Feb/18","https://access.redhat.com/security/cve/CVE-2023-2283","https://bugzilla.redhat.com/show_bug.cgi?id=2189736","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/","https://security.gentoo.org/glsa/202312-05","https://security.netapp.com/advisory/ntap-20240201-0005/","https://www.libssh.org/security/advisories/CVE-2023-2283.txt"],"published_time":"2023-05-26T18:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1981","summary":"A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call, causing the avahi daemon to crash.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03405,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-1981","https://bugzilla.redhat.com/show_bug.cgi?id=2185911","https://github.com/lathiat/avahi/issues/375","https://access.redhat.com/security/cve/CVE-2023-1981","https://bugzilla.redhat.com/show_bug.cgi?id=2185911","https://github.com/lathiat/avahi/issues/375","https://lists.debian.org/debian-lts-announce/2024/12/msg00011.html"],"published_time":"2023-05-26T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1667","summary":"A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01131,"ranking_epss":0.78325,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.libssh.org/security/advisories/CVE-2023-1667.txt","https://access.redhat.com/security/cve/CVE-2023-1667","https://bugzilla.redhat.com/show_bug.cgi?id=2182199","https://lists.debian.org/debian-lts-announce/2023/05/msg00029.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/","https://security.gentoo.org/glsa/202312-05","http://www.libssh.org/security/advisories/CVE-2023-1667.txt","https://access.redhat.com/security/cve/CVE-2023-1667","https://bugzilla.redhat.com/show_bug.cgi?id=2182199","https://lists.debian.org/debian-lts-announce/2023/05/msg00029.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/","https://security.gentoo.org/glsa/202312-05"],"published_time":"2023-05-26T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-33203","summary":"The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.","cvss":6.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0448,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2192667","https://bugzilla.suse.com/show_bug.cgi?id=1210685","https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75","https://bugzilla.redhat.com/show_bug.cgi?id=2192667","https://bugzilla.suse.com/show_bug.cgi?id=1210685","https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.9","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6b6bc5b8bd2d4ca9e1efa9ae0f98a0b0687ace75"],"published_time":"2023-05-18T08:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2295","summary":"A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01631,"ranking_epss":0.81896,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:3107","https://access.redhat.com/errata/RHSA-2023:3148","https://access.redhat.com/security/cve/CVE-2023-2295","https://bugzilla.redhat.com/show_bug.cgi?id=2189777","https://access.redhat.com/errata/RHSA-2023:3107","https://access.redhat.com/errata/RHSA-2023:3148","https://access.redhat.com/security/cve/CVE-2023-2295","https://bugzilla.redhat.com/show_bug.cgi?id=2189777"],"published_time":"2023-05-17T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2731","summary":"A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01146,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2731","https://bugzilla.redhat.com/show_bug.cgi?id=2207635","https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b","https://gitlab.com/libtiff/libtiff/-/issues/548","https://security.netapp.com/advisory/ntap-20230703-0009/","https://access.redhat.com/security/cve/CVE-2023-2731","https://bugzilla.redhat.com/show_bug.cgi?id=2207635","https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b","https://gitlab.com/libtiff/libtiff/-/issues/548","https://security.netapp.com/advisory/ntap-20230703-0009/"],"published_time":"2023-05-17T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2203","summary":"A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.28972,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:2653","https://access.redhat.com/errata/RHSA-2023:3108","https://access.redhat.com/security/cve/CVE-2023-2203","https://bugzilla.redhat.com/show_bug.cgi?id=2188543","https://access.redhat.com/errata/RHSA-2023:2653","https://access.redhat.com/errata/RHSA-2023:3108","https://access.redhat.com/security/cve/CVE-2023-2203","https://bugzilla.redhat.com/show_bug.cgi?id=2188543"],"published_time":"2023-05-17T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2491","summary":"A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.23163,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2023:2626","https://access.redhat.com/errata/RHSA-2023:3104","https://access.redhat.com/security/cve/CVE-2023-2491","https://bugzilla.redhat.com/show_bug.cgi?id=2192873","https://access.redhat.com/errata/RHSA-2023:2626","https://access.redhat.com/errata/RHSA-2023:3104","https://access.redhat.com/security/cve/CVE-2023-2491","https://bugzilla.redhat.com/show_bug.cgi?id=2192873"],"published_time":"2023-05-17T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2700","summary":"A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.10098,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-2700","https://bugzilla.redhat.com/show_bug.cgi?id=2203653","https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/","https://security.netapp.com/advisory/ntap-20230706-0001/","https://access.redhat.com/security/cve/CVE-2023-2700","https://bugzilla.redhat.com/show_bug.cgi?id=2203653","https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ/","https://security.netapp.com/advisory/ntap-20230706-0001/"],"published_time":"2023-05-15T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1729","summary":"A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19354,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2188240","https://github.com/LibRaw/LibRaw/issues/557","https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ6XF5WTPJ4GLXQ62JVRDZSVSJHXNQU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E5ZJ3UBTJBZHNPJQFOSGM5L7WAHHE2GY/","https://security.gentoo.org/glsa/202312-08","https://www.debian.org/security/2023/dsa-5412","https://bugzilla.redhat.com/show_bug.cgi?id=2188240","https://github.com/LibRaw/LibRaw/issues/557","https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ6XF5WTPJ4GLXQ62JVRDZSVSJHXNQU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E5ZJ3UBTJBZHNPJQFOSGM5L7WAHHE2GY/","https://security.gentoo.org/glsa/202312-08","https://www.debian.org/security/2023/dsa-5412"],"published_time":"2023-05-15T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-32573","summary":"In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20801,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://codereview.qt-project.org/c/qt/qtsvg/+/474093","https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/","https://codereview.qt-project.org/c/qt/qtsvg/+/474093","https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3IHQZCEUFVOPWG75V2HDKXNUZBB4FX/"],"published_time":"2023-05-10T06:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2156","summary":"A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02085,"ranking_epss":0.84004,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/05/17/8","http://www.openwall.com/lists/oss-security/2023/05/17/9","http://www.openwall.com/lists/oss-security/2023/05/18/1","http://www.openwall.com/lists/oss-security/2023/05/19/1","https://bugzilla.redhat.com/show_bug.cgi?id=2196292","https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html","https://security.netapp.com/advisory/ntap-20230622-0001/","https://www.debian.org/security/2023/dsa-5448","https://www.debian.org/security/2023/dsa-5453","https://www.zerodayinitiative.com/advisories/ZDI-23-547/","http://www.openwall.com/lists/oss-security/2023/05/17/8","http://www.openwall.com/lists/oss-security/2023/05/17/9","http://www.openwall.com/lists/oss-security/2023/05/18/1","http://www.openwall.com/lists/oss-security/2023/05/19/1","https://bugzilla.redhat.com/show_bug.cgi?id=2196292","https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html","https://security.netapp.com/advisory/ntap-20230622-0001/","https://www.debian.org/security/2023/dsa-5448","https://www.debian.org/security/2023/dsa-5453","https://www.zerodayinitiative.com/advisories/ZDI-23-547/"],"published_time":"2023-05-09T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2513","summary":"A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02118,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2193097","https://github.com/torvalds/linux/commit/67d7d8ad99be","https://lore.kernel.org/all/20220616021358.2504451-1-libaokun1%40huawei.com/","https://bugzilla.redhat.com/show_bug.cgi?id=2193097","https://github.com/torvalds/linux/commit/67d7d8ad99be","https://lore.kernel.org/all/20220616021358.2504451-1-libaokun1%40huawei.com/"],"published_time":"2023-05-08T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-32233","summary":"In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00676,"ranking_epss":0.7147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","http://www.openwall.com/lists/oss-security/2023/05/15/5","https://bugzilla.redhat.com/show_bug.cgi?id=2196105","https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab","https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab","https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html","https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html","https://news.ycombinator.com/item?id=35879660","https://security.netapp.com/advisory/ntap-20230616-0002/","https://www.debian.org/security/2023/dsa-5402","https://www.openwall.com/lists/oss-security/2023/05/08/4","http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","http://www.openwall.com/lists/oss-security/2023/05/15/5","https://bugzilla.redhat.com/show_bug.cgi?id=2196105","https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab","https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab","https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html","https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html","https://news.ycombinator.com/item?id=35879660","https://security.netapp.com/advisory/ntap-20230616-0002/","https://www.debian.org/security/2023/dsa-5402","https://www.openwall.com/lists/oss-security/2023/05/08/4"],"published_time":"2023-05-08T20:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-30549","summary":"Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation.\n\nApptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid \"rootless\" mode using fuse2fs.\n\nSome workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf.  This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts.  (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files.  The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07257,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2022-1184","https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7","https://github.com/apptainer/apptainer/releases/tag/v1.1.8","https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg","https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303","https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f","https://lwn.net/Articles/932136/","https://lwn.net/Articles/932137/","https://security-tracker.debian.org/tracker/CVE-2022-1184","https://security.gentoo.org/glsa/202311-13","https://sylabs.io/2023/04/response-to-cve-2023-30549/","https://ubuntu.com/security/CVE-2022-1184","https://www.suse.com/security/cve/CVE-2022-1184.html","https://access.redhat.com/security/cve/cve-2022-1184","https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7","https://github.com/apptainer/apptainer/releases/tag/v1.1.8","https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg","https://github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303","https://github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f","https://lwn.net/Articles/932136/","https://lwn.net/Articles/932137/","https://security-tracker.debian.org/tracker/CVE-2022-1184","https://security.gentoo.org/glsa/202311-13","https://sylabs.io/2023/04/response-to-cve-2023-30549/","https://ubuntu.com/security/CVE-2022-1184","https://www.suse.com/security/cve/CVE-2022-1184.html"],"published_time":"2023-04-25T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2019","summary":"A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.0417,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2189137","https://github.com/torvalds/linux/commit/180a6a3ee60a","https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/","https://bugzilla.redhat.com/show_bug.cgi?id=2189137","https://github.com/torvalds/linux/commit/180a6a3ee60a","https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/"],"published_time":"2023-04-24T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-2194","summary":"An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace \"data->block[0]\" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04217,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2188396","https://github.com/torvalds/linux/commit/92fbb6d1296f","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://bugzilla.redhat.com/show_bug.cgi?id=2188396","https://github.com/torvalds/linux/commit/92fbb6d1296f","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"],"published_time":"2023-04-20T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-28327","summary":"A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01074,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2177382","https://bugzilla.redhat.com/show_bug.cgi?id=2177382"],"published_time":"2023-04-19T23:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-28328","summary":"A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02153,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2177389","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://bugzilla.redhat.com/show_bug.cgi?id=2177389","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"],"published_time":"2023-04-19T23:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1668","summary":"A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.","cvss":8.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.2,"cvss_v4":null,"epss":0.0032,"ranking_epss":0.5508,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2137666","https://lists.debian.org/debian-lts-announce/2023/05/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/","https://security.gentoo.org/glsa/202311-16","https://www.debian.org/security/2023/dsa-5387","https://www.openwall.com/lists/oss-security/2023/04/06/1","https://bugzilla.redhat.com/show_bug.cgi?id=2137666","https://lists.debian.org/debian-lts-announce/2023/05/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/","https://security.gentoo.org/glsa/202311-16","https://www.debian.org/security/2023/dsa-5387","https://www.openwall.com/lists/oss-security/2023/04/06/1"],"published_time":"2023-04-10T22:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1274","summary":"A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00842,"ranking_epss":0.74741,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2073157","https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725","https://herolab.usd.de/security-advisories/usd-2021-0033/","https://bugzilla.redhat.com/show_bug.cgi?id=2073157","https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725","https://herolab.usd.de/security-advisories/usd-2021-0033/"],"published_time":"2023-03-29T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3787","summary":"A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17146,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2138959","https://bugzilla.redhat.com/show_bug.cgi?id=2138959"],"published_time":"2023-03-29T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1652","summary":"A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02424,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2023-1652","https://security.netapp.com/advisory/ntap-20230511-0006/","https://access.redhat.com/security/cve/cve-2023-1652","https://security.netapp.com/advisory/ntap-20230511-0006/"],"published_time":"2023-03-29T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0664","summary":"A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05155,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2167423","https://gitlab.com/qemu-project/qemu/-/commit/07ce178a2b0768eb9e712bb5ad0cf6dc7fcf0158","https://gitlab.com/qemu-project/qemu/-/commit/88288c2a51faa7c795f053fc8b31b1c16ff804c5","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEOC7SRJWLZSXCND2ADFW6C76ZMTZLE4/","https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg01445.html","https://security.netapp.com/advisory/ntap-20230517-0005/","https://bugzilla.redhat.com/show_bug.cgi?id=2167423","https://gitlab.com/qemu-project/qemu/-/commit/07ce178a2b0768eb9e712bb5ad0cf6dc7fcf0158","https://gitlab.com/qemu-project/qemu/-/commit/88288c2a51faa7c795f053fc8b31b1c16ff804c5","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEOC7SRJWLZSXCND2ADFW6C76ZMTZLE4/","https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg01445.html","https://security.netapp.com/advisory/ntap-20230517-0005/"],"published_time":"2023-03-29T20:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0179","summary":"A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0048,"ranking_epss":0.65078,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=2161713","https://seclists.org/oss-sec/2023/q1/20","https://security.netapp.com/advisory/ntap-20230511-0003/","http://packetstormsecurity.com/files/171601/Kernel-Live-Patch-Security-Notice-LNS-0093-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=2161713","https://seclists.org/oss-sec/2023/q1/20","https://security.netapp.com/advisory/ntap-20230511-0003/"],"published_time":"2023-03-27T22:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0494","summary":"A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00613,"ranking_epss":0.69824,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2165995","https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec","https://lists.x.org/archives/xorg-announce/2023-February/003320.html","https://security.gentoo.org/glsa/202305-30","https://bugzilla.redhat.com/show_bug.cgi?id=2165995","https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec","https://lists.x.org/archives/xorg-announce/2023-February/003320.html","https://security.gentoo.org/glsa/202305-30"],"published_time":"2023-03-27T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0778","summary":"A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.26484,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2168256","https://bugzilla.redhat.com/show_bug.cgi?id=2168256"],"published_time":"2023-03-27T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1073","summary":"A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.0499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/11/05/2","http://www.openwall.com/lists/oss-security/2023/11/05/3","https://bugzilla.redhat.com/show_bug.cgi?id=2173403","https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://www.openwall.com/lists/osssecurity/2023/01/17/3","http://www.openwall.com/lists/oss-security/2023/11/05/2","http://www.openwall.com/lists/oss-security/2023/11/05/3","https://bugzilla.redhat.com/show_bug.cgi?id=2173403","https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://www.openwall.com/lists/osssecurity/2023/01/17/3"],"published_time":"2023-03-27T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1380","summary":"A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04961,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=2177883","https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsei.ac.kr/T/#u","https://security.netapp.com/advisory/ntap-20230511-0001/","https://www.debian.org/security/2023/dsa-5480","https://www.openwall.com/lists/oss-security/2023/03/14/1","http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=2177883","https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsei.ac.kr/T/#u","https://security.netapp.com/advisory/ntap-20230511-0001/","https://www.debian.org/security/2023/dsa-5480","https://www.openwall.com/lists/oss-security/2023/03/14/1"],"published_time":"2023-03-27T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3923","summary":"A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlikely to leak sensitive user information, it can be further used to defeat existing kernel protection mechanisms.","cvss":2.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.3,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02234,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2019643","https://lore.kernel.org/all/20220204100036.GA12348%40kili/","https://bugzilla.redhat.com/show_bug.cgi?id=2019643","https://lore.kernel.org/all/20220204100036.GA12348%40kili/"],"published_time":"2023-03-27T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3684","summary":"A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the associated user.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00148,"ranking_epss":0.35299,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1985962","https://github.com/openshift/assisted-installer/commit/2403dad3795406f2c5d923af0894e07bc8b0bdc4","https://github.com/openshift/assisted-installer/commit/f3800cfa3d64ce6dcd6f7b73f0578bb99bfdaf7a","https://bugzilla.redhat.com/show_bug.cgi?id=1985962","https://github.com/openshift/assisted-installer/commit/2403dad3795406f2c5d923af0894e07bc8b0bdc4","https://github.com/openshift/assisted-installer/commit/f3800cfa3d64ce6dcd6f7b73f0578bb99bfdaf7a"],"published_time":"2023-03-24T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0056","summary":"An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00192,"ranking_epss":0.41183,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-0056","https://access.redhat.com/security/cve/CVE-2023-0056"],"published_time":"2023-03-23T21:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1513","summary":"A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06527,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2179892","https://github.com/torvalds/linux/commit/2c10b61421a28e95a46ab489fd56c0f442ff6952","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/kvm/20230214103304.3689213-1-gregkh%40linuxfoundation.org/","https://bugzilla.redhat.com/show_bug.cgi?id=2179892","https://github.com/torvalds/linux/commit/2c10b61421a28e95a46ab489fd56c0f442ff6952","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/kvm/20230214103304.3689213-1-gregkh%40linuxfoundation.org/"],"published_time":"2023-03-23T21:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1289","summary":"A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in \"/tmp,\" resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will generate about 10G.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.2782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2176858","https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4","https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr","https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html","https://bugzilla.redhat.com/show_bug.cgi?id=2176858","https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4","https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr","https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html"],"published_time":"2023-03-23T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4904","summary":"A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.36999,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2168631","https://github.com/c-ares/c-ares/issues/496","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/","https://security.gentoo.org/glsa/202401-02","https://bugzilla.redhat.com/show_bug.cgi?id=2168631","https://github.com/c-ares/c-ares/issues/496","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/","https://security.gentoo.org/glsa/202401-02"],"published_time":"2023-03-06T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-8720","summary":"A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04099,"ranking_epss":0.88596,"kev":true,"propose_action":"WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.","ransomware_campaign":"Unknown","references":["https://bugzilla.redhat.com/show_bug.cgi?id=1876611","https://webkitgtk.org/security/WSA-2019-0005.html","https://bugzilla.redhat.com/show_bug.cgi?id=1876611","https://webkitgtk.org/security/WSA-2019-0005.html","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-8720"],"published_time":"2023-03-06T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3424","summary":"A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06312,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2132640","https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/","https://security.netapp.com/advisory/ntap-20230406-0005/","https://www.spinics.net/lists/kernel/msg4518970.html","https://bugzilla.redhat.com/show_bug.cgi?id=2132640","https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/","https://security.netapp.com/advisory/ntap-20230406-0005/","https://www.spinics.net/lists/kernel/msg4518970.html"],"published_time":"2023-03-06T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3707","summary":"A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02516,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2137979","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/","https://bugzilla.redhat.com/show_bug.cgi?id=2137979","https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/"],"published_time":"2023-03-06T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-27561","summary":"runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00146,"ranking_epss":0.3504,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9","https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334","https://github.com/opencontainers/runc/issues/3751","https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/","https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9","https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334","https://github.com/opencontainers/runc/issues/3751","https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/","https://security.netapp.com/advisory/ntap-20241206-0004/"],"published_time":"2023-03-03T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41862","summary":"In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.","cvss":3.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.7,"cvss_v4":null,"epss":0.0032,"ranking_epss":0.55081,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2165722","https://security.netapp.com/advisory/ntap-20230427-0002/","https://www.postgresql.org/support/security/CVE-2022-41862/","https://bugzilla.redhat.com/show_bug.cgi?id=2165722","https://security.netapp.com/advisory/ntap-20230427-0002/","https://www.postgresql.org/support/security/CVE-2022-41862/"],"published_time":"2023-03-03T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-1095","summary":"In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this results in a NULL pointer dereference.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03685,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2173973","https://github.com/torvalds/linux/commit/580077855a40741cf511766129702d97ff02f4d9","https://bugzilla.redhat.com/show_bug.cgi?id=2173973","https://github.com/torvalds/linux/commit/580077855a40741cf511766129702d97ff02f4d9"],"published_time":"2023-02-28T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-0361","summary":"A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.","cvss":7.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":null,"epss":0.03615,"ranking_epss":0.87794,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2023-0361","https://github.com/tlsfuzzer/tlsfuzzer/pull/679","https://gitlab.com/gnutls/gnutls/-/issues/1050","https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/","https://security.netapp.com/advisory/ntap-20230324-0005/","https://security.netapp.com/advisory/ntap-20230725-0005/","https://access.redhat.com/security/cve/CVE-2023-0361","https://github.com/tlsfuzzer/tlsfuzzer/pull/679","https://gitlab.com/gnutls/gnutls/-/issues/1050","https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/","https://security.netapp.com/advisory/ntap-20230324-0005/","https://security.netapp.com/advisory/ntap-20230725-0005/"],"published_time":"2023-02-15T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3560","summary":"A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12509,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2135420#c0","https://bugzilla.redhat.com/show_bug.cgi?id=2135420#c0"],"published_time":"2023-02-02T21:22:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4254","summary":"sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.23182,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-4254","https://bugzilla.redhat.com/show_bug.cgi?id=2149894","https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274","https://github.com/SSSD/sssd/issues/5135","https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html","https://access.redhat.com/security/cve/CVE-2022-4254","https://bugzilla.redhat.com/show_bug.cgi?id=2149894","https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274","https://github.com/SSSD/sssd/issues/5135","https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html"],"published_time":"2023-02-01T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4285","summary":"An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00057,"ranking_epss":0.17748,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2150768","https://security.gentoo.org/glsa/202309-15","https://sourceware.org/bugzilla/show_bug.cgi?id=29699","https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=5c831a3c7f3ca98d6aba1200353311e1a1f84c70","https://bugzilla.redhat.com/show_bug.cgi?id=2150768","https://security.gentoo.org/glsa/202309-15","https://sourceware.org/bugzilla/show_bug.cgi?id=29699","https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=5c831a3c7f3ca98d6aba1200353311e1a1f84c70"],"published_time":"2023-01-27T18:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4743","summary":"A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12908,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-4743","https://bugzilla.redhat.com/show_bug.cgi?id=2156290","https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b","https://github.com/libsdl-org/SDL/pull/6269","https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html","https://security.gentoo.org/glsa/202305-18","https://access.redhat.com/security/cve/CVE-2022-4743","https://bugzilla.redhat.com/show_bug.cgi?id=2156290","https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b","https://github.com/libsdl-org/SDL/pull/6269","https://lists.debian.org/debian-lts-announce/2023/02/msg00008.html","https://lists.debian.org/debian-lts-announce/2025/11/msg00024.html","https://security.gentoo.org/glsa/202305-18"],"published_time":"2023-01-12T19:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3715","summary":"A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2126720","https://bugzilla.redhat.com/show_bug.cgi?id=2126720","https://security.netapp.com/advisory/ntap-20241108-0002/"],"published_time":"2023-01-05T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3775","summary":"When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.2311,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2022-3775","https://security.gentoo.org/glsa/202311-14","https://access.redhat.com/security/cve/cve-2022-3775","https://security.gentoo.org/glsa/202311-14"],"published_time":"2022-12-19T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4283","summary":"A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory, resulting in out-of-bounds memory access on subsequent XkbGetKbdByName requests.. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00176,"ranking_epss":0.39089,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-4283","https://bugzilla.redhat.com/show_bug.cgi?id=2151761","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","https://access.redhat.com/security/cve/CVE-2022-4283","https://bugzilla.redhat.com/show_bug.cgi?id=2151761","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-46340","summary":"A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions. This issue does not affect systems where client and server use the same byte order.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0113,"ranking_epss":0.78309,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-46340","https://bugzilla.redhat.com/show_bug.cgi?id=2151755","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWTH3SNJ3GKYDSN7I3QDGWYEPSMWU6EP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","https://access.redhat.com/security/cve/CVE-2022-46340","https://bugzilla.redhat.com/show_bug.cgi?id=2151755","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWTH3SNJ3GKYDSN7I3QDGWYEPSMWU6EP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-46341","summary":"A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIPassiveUngrab request accesses out-of-bounds memory when invoked with a high keycode or button code. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.01109,"ranking_epss":0.78132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-46341","https://bugzilla.redhat.com/show_bug.cgi?id=2151756","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","https://access.redhat.com/security/cve/CVE-2022-46341","https://bugzilla.redhat.com/show_bug.cgi?id=2151756","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-46342","summary":"A vulnerability was found in X.Org. This security flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X se","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.33954,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-46342","https://bugzilla.redhat.com/show_bug.cgi?id=2151757","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","https://access.redhat.com/security/cve/CVE-2022-46342","https://bugzilla.redhat.com/show_bug.cgi?id=2151757","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-46343","summary":"A vulnerability was found in X.Org. This security flaw occurs because the handler for the ScreenSaverSetAttributes request may write to memory after it has been freed. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.01109,"ranking_epss":0.78132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-46343","https://bugzilla.redhat.com/show_bug.cgi?id=2151758","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","https://access.redhat.com/security/cve/CVE-2022-46343","https://bugzilla.redhat.com/show_bug.cgi?id=2151758","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-46344","summary":"A vulnerability was found in X.Org. This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00908,"ranking_epss":0.75767,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/12/13/1","https://access.redhat.com/security/cve/CVE-2022-46344","https://bugzilla.redhat.com/show_bug.cgi?id=2151760","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304","http://www.openwall.com/lists/oss-security/2023/12/13/1","https://access.redhat.com/security/cve/CVE-2022-46344","https://bugzilla.redhat.com/show_bug.cgi?id=2151760","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","https://security.gentoo.org/glsa/202305-30","https://www.debian.org/security/2022/dsa-5304"],"published_time":"2022-12-14T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-4144","summary":"An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05858,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2148506","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html","https://security.netapp.com/advisory/ntap-20230127-0012/","https://bugzilla.redhat.com/show_bug.cgi?id=2148506","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html","https://security.netapp.com/advisory/ntap-20230127-0012/"],"published_time":"2022-11-29T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3500","summary":"A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00152,"ranking_epss":0.35909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-3500","https://github.com/keylime/keylime/pull/1128","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/","https://access.redhat.com/security/cve/CVE-2022-3500","https://github.com/keylime/keylime/pull/1128","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/"],"published_time":"2022-11-22T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-3821","summary":"An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08879,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2139327","https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","https://github.com/systemd/systemd/issues/23928","https://github.com/systemd/systemd/pull/23933","https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/","https://security.gentoo.org/glsa/202305-15","https://bugzilla.redhat.com/show_bug.cgi?id=2139327","https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","https://github.com/systemd/systemd/issues/23928","https://github.com/systemd/systemd/pull/23933","https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/","https://security.gentoo.org/glsa/202305-15"],"published_time":"2022-11-08T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2963","summary":"A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00208,"ranking_epss":0.43178,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-2963","https://bugzilla.redhat.com/show_bug.cgi?id=2118587","https://github.com/jasper-software/jasper/issues/332","https://access.redhat.com/security/cve/CVE-2022-2963","https://bugzilla.redhat.com/show_bug.cgi?id=2118587","https://github.com/jasper-software/jasper/issues/332"],"published_time":"2022-10-14T18:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2850","summary":"A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00338,"ranking_epss":0.56622,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-2850","https://bugzilla.redhat.com/show_bug.cgi?id=2118691","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://access.redhat.com/security/cve/CVE-2022-2850","https://bugzilla.redhat.com/show_bug.cgi?id=2118691","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"],"published_time":"2022-10-14T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2989","summary":"An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00046,"ranking_epss":0.14206,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2121445","https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/","https://bugzilla.redhat.com/show_bug.cgi?id=2121445","https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"],"published_time":"2022-09-13T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2990","summary":"An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0009,"ranking_epss":0.25459,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2121453","https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/","https://bugzilla.redhat.com/show_bug.cgi?id=2121453","https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/"],"published_time":"2022-09-13T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2905","summary":"An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02049,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2121800","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://lore.kernel.org/bpf/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel%40iogearbox.net/","https://bugzilla.redhat.com/show_bug.cgi?id=2121800","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://lore.kernel.org/bpf/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel%40iogearbox.net/"],"published_time":"2022-09-09T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2964","summary":"A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08829,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2067482","https://security.netapp.com/advisory/ntap-20230113-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=2067482","https://security.netapp.com/advisory/ntap-20230113-0001/"],"published_time":"2022-09-09T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10735","summary":"A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int(\"text\"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00384,"ranking_epss":0.59691,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2022/09/21/1","http://www.openwall.com/lists/oss-security/2022/09/21/4","https://access.redhat.com/security/cve/CVE-2020-10735","https://bugzilla.redhat.com/show_bug.cgi?id=1834423","https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y","https://github.com/python/cpython/issues/95778","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/","http://www.openwall.com/lists/oss-security/2022/09/21/1","http://www.openwall.com/lists/oss-security/2022/09/21/4","https://access.redhat.com/security/cve/CVE-2020-10735","https://bugzilla.redhat.com/show_bug.cgi?id=1834423","https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y","https://github.com/python/cpython/issues/95778","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/"],"published_time":"2022-09-09T14:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-25308","summary":"A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-25308","https://bugzilla.redhat.com/show_bug.cgi?id=2047890","https://github.com/fribidi/fribidi/issues/181","https://github.com/fribidi/fribidi/pull/184","https://access.redhat.com/security/cve/CVE-2022-25308","https://bugzilla.redhat.com/show_bug.cgi?id=2047890","https://github.com/fribidi/fribidi/issues/181","https://github.com/fribidi/fribidi/pull/184"],"published_time":"2022-09-06T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-25309","summary":"A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13096,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-25309","https://bugzilla.redhat.com/show_bug.cgi?id=2047896","https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3","https://github.com/fribidi/fribidi/issues/182","https://access.redhat.com/security/cve/CVE-2022-25309","https://bugzilla.redhat.com/show_bug.cgi?id=2047896","https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3","https://github.com/fribidi/fribidi/issues/182"],"published_time":"2022-09-06T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-25310","summary":"A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11052,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-25310","https://bugzilla.redhat.com/show_bug.cgi?id=2047923","https://github.com/fribidi/fribidi/issues/183","https://github.com/fribidi/fribidi/pull/186","https://access.redhat.com/security/cve/CVE-2022-25310","https://bugzilla.redhat.com/show_bug.cgi?id=2047923","https://github.com/fribidi/fribidi/issues/183","https://github.com/fribidi/fribidi/pull/186"],"published_time":"2022-09-06T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2639","summary":"An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01101,"ranking_epss":0.78054,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2084479","https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8","https://bugzilla.redhat.com/show_bug.cgi?id=2084479","https://github.com/torvalds/linux/commit/cefa91b2332d7009bc0be5d951d6cbbf349f90f8"],"published_time":"2022-09-01T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2132","summary":"A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.0078,"ranking_epss":0.73679,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.dpdk.org/show_bug.cgi?id=1031","https://bugzilla.redhat.com/show_bug.cgi?id=2099475","https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html","https://bugs.dpdk.org/show_bug.cgi?id=1031","https://bugzilla.redhat.com/show_bug.cgi?id=2099475","https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html"],"published_time":"2022-08-31T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2153","summary":"A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06633,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2069736","https://github.com/torvalds/linux/commit/00b5f37189d24ac3ed46cb7f11742094778c46ce","https://github.com/torvalds/linux/commit/7ec37d1cbe17d8189d9562178d8b29167fe1c31a","https://github.com/torvalds/linux/commit/b1e34d325397a33d97d845e312d7cf2a8b646b44","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://www.openwall.com/lists/oss-security/2022/06/22/1","https://bugzilla.redhat.com/show_bug.cgi?id=2069736","https://github.com/torvalds/linux/commit/00b5f37189d24ac3ed46cb7f11742094778c46ce","https://github.com/torvalds/linux/commit/7ec37d1cbe17d8189d9562178d8b29167fe1c31a","https://github.com/torvalds/linux/commit/b1e34d325397a33d97d845e312d7cf2a8b646b44","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://www.openwall.com/lists/oss-security/2022/06/22/1"],"published_time":"2022-08-31T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1247","summary":"An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07269,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1247","https://bugzilla.redhat.com/show_bug.cgi?id=2066799","https://access.redhat.com/security/cve/CVE-2022-1247","https://bugzilla.redhat.com/show_bug.cgi?id=2066799"],"published_time":"2022-08-31T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1263","summary":"A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20896,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1263","https://bugzilla.redhat.com/show_bug.cgi?id=2072698","https://github.com/torvalds/linux/commit/5593473a1e6c743764b08e3b6071cb43b5cfa6c4","https://www.openwall.com/lists/oss-security/2022/04/07/1","https://access.redhat.com/security/cve/CVE-2022-1263","https://bugzilla.redhat.com/show_bug.cgi?id=2072698","https://github.com/torvalds/linux/commit/5593473a1e6c743764b08e3b6071cb43b5cfa6c4","https://www.openwall.com/lists/oss-security/2022/04/07/1"],"published_time":"2022-08-31T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1354","summary":"A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11269,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1354","https://bugzilla.redhat.com/show_bug.cgi?id=2074404","https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798","https://gitlab.com/libtiff/libtiff/-/issues/319","https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20221014-0007/","https://www.debian.org/security/2023/dsa-5333","https://access.redhat.com/security/cve/CVE-2022-1354","https://bugzilla.redhat.com/show_bug.cgi?id=2074404","https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798","https://gitlab.com/libtiff/libtiff/-/issues/319","https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20221014-0007/","https://www.debian.org/security/2023/dsa-5333"],"published_time":"2022-08-31T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1355","summary":"A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.17002,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1355","https://bugzilla.redhat.com/show_bug.cgi?id=2074415","https://gitlab.com/libtiff/libtiff/-/issues/400","https://gitlab.com/libtiff/libtiff/-/merge_requests/323","https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20221014-0007/","https://www.debian.org/security/2023/dsa-5333","https://access.redhat.com/security/cve/CVE-2022-1355","https://bugzilla.redhat.com/show_bug.cgi?id=2074415","https://gitlab.com/libtiff/libtiff/-/issues/400","https://gitlab.com/libtiff/libtiff/-/merge_requests/323","https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20221014-0007/","https://www.debian.org/security/2023/dsa-5333"],"published_time":"2022-08-31T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0852","summary":"There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it could affect the integrity, availability, and/or data confidentiality of other systems that are administered by that account. This occurs regardless of how the password is supplied to convert2rhel.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00154,"ranking_epss":0.36093,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0852","https://bugzilla.redhat.com/show_bug.cgi?id=2060129","https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4","https://github.com/oamg/convert2rhel/pull/492","https://issues.redhat.com/browse/RHELC-432","https://access.redhat.com/security/cve/CVE-2022-0852","https://bugzilla.redhat.com/show_bug.cgi?id=2060129","https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4","https://github.com/oamg/convert2rhel/pull/492","https://issues.redhat.com/browse/RHELC-432"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0934","summary":"A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0934","https://bugzilla.redhat.com/show_bug.cgi?id=2057075","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html","https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39","https://access.redhat.com/security/cve/CVE-2022-0934","https://bugzilla.redhat.com/show_bug.cgi?id=2057075","https://lists.debian.org/debian-lts-announce/2024/11/msg00035.html","https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html","https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1016","summary":"A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02461,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/","https://access.redhat.com/security/cve/CVE-2022-1016","https://bugzilla.redhat.com/show_bug.cgi?id=2066614","https://seclists.org/oss-sec/2022/q1/205","http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/","https://access.redhat.com/security/cve/CVE-2022-1016","https://bugzilla.redhat.com/show_bug.cgi?id=2066614","https://seclists.org/oss-sec/2022/q1/205"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1184","summary":"A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06392,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1184","https://bugzilla.redhat.com/show_bug.cgi?id=2070205","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://ubuntu.com/security/CVE-2022-1184","https://www.debian.org/security/2022/dsa-5257","https://access.redhat.com/security/cve/CVE-2022-1184","https://bugzilla.redhat.com/show_bug.cgi?id=2070205","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://ubuntu.com/security/CVE-2022-1184","https://www.debian.org/security/2022/dsa-5257"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1198","summary":"A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00097,"ranking_epss":0.26701,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1198","https://bugzilla.redhat.com/show_bug.cgi?id=2070689","https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739","https://www.openwall.com/lists/oss-security/2022/04/02/3","https://access.redhat.com/security/cve/CVE-2022-1198","https://bugzilla.redhat.com/show_bug.cgi?id=2070689","https://github.com/torvalds/linux/commit/efe4186e6a1b54bf38b9e05450d43b0da1fd7739","https://www.openwall.com/lists/oss-security/2022/04/02/3"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1199","summary":"A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00419,"ranking_epss":0.61882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-1199","https://bugzilla.redhat.com/show_bug.cgi?id=2070694","https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809","https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac","https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10","https://security.netapp.com/advisory/ntap-20221228-0006/","https://www.openwall.com/lists/oss-security/2022/04/02/5","https://access.redhat.com/security/cve/CVE-2022-1199","https://bugzilla.redhat.com/show_bug.cgi?id=2070694","https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809","https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac","https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10","https://security.netapp.com/advisory/ntap-20221228-0006/","https://www.openwall.com/lists/oss-security/2022/04/02/5"],"published_time":"2022-08-29T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0358","summary":"A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0358","https://bugzilla.redhat.com/show_bug.cgi?id=2044863","https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca","https://security.netapp.com/advisory/ntap-20221007-0008/","https://access.redhat.com/security/cve/CVE-2022-0358","https://bugzilla.redhat.com/show_bug.cgi?id=2044863","https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca","https://security.netapp.com/advisory/ntap-20221007-0008/"],"published_time":"2022-08-29T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0480","summary":"A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0480","https://bugzilla.redhat.com/show_bug.cgi?id=2049700","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042","https://github.com/kata-containers/kata-containers/issues/3373","https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/","https://ubuntu.com/security/CVE-2022-0480","https://access.redhat.com/security/cve/CVE-2022-0480","https://bugzilla.redhat.com/show_bug.cgi?id=2049700","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042","https://github.com/kata-containers/kata-containers/issues/3373","https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/","https://ubuntu.com/security/CVE-2022-0480"],"published_time":"2022-08-29T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0485","summary":"A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image.","cvss":4.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.8,"cvss_v4":null,"epss":0.00124,"ranking_epss":0.31605,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0485","https://bugzilla.redhat.com/show_bug.cgi?id=2046194","https://bugzilla.redhat.com/show_bug.cgi?id=2050324","https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb","https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html","https://access.redhat.com/security/cve/CVE-2022-0485","https://bugzilla.redhat.com/show_bug.cgi?id=2046194","https://bugzilla.redhat.com/show_bug.cgi?id=2050324","https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb","https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html"],"published_time":"2022-08-29T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0851","summary":"There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the subscription, but generally this would allow an attacker to register systems purchased by the victim until discovered; a form of fraud. This could occur regardless of how the activation key is supplied to convert2rhel because it involves how convert2rhel provides it to subscription-manager.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30624,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0851","https://bugzilla.redhat.com/show_bug.cgi?id=2060217","https://access.redhat.com/security/cve/CVE-2022-0851","https://bugzilla.redhat.com/show_bug.cgi?id=2060217"],"published_time":"2022-08-29T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34301","summary":"A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.31674,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34302","summary":"A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00143,"ranking_epss":0.3459,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34303","summary":"A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.2971,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0168","summary":"A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0168","https://bugzilla.redhat.com/show_bug.cgi?id=2037386","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880","https://access.redhat.com/security/cve/CVE-2022-0168","https://bugzilla.redhat.com/show_bug.cgi?id=2037386","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880"],"published_time":"2022-08-26T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0171","summary":"A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00046,"ranking_epss":0.13978,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0171","https://bugzilla.redhat.com/show_bug.cgi?id=2038940","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://www.debian.org/security/2022/dsa-5257","https://access.redhat.com/security/cve/CVE-2022-0171","https://bugzilla.redhat.com/show_bug.cgi?id=2038940","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b","https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html","https://www.debian.org/security/2022/dsa-5257"],"published_time":"2022-08-26T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0175","summary":"A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0012,"ranking_epss":0.30909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0175","https://bugzilla.redhat.com/show_bug.cgi?id=2039003","https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c","https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654","https://security-tracker.debian.org/tracker/CVE-2022-0175","https://security.gentoo.org/glsa/202210-05","https://access.redhat.com/security/cve/CVE-2022-0175","https://bugzilla.redhat.com/show_bug.cgi?id=2039003","https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c","https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654","https://security-tracker.debian.org/tracker/CVE-2022-0175","https://security.gentoo.org/glsa/202210-05"],"published_time":"2022-08-26T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0207","summary":"A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.0006,"ranking_epss":0.18748,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0207","https://bugzilla.redhat.com/show_bug.cgi?id=2033697","https://bugzilla.redhat.com/show_bug.cgi?id=2039248","https://gerrit.ovirt.org/c/vdsm/+/118025","https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8","https://access.redhat.com/security/cve/CVE-2022-0207","https://bugzilla.redhat.com/show_bug.cgi?id=2033697","https://bugzilla.redhat.com/show_bug.cgi?id=2039248","https://gerrit.ovirt.org/c/vdsm/+/118025","https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8"],"published_time":"2022-08-26T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3632","summary":"A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00503,"ranking_epss":0.66087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3632","https://bugzilla.redhat.com/show_bug.cgi?id=1978196","https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4","https://github.com/keycloak/keycloak/pull/8203","https://issues.redhat.com/browse/KEYCLOAK-18500","https://access.redhat.com/security/cve/CVE-2021-3632","https://bugzilla.redhat.com/show_bug.cgi?id=1978196","https://github.com/keycloak/keycloak/commit/65480cb5a11630909c086f79d396004499fbd1e4","https://github.com/keycloak/keycloak/pull/8203","https://issues.redhat.com/browse/KEYCLOAK-18500"],"published_time":"2022-08-26T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3669","summary":"A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04773,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3669","https://bugzilla.redhat.com/show_bug.cgi?id=1980619","https://bugzilla.redhat.com/show_bug.cgi?id=1986473","https://security-tracker.debian.org/tracker/CVE-2021-3669","https://access.redhat.com/security/cve/CVE-2021-3669","https://bugzilla.redhat.com/show_bug.cgi?id=1980619","https://bugzilla.redhat.com/show_bug.cgi?id=1986473","https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html","https://security-tracker.debian.org/tracker/CVE-2021-3669"],"published_time":"2022-08-26T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3864","summary":"A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00557,"ranking_epss":0.68156,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3864","https://bugzilla.redhat.com/show_bug.cgi?id=2015046","https://lore.kernel.org/all/20211221021744.864115-1-longman%40redhat.com/","https://lore.kernel.org/all/20211226150310.GA992%401wt.eu/","https://lore.kernel.org/lkml/20211228170910.623156-1-wander%40redhat.com/","https://security-tracker.debian.org/tracker/CVE-2021-3864","https://www.openwall.com/lists/oss-security/2021/10/20/2","https://access.redhat.com/security/cve/CVE-2021-3864","https://bugzilla.redhat.com/show_bug.cgi?id=2015046","https://lore.kernel.org/all/20211221021744.864115-1-longman%40redhat.com/","https://lore.kernel.org/all/20211226150310.GA992%401wt.eu/","https://lore.kernel.org/lkml/20211228170910.623156-1-wander%40redhat.com/","https://security-tracker.debian.org/tracker/CVE-2021-3864","https://www.openwall.com/lists/oss-security/2021/10/20/2"],"published_time":"2022-08-26T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-35939","summary":"It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00202,"ranking_epss":0.42295,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-35939","https://bugzilla.redhat.com/show_bug.cgi?id=1964129","https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556","https://github.com/rpm-software-management/rpm/pull/1919","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22","https://access.redhat.com/security/cve/CVE-2021-35939","https://bugzilla.redhat.com/show_bug.cgi?id=1964129","https://github.com/rpm-software-management/rpm/commit/96ec957e281220f8e137a2d5eb23b83a6377d556","https://github.com/rpm-software-management/rpm/pull/1919","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22"],"published_time":"2022-08-26T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-35937","summary":"A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-35937","https://bugzilla.redhat.com/show_bug.cgi?id=1964125","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22","https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf","https://access.redhat.com/security/cve/CVE-2021-35937","https://bugzilla.redhat.com/show_bug.cgi?id=1964125","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22","https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf"],"published_time":"2022-08-25T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-35938","summary":"A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00149,"ranking_epss":0.35409,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-35938","https://bugzilla.redhat.com/show_bug.cgi?id=1964114","https://bugzilla.suse.com/show_bug.cgi?id=1157880","https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033","https://github.com/rpm-software-management/rpm/pull/1919","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22","https://access.redhat.com/security/cve/CVE-2021-35938","https://bugzilla.redhat.com/show_bug.cgi?id=1964114","https://bugzilla.suse.com/show_bug.cgi?id=1157880","https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033","https://github.com/rpm-software-management/rpm/pull/1919","https://rpm.org/wiki/Releases/4.18.0","https://security.gentoo.org/glsa/202210-22"],"published_time":"2022-08-25T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3979","summary":"A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00275,"ranking_epss":0.5099,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3979","https://bugzilla.redhat.com/show_bug.cgi?id=2024788","https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656","https://github.com/ceph/ceph/pull/44765","https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/","https://tracker.ceph.com/issues/54006","https://access.redhat.com/security/cve/CVE-2021-3979","https://bugzilla.redhat.com/show_bug.cgi?id=2024788","https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656","https://github.com/ceph/ceph/pull/44765","https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html","https://lists.debian.org/debian-lts-announce/2025/09/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/","https://tracker.ceph.com/issues/54006"],"published_time":"2022-08-25T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4112","summary":"A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30624,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4112","https://bugzilla.redhat.com/show_bug.cgi?id=2028121","https://access.redhat.com/security/cve/CVE-2021-4112","https://bugzilla.redhat.com/show_bug.cgi?id=2028121"],"published_time":"2022-08-25T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0135","summary":"An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.3398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2037790","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html","https://security.gentoo.org/glsa/202210-05","https://bugzilla.redhat.com/show_bug.cgi?id=2037790","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html","https://security.gentoo.org/glsa/202210-05"],"published_time":"2022-08-25T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4217","summary":"A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00195,"ranking_epss":0.41483,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4217","https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077","https://bugzilla.redhat.com/show_bug.cgi?id=2044583","https://access.redhat.com/security/cve/CVE-2021-4217","https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077","https://bugzilla.redhat.com/show_bug.cgi?id=2044583"],"published_time":"2022-08-24T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4158","summary":"A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06626,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4158","https://bugzilla.redhat.com/show_bug.cgi?id=2035002","https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e","https://gitlab.com/qemu-project/qemu/-/issues/770","https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html","https://access.redhat.com/security/cve/CVE-2021-4158","https://bugzilla.redhat.com/show_bug.cgi?id=2035002","https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e","https://gitlab.com/qemu-project/qemu/-/issues/770","https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4159","summary":"A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00063,"ranking_epss":0.19482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4159","https://bugzilla.redhat.com/show_bug.cgi?id=2036024","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=294f2fc6da27620a506e6c050241655459ccd6bd","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://security-tracker.debian.org/tracker/CVE-2021-4159","https://access.redhat.com/security/cve/CVE-2021-4159","https://bugzilla.redhat.com/show_bug.cgi?id=2036024","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=294f2fc6da27620a506e6c050241655459ccd6bd","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://security-tracker.debian.org/tracker/CVE-2021-4159"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4189","summary":"A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.01057,"ranking_epss":0.77607,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4189","https://bugs.python.org/issue43285","https://bugzilla.redhat.com/show_bug.cgi?id=2036020","https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://python-security.readthedocs.io/vuln/ftplib-pasv.html","https://security-tracker.debian.org/tracker/CVE-2021-4189","https://security.netapp.com/advisory/ntap-20221104-0004/","https://access.redhat.com/security/cve/CVE-2021-4189","https://bugs.python.org/issue43285","https://bugzilla.redhat.com/show_bug.cgi?id=2036020","https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html","https://python-security.readthedocs.io/vuln/ftplib-pasv.html","https://security-tracker.debian.org/tracker/CVE-2021-4189","https://security.netapp.com/advisory/ntap-20221104-0004/"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4204","summary":"An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00767,"ranking_epss":0.73463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4204","https://bugzilla.redhat.com/show_bug.cgi?id=2039178","https://security-tracker.debian.org/tracker/CVE-2021-4204","https://security.netapp.com/advisory/ntap-20221228-0003/","https://www.openwall.com/lists/oss-security/2022/01/11/4","https://access.redhat.com/security/cve/CVE-2021-4204","https://bugzilla.redhat.com/show_bug.cgi?id=2039178","https://security-tracker.debian.org/tracker/CVE-2021-4204","https://security.netapp.com/advisory/ntap-20221228-0003/","https://www.openwall.com/lists/oss-security/2022/01/11/4"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4209","summary":"A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00342,"ranking_epss":0.56915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4209","https://bugzilla.redhat.com/show_bug.cgi?id=2044156","https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568","https://gitlab.com/gnutls/gnutls/-/issues/1306","https://gitlab.com/gnutls/gnutls/-/merge_requests/1503","https://security.netapp.com/advisory/ntap-20220915-0005/","https://access.redhat.com/security/cve/CVE-2021-4209","https://bugzilla.redhat.com/show_bug.cgi?id=2044156","https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568","https://gitlab.com/gnutls/gnutls/-/issues/1306","https://gitlab.com/gnutls/gnutls/-/merge_requests/1503","https://security.netapp.com/advisory/ntap-20220915-0005/"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4213","summary":"A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00238,"ranking_epss":0.46906,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-4213","https://bugzilla.redhat.com/show_bug.cgi?id=2042900","https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","https://security-tracker.debian.org/tracker/CVE-2021-4213","https://access.redhat.com/security/cve/CVE-2021-4213","https://bugzilla.redhat.com/show_bug.cgi?id=2042900","https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2","https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448","https://security-tracker.debian.org/tracker/CVE-2021-4213"],"published_time":"2022-08-24T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3975","summary":"A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00522,"ranking_epss":0.66868,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3975","https://bugzilla.redhat.com/show_bug.cgi?id=2024326","https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.netapp.com/advisory/ntap-20221201-0002/","https://ubuntu.com/security/CVE-2021-3975","https://access.redhat.com/security/cve/CVE-2021-3975","https://bugzilla.redhat.com/show_bug.cgi?id=2024326","https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.netapp.com/advisory/ntap-20221201-0002/","https://ubuntu.com/security/CVE-2021-3975"],"published_time":"2022-08-23T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3997","summary":"A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.0574,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3997","https://bugzilla.redhat.com/show_bug.cgi?id=2024639","https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1","https://security.gentoo.org/glsa/202305-15","https://www.openwall.com/lists/oss-security/2022/01/10/2","https://access.redhat.com/security/cve/CVE-2021-3997","https://bugzilla.redhat.com/show_bug.cgi?id=2024639","https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1","https://security.gentoo.org/glsa/202305-15","https://www.openwall.com/lists/oss-security/2022/01/10/2"],"published_time":"2022-08-23T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2938","summary":"A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08533,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848","https://security.netapp.com/advisory/ntap-20221223-0002/","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848","https://security.netapp.com/advisory/ntap-20221223-0002/"],"published_time":"2022-08-23T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3827","summary":"A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00208,"ranking_epss":0.43233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3827","https://bugzilla.redhat.com/show_bug.cgi?id=2007512","https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d","https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v","https://access.redhat.com/security/cve/CVE-2021-3827","https://bugzilla.redhat.com/show_bug.cgi?id=2007512","https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d","https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v"],"published_time":"2022-08-23T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3839","summary":"A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00474,"ranking_epss":0.64762,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3839","https://bugzilla.redhat.com/show_bug.cgi?id=2025882","https://github.com/DPDK/dpdk/commit/6442c329b9d2ded0f44b27d2016aaba8ba5844c5","https://access.redhat.com/security/cve/CVE-2021-3839","https://bugzilla.redhat.com/show_bug.cgi?id=2025882","https://github.com/DPDK/dpdk/commit/6442c329b9d2ded0f44b27d2016aaba8ba5844c5"],"published_time":"2022-08-23T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20316","summary":"A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00712,"ranking_epss":0.72294,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-20316","https://bugzilla.redhat.com/show_bug.cgi?id=2009673","https://bugzilla.samba.org/show_bug.cgi?id=14842","https://security-tracker.debian.org/tracker/CVE-2021-20316","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2021-20316.html","https://access.redhat.com/security/cve/CVE-2021-20316","https://bugzilla.redhat.com/show_bug.cgi?id=2009673","https://bugzilla.samba.org/show_bug.cgi?id=14842","https://security-tracker.debian.org/tracker/CVE-2021-20316","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2021-20316.html"],"published_time":"2022-08-23T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-23177","summary":"An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.1272,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-23177","https://bugzilla.redhat.com/show_bug.cgi?id=2024245","https://github.com/libarchive/libarchive/commit/fba4f123cc456d2b2538f811bb831483bf336bad","https://github.com/libarchive/libarchive/issues/1565","https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html","https://access.redhat.com/security/cve/CVE-2021-23177","https://bugzilla.redhat.com/show_bug.cgi?id=2024245","https://github.com/libarchive/libarchive/commit/fba4f123cc456d2b2538f811bb831483bf336bad","https://github.com/libarchive/libarchive/issues/1565","https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html"],"published_time":"2022-08-23T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31566","summary":"An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privileges in a system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11576,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-31566","https://bugzilla.redhat.com/show_bug.cgi?id=2024237","https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043","https://github.com/libarchive/libarchive/issues/1566","https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html","https://access.redhat.com/security/cve/CVE-2021-31566","https://bugzilla.redhat.com/show_bug.cgi?id=2024237","https://github.com/libarchive/libarchive/commit/b41daecb5ccb4c8e3b2c53fd6147109fc12c3043","https://github.com/libarchive/libarchive/issues/1566","https://lists.debian.org/debian-lts-announce/2022/11/msg00030.html"],"published_time":"2022-08-23T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3690","summary":"A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00278,"ranking_epss":0.512,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3690","https://bugzilla.redhat.com/show_bug.cgi?id=1991299","https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877","https://issues.redhat.com/browse/UNDERTOW-1935","https://access.redhat.com/security/cve/CVE-2021-3690","https://bugzilla.redhat.com/show_bug.cgi?id=1991299","https://github.com/undertow-io/undertow/commit/c7e84a0b7efced38506d7d1dfea5902366973877","https://issues.redhat.com/browse/UNDERTOW-1935"],"published_time":"2022-08-23T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3714","summary":"A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20345,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3714","https://arxiv.org/abs/2111.08553","https://arxiv.org/pdf/2111.08553.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=1931327","https://access.redhat.com/security/cve/CVE-2021-3714","https://arxiv.org/abs/2111.08553","https://arxiv.org/pdf/2111.08553.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=1931327"],"published_time":"2022-08-23T16:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2873","summary":"An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.12219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/","https://security.netapp.com/advisory/ntap-20230120-0001/","https://www.debian.org/security/2023/dsa-5324","https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html","https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/","https://security.netapp.com/advisory/ntap-20230120-0001/","https://www.debian.org/security/2023/dsa-5324"],"published_time":"2022-08-22T15:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3659","summary":"A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.06047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2021-3659","https://bugzilla.redhat.com/show_bug.cgi?id=1975949","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8","https://access.redhat.com/security/cve/CVE-2021-3659","https://bugzilla.redhat.com/show_bug.cgi?id=1975949","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1165affd484889d4986cf3b724318935a0b120d8"],"published_time":"2022-08-22T15:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27836","summary":"A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restricted to specified IP ranges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability..","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00716,"ranking_epss":0.72371,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2020-27836","https://bugzilla.redhat.com/show_bug.cgi?id=1905490","https://bugzilla.redhat.com/show_bug.cgi?id=1906267","https://github.com/openshift/cluster-ingress-operator/pull/507/commits/92c83f281ba5fb6a1d91ecc3beaa4bcf2647a729","https://access.redhat.com/security/cve/CVE-2020-27836","https://bugzilla.redhat.com/show_bug.cgi?id=1905490","https://bugzilla.redhat.com/show_bug.cgi?id=1906267","https://github.com/openshift/cluster-ingress-operator/pull/507/commits/92c83f281ba5fb6a1d91ecc3beaa4bcf2647a729"],"published_time":"2022-08-22T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2568","summary":"A privilege escalation flaw was found in the Ansible Automation Platform. This flaw allows a remote authenticated user with 'change user' permissions to modify the account settings of the superuser account and also remove the superuser privileges.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0021,"ranking_epss":0.43445,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2108653","https://bugzilla.redhat.com/show_bug.cgi?id=2108653"],"published_time":"2022-08-18T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2625","summary":"A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.","cvss":8.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.0,"cvss_v4":null,"epss":0.00973,"ranking_epss":0.7667,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2113825","https://security.gentoo.org/glsa/202211-04","https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/","https://bugzilla.redhat.com/show_bug.cgi?id=2113825","https://security.gentoo.org/glsa/202211-04","https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/"],"published_time":"2022-08-18T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14394","summary":"An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.","cvss":3.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.2,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07007,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1908004","https://gitlab.com/qemu-project/qemu/-/issues/646","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/","https://bugzilla.redhat.com/show_bug.cgi?id=1908004","https://gitlab.com/qemu-project/qemu/-/issues/646","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/"],"published_time":"2022-08-17T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1158","summary":"A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2069793","https://security.netapp.com/advisory/ntap-20230214-0003/","https://www.openwall.com/lists/oss-security/2022/04/08/4","https://bugzilla.redhat.com/show_bug.cgi?id=2069793","https://security.netapp.com/advisory/ntap-20230214-0003/","https://www.openwall.com/lists/oss-security/2022/04/08/4"],"published_time":"2022-08-05T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2509","summary":"A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00628,"ranking_epss":0.70245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-2509","https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/","https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html","https://www.debian.org/security/2022/dsa-5203","https://access.redhat.com/security/cve/CVE-2022-2509","https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/","https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html","https://www.debian.org/security/2022/dsa-5203"],"published_time":"2022-08-01T14:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35651","summary":"A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00281,"ranking_epss":0.51466,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71921","https://bugzilla.redhat.com/show_bug.cgi?id=2106275","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/","https://moodle.org/mod/forum/discuss.php?d=436458","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71921","https://bugzilla.redhat.com/show_bug.cgi?id=2106275","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/","https://moodle.org/mod/forum/discuss.php?d=436458"],"published_time":"2022-07-25T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35653","summary":"A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.81091,"ranking_epss":0.99156,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72299","https://bugzilla.redhat.com/show_bug.cgi?id=2106277","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/","https://moodle.org/mod/forum/discuss.php?d=436460","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72299","https://bugzilla.redhat.com/show_bug.cgi?id=2106277","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/","https://moodle.org/mod/forum/discuss.php?d=436460"],"published_time":"2022-07-25T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2393","summary":"A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20914,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2101046","https://bugzilla.redhat.com/show_bug.cgi?id=2101046"],"published_time":"2022-07-14T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2211","summary":"A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0015,"ranking_epss":0.35573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-2211","https://access.redhat.com/security/cve/CVE-2022-2211"],"published_time":"2022-07-12T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-28623","summary":"Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00608,"ranking_epss":0.69706,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04330en_us","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04330en_us"],"published_time":"2022-07-08T13:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3695","summary":"A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.","cvss":4.5,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":4.5,"cvss_v4":null,"epss":0.0006,"ranking_epss":0.18687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1991685","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1991685","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/"],"published_time":"2022-07-06T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3696","summary":"A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.","cvss":4.5,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":4.5,"cvss_v4":null,"epss":0.00114,"ranking_epss":0.299,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1991686","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1991686","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/"],"published_time":"2022-07-06T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3697","summary":"A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1991687","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1991687","https://security.gentoo.org/glsa/202209-12","https://security.netapp.com/advisory/ntap-20220930-0001/"],"published_time":"2022-07-06T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1852","summary":"A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04516,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2089815","https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9","https://bugzilla.redhat.com/show_bug.cgi?id=2089815","https://github.com/torvalds/linux/commit/fee060cd52d69c114b62d1a2948ea9648b5131f9"],"published_time":"2022-06-30T13:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-2078","summary":"A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00494,"ranking_epss":0.65719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2096178","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_tables_api.c?id=fecf31ee395b0295f2d7260aa29946b7605f7c85","https://www.debian.org/security/2022/dsa-5161","https://bugzilla.redhat.com/show_bug.cgi?id=2096178","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_tables_api.c?id=fecf31ee395b0295f2d7260aa29946b7605f7c85","https://www.debian.org/security/2022/dsa-5161"],"published_time":"2022-06-30T13:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0987","summary":"A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.","cvss":3.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12479,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2064315","https://bugzilla.redhat.com/show_bug.cgi?id=2064315"],"published_time":"2022-06-28T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1665","summary":"A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.","cvss":8.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.16473,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2089529","https://bugzilla.redhat.com/show_bug.cgi?id=2089529"],"published_time":"2022-06-21T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-32545","summary":"A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.28304,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2091811","https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512","https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=2091811","https://github.com/ImageMagick/ImageMagick/commit/9c9a84cec4ab28ee0b57c2b9266d6fbe68183512","https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2022-06-16T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-32546","summary":"A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.31421,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2091812","https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23","https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=2091812","https://github.com/ImageMagick/ImageMagick/commit/f221ea0fa3171f0f4fdf74ac9d81b203b9534c23","https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2022-06-16T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-32547","summary":"In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.28304,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2091813","https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0","https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=2091813","https://github.com/ImageMagick/ImageMagick/commit/eac8ce4d873f28bb6a46aa3a662fb196b49b95d0","https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2022-06-16T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1998","summary":"A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.31716,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/notify/fanotify/fanotify_user.c?h=v5.17&id=ee12595147ac1fbfb5bcb23837e26dd58d94b15d","https://seclists.org/oss-sec/2022/q1/99","https://security.netapp.com/advisory/ntap-20220707-0009/","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/notify/fanotify/fanotify_user.c?h=v5.17&id=ee12595147ac1fbfb5bcb23837e26dd58d94b15d","https://seclists.org/oss-sec/2022/q1/99","https://security.netapp.com/advisory/ntap-20220707-0009/"],"published_time":"2022-06-09T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1708","summary":"A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00592,"ranking_epss":0.69237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2085361","https://github.com/cri-o/cri-o/commit/f032cf649ecc7e0c46718bd9e7814bfb317cb544","https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j","https://bugzilla.redhat.com/show_bug.cgi?id=2085361","https://github.com/cri-o/cri-o/commit/f032cf649ecc7e0c46718bd9e7814bfb317cb544","https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j"],"published_time":"2022-06-07T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1949","summary":"An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00676,"ranking_epss":0.71468,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2091781","https://bugzilla.redhat.com/show_bug.cgi?id=2091781"],"published_time":"2022-06-02T14:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1789","summary":"With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04291,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1832397","https://francozappa.github.io/about-bias/","https://kb.cert.org/vuls/id/647177/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6JP355XFVAB33X4BNO3ERVTURFYEDB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUOQTNTQ4ZCXHOCNKYIL2ZUIAZ675RD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KCEAPIVPRTJHKPF2A2HVF5XHD5XJT3MN/","https://www.debian.org/security/2022/dsa-5161","https://bugzilla.redhat.com/show_bug.cgi?id=1832397","https://francozappa.github.io/about-bias/","https://kb.cert.org/vuls/id/647177/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6JP355XFVAB33X4BNO3ERVTURFYEDB7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBUOQTNTQ4ZCXHOCNKYIL2ZUIAZ675RD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KCEAPIVPRTJHKPF2A2HVF5XHD5XJT3MN/","https://www.debian.org/security/2022/dsa-5161"],"published_time":"2022-06-02T14:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1462","summary":"An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory.","cvss":6.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12528,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2078466","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://seclists.org/oss-sec/2022/q2/155","https://bugzilla.redhat.com/show_bug.cgi?id=2078466","https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html","https://seclists.org/oss-sec/2022/q2/155"],"published_time":"2022-06-02T14:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1652","summary":"Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00153,"ranking_epss":0.35991,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1832397","https://francozappa.github.io/about-bias/","https://kb.cert.org/vuls/id/647177/","https://security.netapp.com/advisory/ntap-20220722-0002/","https://www.debian.org/security/2022/dsa-5173","https://bugzilla.redhat.com/show_bug.cgi?id=1832397","https://francozappa.github.io/about-bias/","https://kb.cert.org/vuls/id/647177/","https://security.netapp.com/advisory/ntap-20220722-0002/","https://www.debian.org/security/2022/dsa-5173"],"published_time":"2022-06-02T14:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3597","summary":"A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.","cvss":5.9,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00169,"ranking_epss":0.38155,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970930","https://security.netapp.com/advisory/ntap-20220804-0003/","https://bugzilla.redhat.com/show_bug.cgi?id=1970930","https://security.netapp.com/advisory/ntap-20220804-0003/"],"published_time":"2022-05-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3629","summary":"A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00293,"ranking_epss":0.52671,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1977362","https://security.netapp.com/advisory/ntap-20220729-0008/","https://bugzilla.redhat.com/show_bug.cgi?id=1977362","https://security.netapp.com/advisory/ntap-20220729-0008/"],"published_time":"2022-05-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3717","summary":"A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15339,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1991305","https://security.netapp.com/advisory/ntap-20220804-0002/","https://bugzilla.redhat.com/show_bug.cgi?id=1991305","https://security.netapp.com/advisory/ntap-20220804-0002/"],"published_time":"2022-05-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30597","summary":"A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00471,"ranking_epss":0.64617,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74318","https://bugzilla.redhat.com/show_bug.cgi?id=2083585","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434579","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74318","https://bugzilla.redhat.com/show_bug.cgi?id=2083585","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434579"],"published_time":"2022-05-18T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30598","summary":"A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.3,"cvss_v4":null,"epss":0.0045,"ranking_epss":0.63644,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71623","https://bugzilla.redhat.com/show_bug.cgi?id=2083592","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434580","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71623","https://bugzilla.redhat.com/show_bug.cgi?id=2083592","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434580"],"published_time":"2022-05-18T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30599","summary":"A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01945,"ranking_epss":0.83445,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74333","https://bugzilla.redhat.com/show_bug.cgi?id=2083610","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434581","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74333","https://bugzilla.redhat.com/show_bug.cgi?id=2083610","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434581"],"published_time":"2022-05-18T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30600","summary":"A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0685,"ranking_epss":0.9136,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-73736","https://bugzilla.redhat.com/show_bug.cgi?id=2083613","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434582","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-73736","https://bugzilla.redhat.com/show_bug.cgi?id=2083613","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434582"],"published_time":"2022-05-18T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30596","summary":"A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.","cvss":5.4,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00875,"ranking_epss":0.75277,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74204","https://bugzilla.redhat.com/show_bug.cgi?id=2083583","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434578","http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74204","https://bugzilla.redhat.com/show_bug.cgi?id=2083583","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/","https://moodle.org/mod/forum/discuss.php?d=434578"],"published_time":"2022-05-18T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1706","summary":"A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data confidentiality. Possible workaround is to not put secrets in the Ignition config.","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00592,"ranking_epss":0.69237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2082274","https://github.com/coreos/ignition/commit/4b70b44b430ecf8377a276e89b5acd3a6957d4ea","https://github.com/coreos/ignition/issues/1300","https://github.com/coreos/ignition/issues/1315","https://github.com/coreos/ignition/pull/1350","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LY7LKGMQMXV6DGD263YQHNSLOJJ5VLV5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NP765L7TJI7CD4XVOHUWZVRYRH3FYBOR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5QQXRGQKTN4YX2ZF3GQNEBDEOKJGCN3/","https://bugzilla.redhat.com/show_bug.cgi?id=2082274","https://github.com/coreos/ignition/commit/4b70b44b430ecf8377a276e89b5acd3a6957d4ea","https://github.com/coreos/ignition/issues/1300","https://github.com/coreos/ignition/issues/1315","https://github.com/coreos/ignition/pull/1350","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LY7LKGMQMXV6DGD263YQHNSLOJJ5VLV5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NP765L7TJI7CD4XVOHUWZVRYRH3FYBOR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5QQXRGQKTN4YX2ZF3GQNEBDEOKJGCN3/"],"published_time":"2022-05-17T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1586","summary":"An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00584,"ranking_epss":0.69034,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C","https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C","https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c","https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/","https://security.netapp.com/advisory/ntap-20221028-0009/","https://bugzilla.redhat.com/show_bug.cgi?id=2077976","https://bugzilla.redhat.com/show_bug.cgi?id=2077976%2C","https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a","https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a%2C","https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c","https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/","https://security.netapp.com/advisory/ntap-20221028-0009/"],"published_time":"2022-05-16T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1587","summary":"An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00252,"ranking_epss":0.4855,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C","https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0","https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/","https://security.netapp.com/advisory/ntap-20221028-0009/","https://bugzilla.redhat.com/show_bug.cgi?id=2077983%2C","https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0","https://lists.debian.org/debian-lts-announce/2023/03/msg00014.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/","https://security.netapp.com/advisory/ntap-20221028-0009/"],"published_time":"2022-05-16T21:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3611","summary":"A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07293,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1973784","https://gitlab.com/qemu-project/qemu/-/issues/542","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220624-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1973784","https://gitlab.com/qemu-project/qemu/-/issues/542","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220624-0001/"],"published_time":"2022-05-11T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3750","summary":"A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.","cvss":8.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":8.2,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08536,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1999073","https://gitlab.com/qemu-project/qemu/-/issues/541","https://gitlab.com/qemu-project/qemu/-/issues/556","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220624-0003/","https://bugzilla.redhat.com/show_bug.cgi?id=1999073","https://gitlab.com/qemu-project/qemu/-/issues/541","https://gitlab.com/qemu-project/qemu/-/issues/556","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220624-0003/"],"published_time":"2022-05-02T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4206","summary":"A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.","cvss":8.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.3702,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2036998","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://starlabs.sg/advisories/21-4206/","https://www.debian.org/security/2022/dsa-5133","https://bugzilla.redhat.com/show_bug.cgi?id=2036998","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20250321-0010/","https://starlabs.sg/advisories/21-4206/","https://www.debian.org/security/2022/dsa-5133"],"published_time":"2022-04-29T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4207","summary":"A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.","cvss":8.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.15295,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2036966","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://starlabs.sg/advisories/21-4207/","https://www.debian.org/security/2022/dsa-5133","https://bugzilla.redhat.com/show_bug.cgi?id=2036966","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20250321-0009/","https://starlabs.sg/advisories/21-4207/","https://www.debian.org/security/2022/dsa-5133"],"published_time":"2022-04-29T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0984","summary":"Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00185,"ranking_epss":0.40198,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2064118","https://bugzilla.redhat.com/show_bug.cgi?id=2064118"],"published_time":"2022-04-29T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1048","summary":"A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2066706","https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3","https://security.netapp.com/advisory/ntap-20220629-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173","https://bugzilla.redhat.com/show_bug.cgi?id=2066706","https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3","https://security.netapp.com/advisory/ntap-20220629-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173"],"published_time":"2022-04-29T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1227","summary":"A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.33719,"ranking_epss":0.96947,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2070368","https://github.com/containers/podman/issues/10941","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://security.netapp.com/advisory/ntap-20240628-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=2070368","https://github.com/containers/podman/issues/10941","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://security.netapp.com/advisory/ntap-20240628-0001/"],"published_time":"2022-04-29T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1353","summary":"A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04513,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2066819","https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c","https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html","https://security.netapp.com/advisory/ntap-20220629-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173","https://bugzilla.redhat.com/show_bug.cgi?id=2066819","https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c","https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html","https://security.netapp.com/advisory/ntap-20220629-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173"],"published_time":"2022-04-29T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42778","summary":"A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0013,"ranking_epss":0.32483,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185","https://bugzilla.redhat.com/show_bug.cgi?id=2016083","https://github.com/OpenSC/OpenSC/commit/f015746d","https://security.gentoo.org/glsa/202209-03","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185","https://bugzilla.redhat.com/show_bug.cgi?id=2016083","https://github.com/OpenSC/OpenSC/commit/f015746d","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://security.gentoo.org/glsa/202209-03"],"published_time":"2022-04-18T17:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42779","summary":"A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24526,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843","https://bugzilla.redhat.com/show_bug.cgi?id=2016086","https://github.com/OpenSC/OpenSC/commit/1db88374","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://security.gentoo.org/glsa/202209-03","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843","https://bugzilla.redhat.com/show_bug.cgi?id=2016086","https://github.com/OpenSC/OpenSC/commit/1db88374","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://security.gentoo.org/glsa/202209-03"],"published_time":"2022-04-18T17:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42780","summary":"A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.1826,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383","https://bugzilla.redhat.com/show_bug.cgi?id=2016139","https://github.com/OpenSC/OpenSC/commit/5df913b7","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://security.gentoo.org/glsa/202209-03","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383","https://bugzilla.redhat.com/show_bug.cgi?id=2016139","https://github.com/OpenSC/OpenSC/commit/5df913b7","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://security.gentoo.org/glsa/202209-03"],"published_time":"2022-04-18T17:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42781","summary":"Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00119,"ranking_epss":0.30844,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2016439","https://github.com/OpenSC/OpenSC/commit/05648b06","https://github.com/OpenSC/OpenSC/commit/17d8980c","https://github.com/OpenSC/OpenSC/commit/40c50a3a","https://github.com/OpenSC/OpenSC/commit/5d4daf6c","https://github.com/OpenSC/OpenSC/commit/cae5c71f","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://security.gentoo.org/glsa/202209-03","https://bugzilla.redhat.com/show_bug.cgi?id=2016439","https://github.com/OpenSC/OpenSC/commit/05648b06","https://github.com/OpenSC/OpenSC/commit/17d8980c","https://github.com/OpenSC/OpenSC/commit/40c50a3a","https://github.com/OpenSC/OpenSC/commit/5d4daf6c","https://github.com/OpenSC/OpenSC/commit/cae5c71f","https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html","https://security.gentoo.org/glsa/202209-03"],"published_time":"2022-04-18T17:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1304","summary":"An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00722,"ranking_epss":0.72513,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2069726","https://bugzilla.redhat.com/show_bug.cgi?id=2069726","https://lists.debian.org/debian-lts-announce/2024/10/msg00001.html","https://security.netapp.com/advisory/ntap-20241122-0010/"],"published_time":"2022-04-14T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1280","summary":"A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.","cvss":6.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05738,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2071022","https://www.openwall.com/lists/oss-security/2022/04/12/3","https://bugzilla.redhat.com/show_bug.cgi?id=2071022","https://www.openwall.com/lists/oss-security/2022/04/12/3"],"published_time":"2022-04-13T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-28796","summary":"jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00097,"ranking_epss":0.26721,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1","https://github.com/torvalds/linux/commit/cc16eecae687912238ee6efbff71ad31e2bc414e","https://security.netapp.com/advisory/ntap-20220506-0006/","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1","https://github.com/torvalds/linux/commit/cc16eecae687912238ee6efbff71ad31e2bc414e","https://security.netapp.com/advisory/ntap-20220506-0006/"],"published_time":"2022-04-08T05:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-27649","summary":"A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0054,"ranking_epss":0.67629,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2066568","https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0","https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/","https://bugzilla.redhat.com/show_bug.cgi?id=2066568","https://github.com/containers/podman/commit/aafa80918a245edcbdaceb1191d749570f1872d0","https://github.com/containers/podman/security/advisories/GHSA-qvf8-p83w-v58j","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/"],"published_time":"2022-04-04T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-27650","summary":"A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00097,"ranking_epss":0.26729,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2066845","https://github.com/containers/crun/commit/1aeeed2e4fdeffb4875c0d0b439915894594c8c6","https://github.com/containers/crun/security/advisories/GHSA-wr4f-w546-m398","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYIGABCZ7ZHAG2XCOGITTQRJU2ASWMFA/","https://bugzilla.redhat.com/show_bug.cgi?id=2066845","https://github.com/containers/crun/commit/1aeeed2e4fdeffb4875c0d0b439915894594c8c6","https://github.com/containers/crun/security/advisories/GHSA-wr4f-w546-m398","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYIGABCZ7ZHAG2XCOGITTQRJU2ASWMFA/"],"published_time":"2022-04-04T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-27651","summary":"A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity.","cvss":6.8,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00182,"ranking_epss":0.39907,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2066840","https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b","https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7NETC7I6RTMMBRJJQVJOJUPDK4W4PQSJ/","https://bugzilla.redhat.com/show_bug.cgi?id=2066840","https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b","https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7NETC7I6RTMMBRJJQVJOJUPDK4W4PQSJ/"],"published_time":"2022-04-04T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35501","summary":"A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem","cvss":3.4,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":3.4,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24532,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1908577","https://bugzilla.redhat.com/show_bug.cgi?id=1908577"],"published_time":"2022-03-30T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1055","summary":"A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","cvss":8.6,"cvss_version":4.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":8.6,"epss":0.00024,"ranking_epss":0.06341,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","https://security.netapp.com/advisory/ntap-20220506-0007/","https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc","http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5","https://security.netapp.com/advisory/ntap-20220506-0007/","https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc"],"published_time":"2022-03-29T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0330","summary":"A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11616,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2022/11/30/1","https://bugzilla.redhat.com/show_bug.cgi?id=2042404","https://security.netapp.com/advisory/ntap-20220526-0001/","https://www.openwall.com/lists/oss-security/2022/01/25/12","http://www.openwall.com/lists/oss-security/2022/11/30/1","https://bugzilla.redhat.com/show_bug.cgi?id=2042404","https://security.netapp.com/advisory/ntap-20220526-0001/","https://www.openwall.com/lists/oss-security/2022/01/25/12"],"published_time":"2022-03-25T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0435","summary":"A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.54322,"ranking_epss":0.98023,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2048738","https://security.netapp.com/advisory/ntap-20220602-0001/","https://www.openwall.com/lists/oss-security/2022/02/10/1","https://bugzilla.redhat.com/show_bug.cgi?id=2048738","https://security.netapp.com/advisory/ntap-20220602-0001/","https://www.openwall.com/lists/oss-security/2022/02/10/1"],"published_time":"2022-03-25T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3941","summary":"In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00122,"ranking_epss":0.3126,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2019789","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I2JSMJ7HLWFPYYV7IAQZD5ZUUUN7RWBN/","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299","https://bugzilla.redhat.com/show_bug.cgi?id=2019789","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I2JSMJ7HLWFPYYV7IAQZD5ZUUUN7RWBN/","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299"],"published_time":"2022-03-25T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0996","summary":"A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00144,"ranking_epss":0.34735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2064769","https://github.com/ByteHackr/389-ds-base","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QFD7CBBX3IZOSHEWL2EYKRLOEQSXCZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYT2IQJFHQWZENJJRY6EJB3XIFZGNT7F/","https://bugzilla.redhat.com/show_bug.cgi?id=2064769","https://github.com/ByteHackr/389-ds-base","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QFD7CBBX3IZOSHEWL2EYKRLOEQSXCZ6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYT2IQJFHQWZENJJRY6EJB3XIFZGNT7F/"],"published_time":"2022-03-23T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3748","summary":"A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1998514","https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220425-0004/","https://ubuntu.com/security/CVE-2021-3748","https://bugzilla.redhat.com/show_bug.cgi?id=1998514","https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220425-0004/","https://ubuntu.com/security/CVE-2021-3748"],"published_time":"2022-03-23T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-27666","summary":"A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00797,"ranking_epss":0.74,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2061633","https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645","https://security.netapp.com/advisory/ntap-20220429-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173","https://bugzilla.redhat.com/show_bug.cgi?id=2061633","https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645","https://security.netapp.com/advisory/ntap-20220429-0001/","https://www.debian.org/security/2022/dsa-5127","https://www.debian.org/security/2022/dsa-5173"],"published_time":"2022-03-23T06:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-1011","summary":"A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00219,"ranking_epss":0.44529,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2064855","https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next","https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html","https://www.debian.org/security/2022/dsa-5173","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=2064855","https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next","https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html","https://www.debian.org/security/2022/dsa-5173","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-03-18T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-27191","summary":"The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.","cvss":7.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00089,"ranking_epss":0.2528,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://groups.google.com/g/golang-announce","https://groups.google.com/g/golang-announce/c/-cp44ypCT5s","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/","https://security.netapp.com/advisory/ntap-20220429-0002/","https://groups.google.com/g/golang-announce","https://groups.google.com/g/golang-announce/c/-cp44ypCT5s","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/","https://security.netapp.com/advisory/ntap-20220429-0002/"],"published_time":"2022-03-18T07:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0918","summary":"A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.08412,"ranking_epss":0.92333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2022-0918","https://bugzilla.redhat.com/show_bug.cgi?id=2055815","https://github.com/389ds/389-ds-base/issues/5242","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://access.redhat.com/security/cve/CVE-2022-0918","https://bugzilla.redhat.com/show_bug.cgi?id=2055815","https://github.com/389ds/389-ds-base/issues/5242","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://lists.debian.org/debian-lts-announce/2025/01/msg00015.html"],"published_time":"2022-03-16T15:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20257","summary":"An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00076,"ranking_epss":0.22792,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1930087","https://github.com/qemu/qemu/commit/3de46e6fc489c52c9431a8a832ad8170a7569bd8","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07428.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220425-0003/","https://www.openwall.com/lists/oss-security/2021/02/25/2","https://bugzilla.redhat.com/show_bug.cgi?id=1930087","https://github.com/qemu/qemu/commit/3de46e6fc489c52c9431a8a832ad8170a7569bd8","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07428.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220425-0003/","https://www.openwall.com/lists/oss-security/2021/02/25/2"],"published_time":"2022-03-16T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0847","summary":"A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.81633,"ranking_epss":0.99186,"kev":true,"propose_action":"Linux kernel contains an improper initialization vulnerability where an unprivileged local user could escalate their privileges on the system. This vulnerability has the moniker of \"Dirty Pipe.\"","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html","http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html","http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html","http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html","https://bugzilla.redhat.com/show_bug.cgi?id=2060795","https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf","https://dirtypipe.cm4all.com/","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015","https://security.netapp.com/advisory/ntap-20220325-0005/","https://www.suse.com/support/kb/doc/?id=000020603","http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html","http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html","http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html","http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html","https://bugzilla.redhat.com/show_bug.cgi?id=2060795","https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf","https://dirtypipe.cm4all.com/","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015","https://security.netapp.com/advisory/ntap-20220325-0005/","https://www.suse.com/support/kb/doc/?id=000020603","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0847"],"published_time":"2022-03-10T17:44:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0516","summary":"A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00114,"ranking_epss":0.30033,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2050237","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55","https://security.netapp.com/advisory/ntap-20220331-0009/","https://www.debian.org/security/2022/dsa-5092","https://bugzilla.redhat.com/show_bug.cgi?id=2050237","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55","https://security.netapp.com/advisory/ntap-20220331-0009/","https://www.debian.org/security/2022/dsa-5092"],"published_time":"2022-03-10T17:44:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3733","summary":"There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0076,"ranking_epss":0.73333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.python.org/issue43075","https://bugzilla.redhat.com/show_bug.cgi?id=1995234","https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb","https://github.com/python/cpython/pull/24391","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://security.netapp.com/advisory/ntap-20220407-0001/","https://ubuntu.com/security/CVE-2021-3733","https://bugs.python.org/issue43075","https://bugzilla.redhat.com/show_bug.cgi?id=1995234","https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb","https://github.com/python/cpython/pull/24391","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html","https://security.netapp.com/advisory/ntap-20220407-0001/","https://ubuntu.com/security/CVE-2021-3733"],"published_time":"2022-03-10T17:42:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3698","summary":"A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00114,"ranking_epss":0.29964,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1992149","https://bugzilla.redhat.com/show_bug.cgi?id=1992149"],"published_time":"2022-03-10T17:42:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3660","summary":"Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.0027,"ranking_epss":0.50474,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1980688","https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10","https://github.com/cockpit-project/cockpit/issues/16122","https://bugzilla.redhat.com/show_bug.cgi?id=1980688","https://github.com/cockpit-project/cockpit/commit/8d9bc10d8128aae03dfde62fd00075fe492ead10","https://github.com/cockpit-project/cockpit/issues/16122"],"published_time":"2022-03-10T17:42:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20269","summary":"A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a local unprivileged user to read this file and leak kernel internal information from a previous panic. The highest threat from this vulnerability is to confidentiality. This flaw affects kexec-tools shipped by Fedora versions prior to 2.0.21-8 and RHEL versions prior to 2.0.20-47.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06744,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1934261","https://bugzilla.redhat.com/show_bug.cgi?id=1934261"],"published_time":"2022-03-10T17:41:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3656","summary":"A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00072,"ranking_epss":0.21831,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1983988","https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc","https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc","https://www.openwall.com/lists/oss-security/2021/08/16/1","https://bugzilla.redhat.com/show_bug.cgi?id=1983988","https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc","https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc","https://www.openwall.com/lists/oss-security/2021/08/16/1"],"published_time":"2022-03-04T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3737","summary":"A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00119,"ranking_epss":0.30821,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.python.org/issue44022","https://bugzilla.redhat.com/show_bug.cgi?id=1995162","https://github.com/python/cpython/pull/25916","https://github.com/python/cpython/pull/26503","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html","https://security.netapp.com/advisory/ntap-20220407-0009/","https://ubuntu.com/security/CVE-2021-3737","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugs.python.org/issue44022","https://bugzilla.redhat.com/show_bug.cgi?id=1995162","https://github.com/python/cpython/pull/25916","https://github.com/python/cpython/pull/26503","https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html","https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html","https://security.netapp.com/advisory/ntap-20220407-0009/","https://ubuntu.com/security/CVE-2021-3737","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-03-04T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3575","summary":"A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0033,"ranking_epss":0.56018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1957616","https://github.com/uclouvain/openjpeg/issues/1347","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/","https://ubuntu.com/security/CVE-2021-3575","https://bugzilla.redhat.com/show_bug.cgi?id=1957616","https://github.com/uclouvain/openjpeg/issues/1347","https://lists.debian.org/debian-lts-announce/2025/04/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP/","https://ubuntu.com/security/CVE-2021-3575"],"published_time":"2022-03-04T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-23214","summary":"When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.","cvss":8.1,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00225,"ranking_epss":0.452,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2022666","https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commit%3Bh=28e24125541545483093819efae9bca603441951","https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951","https://security.gentoo.org/glsa/202211-04","https://www.postgresql.org/support/security/CVE-2021-23214/","https://bugzilla.redhat.com/show_bug.cgi?id=2022666","https://git.postgresql.org/gitweb/?p=postgresql.git%3Ba=commit%3Bh=28e24125541545483093819efae9bca603441951","https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951","https://security.gentoo.org/glsa/202211-04","https://www.postgresql.org/support/security/CVE-2021-23214/"],"published_time":"2022-03-04T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3744","summary":"A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01786,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/09/14/1","https://bugzilla.redhat.com/show_bug.cgi?id=2000627","https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680","https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/","https://seclists.org/oss-sec/2021/q3/164","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html","http://www.openwall.com/lists/oss-security/2021/09/14/1","https://bugzilla.redhat.com/show_bug.cgi?id=2000627","https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680","https://kernel.googlesource.com/pub/scm/linux/kernel/git/herbert/crypto-2.6/+/505d9dcb0f7ddf9d075e729523a33d38642ae680%5E%21/#F0","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/","https://seclists.org/oss-sec/2021/q3/164","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-03-04T16:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3602","summary":"An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).","cvss":5.5,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00122,"ranking_epss":0.31335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1969264","https://github.com/containers/buildah/commit/a468ce0ffd347035d53ee0e26c205ef604097fb0","https://github.com/containers/buildah/security/advisories/GHSA-7638-r9r3-rmjj","https://ubuntu.com/security/CVE-2021-3602","https://bugzilla.redhat.com/show_bug.cgi?id=1969264","https://github.com/containers/buildah/commit/a468ce0ffd347035d53ee0e26c205ef604097fb0","https://github.com/containers/buildah/security/advisories/GHSA-7638-r9r3-rmjj","https://ubuntu.com/security/CVE-2021-3602"],"published_time":"2022-03-03T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3620","summary":"A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0029,"ranking_epss":0.52468,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1975767","https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes","https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0","https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html","https://bugzilla.redhat.com/show_bug.cgi?id=1975767","https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#security-fixes","https://github.com/ansible/ansible/commit/fe28767970c8ec62aabe493c46b53a5de1e5fac0","https://lists.debian.org/debian-lts-announce/2023/12/msg00018.html"],"published_time":"2022-03-03T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0492","summary":"A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.05093,"ranking_epss":0.89822,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html","http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html","http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html","https://bugzilla.redhat.com/show_bug.cgi?id=2051505","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://security.netapp.com/advisory/ntap-20220419-0002/","https://www.debian.org/security/2022/dsa-5095","https://www.debian.org/security/2022/dsa-5096","http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html","http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html","http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html","https://bugzilla.redhat.com/show_bug.cgi?id=2051505","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://security.netapp.com/advisory/ntap-20220419-0002/","https://www.debian.org/security/2022/dsa-5095","https://www.debian.org/security/2022/dsa-5096"],"published_time":"2022-03-03T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3716","summary":"A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability.","cvss":3.1,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.24116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1994695","https://gitlab.com/nbdkit/nbdkit/-/commit/09a13dafb7bb3a38ab52eb5501cba786365ba7fd","https://gitlab.com/nbdkit/nbdkit/-/commit/6c5faac6a37077cf2366388a80862bb00616d0d8","https://listman.redhat.com/archives/libguestfs/2021-August/msg00083.html","https://www.openwall.com/lists/oss-security/2021/08/18/2","https://bugzilla.redhat.com/show_bug.cgi?id=1994695","https://gitlab.com/nbdkit/nbdkit/-/commit/09a13dafb7bb3a38ab52eb5501cba786365ba7fd","https://gitlab.com/nbdkit/nbdkit/-/commit/6c5faac6a37077cf2366388a80862bb00616d0d8","https://listman.redhat.com/archives/libguestfs/2021-August/msg00083.html","https://www.openwall.com/lists/oss-security/2021/08/18/2"],"published_time":"2022-03-02T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3772","summary":"A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.","cvss":6.5,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00164,"ranking_epss":0.37397,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2000694","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df","https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://security.netapp.com/advisory/ntap-20221007-0001/","https://ubuntu.com/security/CVE-2021-3772","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=2000694","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df","https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://security.netapp.com/advisory/ntap-20221007-0001/","https://ubuntu.com/security/CVE-2021-3772","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-03-02T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3623","summary":"A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.","cvss":6.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16221,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1976806","https://github.com/stefanberger/libtpms/commit/2e6173c","https://github.com/stefanberger/libtpms/commit/2f30d62","https://github.com/stefanberger/libtpms/commit/7981d9a","https://github.com/stefanberger/libtpms/pull/223","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7KZSYMTE7Z4BBEZUWO2DIMQDWMGEP46/","https://bugzilla.redhat.com/show_bug.cgi?id=1976806","https://github.com/stefanberger/libtpms/commit/2e6173c","https://github.com/stefanberger/libtpms/commit/2f30d62","https://github.com/stefanberger/libtpms/commit/7981d9a","https://github.com/stefanberger/libtpms/pull/223","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7KZSYMTE7Z4BBEZUWO2DIMQDWMGEP46/"],"published_time":"2022-03-02T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3631","summary":"A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.","cvss":6.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20699,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2021:3631","https://bugzilla.redhat.com/show_bug.cgi?id=1977726","https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2","https://gitlab.com/libvirt/libvirt/-/issues/153","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.gentoo.org/glsa/202210-06","https://security.netapp.com/advisory/ntap-20220331-0010/","https://access.redhat.com/errata/RHSA-2021:3631","https://bugzilla.redhat.com/show_bug.cgi?id=1977726","https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2","https://gitlab.com/libvirt/libvirt/-/issues/153","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.gentoo.org/glsa/202210-06","https://security.netapp.com/advisory/ntap-20220331-0010/"],"published_time":"2022-03-02T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3667","summary":"An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00436,"ranking_epss":0.63005,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1986094","https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87","https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.gentoo.org/glsa/202210-06","https://security.netapp.com/advisory/ntap-20220331-0005/","https://bugzilla.redhat.com/show_bug.cgi?id=1986094","https://gitlab.com/libvirt/libvirt/-/commit/447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87","https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://security.gentoo.org/glsa/202210-06","https://security.netapp.com/advisory/ntap-20220331-0005/"],"published_time":"2022-03-02T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3677","summary":"A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00202,"ranking_epss":0.42273,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2001857","https://security.gentoo.org/glsa/202211-04","https://security.netapp.com/advisory/ntap-20220407-0008/","https://www.postgresql.org/support/security/CVE-2021-3677/","https://bugzilla.redhat.com/show_bug.cgi?id=2001857","https://security.gentoo.org/glsa/202211-04","https://security.netapp.com/advisory/ntap-20220407-0008/","https://www.postgresql.org/support/security/CVE-2021-3677/"],"published_time":"2022-03-02T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0711","summary":"A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.66484,"ranking_epss":0.98533,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2022-0711","https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8","https://www.debian.org/security/2022/dsa-5102","https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html","https://access.redhat.com/security/cve/cve-2022-0711","https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8","https://www.debian.org/security/2022/dsa-5102","https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html"],"published_time":"2022-03-02T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26252","summary":"A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00257,"ranking_epss":0.49078,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1967009","https://bugzilla.redhat.com/show_bug.cgi?id=1967009"],"published_time":"2022-02-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3596","summary":"A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00173,"ranking_epss":0.38712,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970569","https://github.com/ImageMagick/ImageMagick/issues/2624","https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1970569","https://github.com/ImageMagick/ImageMagick/issues/2624","https://lists.debian.org/debian-lts-announce/2022/05/msg00018.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2022-02-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3610","summary":"A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00218,"ranking_epss":0.4446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/05/29/4","http://www.openwall.com/lists/oss-security/2023/06/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=1973689","https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3","http://www.openwall.com/lists/oss-security/2023/05/29/4","http://www.openwall.com/lists/oss-security/2023/06/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=1973689","https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3","https://github.com/fuzzing2026/CVE-PoCs/tree/main/imagemagick-CVE-2021-3610"],"published_time":"2022-02-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3700","summary":"A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12484,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1992830","https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba","https://lists.debian.org/debian-lts-announce/2022/03/msg00030.html","https://bugzilla.redhat.com/show_bug.cgi?id=1992830","https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba","https://lists.debian.org/debian-lts-announce/2022/03/msg00030.html"],"published_time":"2022-02-24T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4115","summary":"There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00106,"ranking_epss":0.28776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html","https://access.redhat.com/security/cve/cve-2021-4115","https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e","https://gitlab.freedesktop.org/polkit/polkit/-/issues/141","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF/","https://www.oracle.com/security-alerts/cpujul2022.html","http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html","https://access.redhat.com/security/cve/cve-2021-4115","https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e","https://gitlab.freedesktop.org/polkit/polkit/-/issues/141","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF/","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-02-21T22:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-44142","summary":"The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide \"...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver.\" Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.37405,"ranking_epss":0.97181,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.samba.org/show_bug.cgi?id=14914","https://kb.cert.org/vuls/id/119678","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2021-44142.html","https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin","https://bugzilla.samba.org/show_bug.cgi?id=14914","https://kb.cert.org/vuls/id/119678","https://security.gentoo.org/glsa/202309-06","https://www.kb.cert.org/vuls/id/119678","https://www.samba.org/samba/security/CVE-2021-44142.html","https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin"],"published_time":"2022-02-21T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23645","summary":"swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.","cvss":6.2,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/stefanberger/swtpm/commit/9f740868fc36761de27df3935513bdebf8852d19","https://github.com/stefanberger/swtpm/releases/tag/v0.5.3","https://github.com/stefanberger/swtpm/releases/tag/v0.6.2","https://github.com/stefanberger/swtpm/releases/tag/v0.7.1","https://github.com/stefanberger/swtpm/security/advisories/GHSA-2qgm-8xf4-3hqw","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL735FW266GO4C2JX4CJBOIOB7R7AY5A/","https://github.com/stefanberger/swtpm/commit/9f740868fc36761de27df3935513bdebf8852d19","https://github.com/stefanberger/swtpm/releases/tag/v0.5.3","https://github.com/stefanberger/swtpm/releases/tag/v0.6.2","https://github.com/stefanberger/swtpm/releases/tag/v0.7.1","https://github.com/stefanberger/swtpm/security/advisories/GHSA-2qgm-8xf4-3hqw","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WL735FW266GO4C2JX4CJBOIOB7R7AY5A/"],"published_time":"2022-02-18T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4093","summary":"A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0009,"ranking_epss":0.25462,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/project-zero/issues/detail?id=2222","https://bugzilla.redhat.com/show_bug.cgi?id=2028584","https://bugs.chromium.org/p/project-zero/issues/detail?id=2222","https://bugzilla.redhat.com/show_bug.cgi?id=2028584"],"published_time":"2022-02-18T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20325","summary":"Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd.","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00933,"ranking_epss":0.76129,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2017321","https://bugzilla.redhat.com/show_bug.cgi?id=2017321"],"published_time":"2022-02-18T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3657","summary":"A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (>=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.05749,"ranking_epss":0.90457,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2028932","https://lists.debian.org/debian-lts-announce/2022/07/msg00001.html","https://security.gentoo.org/glsa/202208-15","https://www.openwall.com/lists/oss-security/2021/12/03/1","https://bugzilla.redhat.com/show_bug.cgi?id=2028932","https://lists.debian.org/debian-lts-announce/2022/07/msg00001.html","https://security.gentoo.org/glsa/202208-15","https://www.openwall.com/lists/oss-security/2021/12/03/1"],"published_time":"2022-02-18T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3930","summary":"An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16971,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2020588","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220225-0007/","https://bugzilla.redhat.com/show_bug.cgi?id=2020588","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220225-0007/"],"published_time":"2022-02-18T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3948","summary":"An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster.","cvss":6.3,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00192,"ranking_epss":0.41113,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2022017","https://bugzilla.redhat.com/show_bug.cgi?id=2022017"],"published_time":"2022-02-18T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-2124","summary":"A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00699,"ranking_epss":0.71974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2019660","https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2016-2124.html","https://bugzilla.redhat.com/show_bug.cgi?id=2019660","https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2016-2124.html"],"published_time":"2022-02-18T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25717","summary":"A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.","cvss":8.1,"cvss_version":3.0,"cvss_v2":8.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00517,"ranking_epss":0.6669,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2019672","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2020-25717.html","https://bugzilla.redhat.com/show_bug.cgi?id=2019672","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2020-25717.html"],"published_time":"2022-02-18T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25719","summary":"A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.","cvss":7.2,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":7.2,"cvss_v4":null,"epss":0.00213,"ranking_epss":0.43831,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2019732","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2020-25719.html","https://bugzilla.redhat.com/show_bug.cgi?id=2019732","https://security.gentoo.org/glsa/202309-06","https://www.samba.org/samba/security/CVE-2020-25719.html"],"published_time":"2022-02-18T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20320","summary":"A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26331,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2010090","https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh%40anyfinetworks.com/","https://bugzilla.redhat.com/show_bug.cgi?id=2010090","https://lore.kernel.org/bpf/20210902185229.1840281-1-johan.almbladh%40anyfinetworks.com/"],"published_time":"2022-02-18T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20321","summary":"A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.7,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.0499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2013242","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/","https://www.debian.org/security/2022/dsa-5096","https://bugzilla.redhat.com/show_bug.cgi?id=2013242","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/all/20211011134508.748956131%40linuxfoundation.org/","https://www.debian.org/security/2022/dsa-5096"],"published_time":"2022-02-18T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3560","summary":"It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.10912,"ranking_epss":0.93395,"kev":true,"propose_action":"Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html","http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html","https://bugzilla.redhat.com/show_bug.cgi?id=1961710","https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/","http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html","http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html","https://bugzilla.redhat.com/show_bug.cgi?id=1961710","https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3560"],"published_time":"2022-02-16T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3752","summary":"A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.1,"cvss_version":3.0,"cvss_v2":7.9,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13262,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1999544","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/","https://security.netapp.com/advisory/ntap-20220318-0009/","https://www.debian.org/security/2022/dsa-5096","https://www.openwall.com/lists/oss-security/2021/09/15/4","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1999544","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/","https://security.netapp.com/advisory/ntap-20220318-0009/","https://www.debian.org/security/2022/dsa-5096","https://www.openwall.com/lists/oss-security/2021/09/15/4","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-02-16T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3753","summary":"A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.","cvss":4.7,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03351,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1999589","https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7","https://security.netapp.com/advisory/ntap-20221028-0003/","https://www.openwall.com/lists/oss-security/2021/09/01/4","https://bugzilla.redhat.com/show_bug.cgi?id=1999589","https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7","https://security.netapp.com/advisory/ntap-20221028-0003/","https://www.openwall.com/lists/oss-security/2021/09/01/4"],"published_time":"2022-02-16T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3773","summary":"A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00651,"ranking_epss":0.70862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2004949","https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=2004949","https://citizenlab.ca/2024/07/vulnerabilities-in-vpns-paper-presented-at-the-privacy-enhancing-technologies-symposium-2024/","https://security.netapp.com/advisory/ntap-20250328-0004/","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2022-02-16T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3551","summary":"A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04386,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1959971","https://bugzilla.redhat.com/show_bug.cgi?id=1959971"],"published_time":"2022-02-16T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0561","summary":"Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00059,"ranking_epss":0.18461,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef","https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json","https://gitlab.com/libtiff/libtiff/-/issues/362","https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20220318-0001/","https://www.debian.org/security/2022/dsa-5108","https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef","https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json","https://gitlab.com/libtiff/libtiff/-/issues/362","https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/","https://security.gentoo.org/glsa/202210-10","https://security.netapp.com/advisory/ntap-20220318-0001/","https://www.debian.org/security/2022/dsa-5108"],"published_time":"2022-02-11T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0529","summary":"A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00242,"ranking_epss":0.47448,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2051395","https://github.com/ByteHackr/unzip_poc","https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html","https://security.gentoo.org/glsa/202310-17","https://www.debian.org/security/2022/dsa-5202","https://bugzilla.redhat.com/show_bug.cgi?id=2051395","https://github.com/ByteHackr/unzip_poc","https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html","https://security.gentoo.org/glsa/202310-17","https://www.debian.org/security/2022/dsa-5202"],"published_time":"2022-02-09T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0530","summary":"A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00163,"ranking_epss":0.37178,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2022/May/33","http://seclists.org/fulldisclosure/2022/May/35","http://seclists.org/fulldisclosure/2022/May/38","https://bugzilla.redhat.com/show_bug.cgi?id=2051395","https://github.com/ByteHackr/unzip_poc","https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html","https://security.gentoo.org/glsa/202310-17","https://support.apple.com/kb/HT213255","https://support.apple.com/kb/HT213256","https://support.apple.com/kb/HT213257","https://www.debian.org/security/2022/dsa-5202","http://seclists.org/fulldisclosure/2022/May/33","http://seclists.org/fulldisclosure/2022/May/35","http://seclists.org/fulldisclosure/2022/May/38","https://bugzilla.redhat.com/show_bug.cgi?id=2051395","https://github.com/ByteHackr/unzip_poc","https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html","https://security.gentoo.org/glsa/202310-17","https://support.apple.com/kb/HT213255","https://support.apple.com/kb/HT213256","https://support.apple.com/kb/HT213257","https://www.debian.org/security/2022/dsa-5202"],"published_time":"2022-02-09T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4154","summary":"A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00838,"ranking_epss":0.74685,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2034514","https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b","https://security.netapp.com/advisory/ntap-20220225-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=2034514","https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b0462726e7ef281c35a7a4ae33e93ee2bc9975b","https://security.netapp.com/advisory/ntap-20220225-0004/"],"published_time":"2022-02-04T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-0487","summary":"A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00051,"ranking_epss":0.15899,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2044561","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://www.debian.org/security/2022/dsa-5095","https://www.debian.org/security/2022/dsa-5096","https://bugzilla.redhat.com/show_bug.cgi?id=2044561","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39","https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://www.debian.org/security/2022/dsa-5095","https://www.debian.org/security/2022/dsa-5096"],"published_time":"2022-02-04T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4034","summary":"A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.87811,"ranking_epss":0.99474,"kev":true,"propose_action":"The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html","http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html","https://access.redhat.com/security/vulnerabilities/RHSB-2022-001","https://bugzilla.redhat.com/show_bug.cgi?id=2025869","https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf","https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt","https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/","https://www.starwindsoftware.com/security/sw-20220818-0001/","https://www.suse.com/support/kb/doc/?id=000020564","http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html","http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html","https://access.redhat.com/security/vulnerabilities/RHSB-2022-001","https://bugzilla.redhat.com/show_bug.cgi?id=2025869","https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf","https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt","https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/","https://www.starwindsoftware.com/security/sw-20220818-0001/","https://www.suse.com/support/kb/doc/?id=000020564","https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-4034"],"published_time":"2022-01-28T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4145","summary":"A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.18042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2034602","https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220311-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=2034602","https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20220311-0004/"],"published_time":"2022-01-25T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-45417","summary":"AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11357,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2022/01/20/3","https://lists.debian.org/debian-lts-announce/2022/01/msg00024.html","https://security.gentoo.org/glsa/202311-07","https://www.debian.org/security/2022/dsa-5051","https://www.ipi.fi/pipermail/aide/2022-January/001713.html","https://www.openwall.com/lists/oss-security/2022/01/20/3","http://www.openwall.com/lists/oss-security/2022/01/20/3","https://lists.debian.org/debian-lts-announce/2022/01/msg00024.html","https://security.gentoo.org/glsa/202311-07","https://www.debian.org/security/2022/dsa-5051","https://www.ipi.fi/pipermail/aide/2022-January/001713.html","https://www.openwall.com/lists/oss-security/2022/01/20/3"],"published_time":"2022-01-20T18:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21682","summary":"Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `--mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `--nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `--nofilesystem=home` and `--nofilesystem=host`.","cvss":7.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00335,"ranking_epss":0.56341,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a","https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa","https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXKBERLJRYV7KXKGXOLI6IOXVBQNN4DP/","https://security.gentoo.org/glsa/202312-12","https://www.debian.org/security/2022/dsa-5049","https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a","https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa","https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXKBERLJRYV7KXKGXOLI6IOXVBQNN4DP/","https://security.gentoo.org/glsa/202312-12","https://www.debian.org/security/2022/dsa-5049"],"published_time":"2022-01-13T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43860","summary":"Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the \"xa.metadata\" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the \"metadata\" file to ensure it wasn't lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata.","cvss":8.2,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00166,"ranking_epss":0.37652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/flatpak/flatpak/commit/54ec1a482dfc668127eaae57f135e6a8e0bc52da","https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042","https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451","https://github.com/flatpak/flatpak/commit/ba818f504c926baaf6e362be8159cfacf994310e","https://github.com/flatpak/flatpak/commit/d9a8f9d8ccc0b7c1135d0ecde006a75d25f66aee","https://github.com/flatpak/flatpak/releases/tag/1.10.6","https://github.com/flatpak/flatpak/releases/tag/1.12.3","https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/","https://security.gentoo.org/glsa/202312-12","https://www.debian.org/security/2022/dsa-5049","https://github.com/flatpak/flatpak/commit/54ec1a482dfc668127eaae57f135e6a8e0bc52da","https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042","https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451","https://github.com/flatpak/flatpak/commit/ba818f504c926baaf6e362be8159cfacf994310e","https://github.com/flatpak/flatpak/commit/d9a8f9d8ccc0b7c1135d0ecde006a75d25f66aee","https://github.com/flatpak/flatpak/releases/tag/1.10.6","https://github.com/flatpak/flatpak/releases/tag/1.12.3","https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/","https://security.gentoo.org/glsa/202312-12","https://www.debian.org/security/2022/dsa-5049"],"published_time":"2022-01-12T22:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41819","summary":"CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00755,"ranking_epss":0.7324,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://hackerone.com/reports/910552","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/","https://security.gentoo.org/glsa/202401-27","https://security.netapp.com/advisory/ntap-20220121-0003/","https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/","https://hackerone.com/reports/910552","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/","https://security.gentoo.org/glsa/202401-27","https://security.netapp.com/advisory/ntap-20220121-0003/","https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/"],"published_time":"2022-01-01T06:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41817","summary":"Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00495,"ranking_epss":0.65761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://hackerone.com/reports/1254844","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/","https://security.gentoo.org/glsa/202401-27","https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/","https://hackerone.com/reports/1254844","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/","https://security.gentoo.org/glsa/202401-27","https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/"],"published_time":"2022-01-01T05:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4166","summary":"vim is vulnerable to Out-of-bounds Read","cvss":7.1,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2022/Jul/14","http://seclists.org/fulldisclosure/2022/Mar/29","http://seclists.org/fulldisclosure/2022/May/35","http://www.openwall.com/lists/oss-security/2022/01/15/1","https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682","https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/","https://security.gentoo.org/glsa/202208-32","https://support.apple.com/kb/HT213183","https://support.apple.com/kb/HT213256","https://support.apple.com/kb/HT213343","http://seclists.org/fulldisclosure/2022/Jul/14","http://seclists.org/fulldisclosure/2022/Mar/29","http://seclists.org/fulldisclosure/2022/May/35","http://www.openwall.com/lists/oss-security/2022/01/15/1","https://github.com/vim/vim/commit/6f98371532fcff911b462d51bc64f2ce8a6ae682","https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2EY2VFBU3YGGWI5BW4XKT3F37MYGEQUD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/","https://security.gentoo.org/glsa/202208-32","https://support.apple.com/kb/HT213183","https://support.apple.com/kb/HT213256","https://support.apple.com/kb/HT213343"],"published_time":"2021-12-25T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3621","summary":"A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00384,"ranking_epss":0.59646,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1975142","https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html","https://sssd.io/release-notes/sssd-2.6.0.html","https://bugzilla.redhat.com/show_bug.cgi?id=1975142","https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html","https://lists.debian.org/debian-lts-announce/2025/02/msg00008.html","https://sssd.io/release-notes/sssd-2.6.0.html"],"published_time":"2021-12-23T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3622","summary":"A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00583,"ranking_epss":0.68977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1975489","https://github.com/libguestfs/hivex/commit/771728218dac2fbf6997a7e53225e75a4c6b7255","https://listman.redhat.com/archives/libguestfs/2021-August/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S35TVTAPHORSUIFYNFBHKLQRPVFUPXBE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU/","https://bugzilla.redhat.com/show_bug.cgi?id=1975489","https://github.com/libguestfs/hivex/commit/771728218dac2fbf6997a7e53225e75a4c6b7255","https://listman.redhat.com/archives/libguestfs/2021-August/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S35TVTAPHORSUIFYNFBHKLQRPVFUPXBE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU/"],"published_time":"2021-12-23T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4024","summary":"A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26442,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2026675%2C","https://github.com/containers/podman/releases/tag/v3.4.3","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QFFVJ6S3ZRMPDYB7KYAWEMDHXFZYQPU3/","https://bugzilla.redhat.com/show_bug.cgi?id=2026675%2C","https://github.com/containers/podman/releases/tag/v3.4.3","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QFFVJ6S3ZRMPDYB7KYAWEMDHXFZYQPU3/"],"published_time":"2021-12-23T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-45463","summary":"load_cache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the system library function for execution of the ImageMagick convert fallback in magick-load. NOTE: GEGL releases before 0.4.34 are used in GIMP releases before 2.10.30; however, this does not imply that GIMP builds enable the vulnerable feature.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0206,"ranking_epss":0.83912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://gitlab.gnome.org/GNOME/gegl/-/blob/master/docs/NEWS.adoc","https://gitlab.gnome.org/GNOME/gegl/-/commit/bfce470f0f2f37968862129d5038b35429f2909b","https://gitlab.gnome.org/GNOME/gegl/-/issues/298","https://gitlab.gnome.org/GNOME/gimp/-/commit/e8a31ba4f2ce7e6bc34882dc27c97fba993f5868","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG635WJCNXHJM5U4BGMAAP4NK2YFTQXK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZP5NDNOTMPI335FXE7VUPW7FXYTT7PYN/","https://www.gimp.org/news/2021/12/21/gimp-2-10-30-released/","https://gitlab.gnome.org/GNOME/gegl/-/blob/master/docs/NEWS.adoc","https://gitlab.gnome.org/GNOME/gegl/-/commit/bfce470f0f2f37968862129d5038b35429f2909b","https://gitlab.gnome.org/GNOME/gegl/-/issues/298","https://gitlab.gnome.org/GNOME/gimp/-/commit/e8a31ba4f2ce7e6bc34882dc27c97fba993f5868","https://lists.debian.org/debian-lts-announce/2025/10/msg00021.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG635WJCNXHJM5U4BGMAAP4NK2YFTQXK/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZP5NDNOTMPI335FXE7VUPW7FXYTT7PYN/","https://www.gimp.org/news/2021/12/21/gimp-2-10-30-released/"],"published_time":"2021-12-23T06:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-44733","summary":"A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51167,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfd0743f1d9ea76931510ed150334d571fbab49d","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c","https://github.com/pjlantz/optee-qemu/blob/main/README.md","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/lkml/20211215092501.1861229-1-jens.wiklander%40linaro.org/","https://security.netapp.com/advisory/ntap-20220114-0003/","https://www.debian.org/security/2022/dsa-5096","https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dfd0743f1d9ea76931510ed150334d571fbab49d","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c","https://github.com/pjlantz/optee-qemu/blob/main/README.md","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/lkml/20211215092501.1861229-1-jens.wiklander%40linaro.org/","https://security.netapp.com/advisory/ntap-20220114-0003/","https://www.debian.org/security/2022/dsa-5096"],"published_time":"2021-12-22T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-45078","summary":"stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00159,"ranking_epss":0.36735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/","https://security.gentoo.org/glsa/202208-30","https://security.netapp.com/advisory/ntap-20220107-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=28694","https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQBH244M5PV6S6UMHUTCVCWFZDX7Y4M6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UUHLDDT3HH7YEY6TX7IJRGPJUTNNVEL3/","https://security.gentoo.org/glsa/202208-30","https://security.netapp.com/advisory/ntap-20220107-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=28694","https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=161e87d12167b1e36193385485c1f6ce92f74f02"],"published_time":"2021-12-15T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4104","summary":"JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.69284,"ranking_epss":0.98648,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2022/01/18/3","https://access.redhat.com/security/cve/CVE-2021-4104","https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033","https://security.gentoo.org/glsa/202209-02","https://security.gentoo.org/glsa/202310-16","https://security.gentoo.org/glsa/202312-02","https://security.gentoo.org/glsa/202312-04","https://security.netapp.com/advisory/ntap-20211223-0007/","https://www.cve.org/CVERecord?id=CVE-2021-44228","https://www.kb.cert.org/vuls/id/930724","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","http://www.openwall.com/lists/oss-security/2022/01/18/3","https://access.redhat.com/security/cve/CVE-2021-4104","https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126","https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033","https://security.gentoo.org/glsa/202209-02","https://security.gentoo.org/glsa/202310-16","https://security.gentoo.org/glsa/202312-02","https://security.gentoo.org/glsa/202312-04","https://security.netapp.com/advisory/ntap-20211223-0007/","https://www.cve.org/CVERecord?id=CVE-2021-44228","https://www.kb.cert.org/vuls/id/930724","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2021-12-14T12:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-4048","summary":"An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00364,"ranking_epss":0.58437,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/JuliaLang/julia/issues/42415","https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781","https://github.com/Reference-LAPACK/lapack/pull/625","https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c","https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41","https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7","https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/","https://github.com/JuliaLang/julia/issues/42415","https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781","https://github.com/Reference-LAPACK/lapack/pull/625","https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c","https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41","https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7","https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/"],"published_time":"2021-12-08T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3802","summary":"A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.","cvss":4.2,"cvss_version":3.0,"cvss_v2":6.3,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29015,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=2003649","https://lists.debian.org/debian-lts-announce/2023/04/msg00009.html","https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt","https://bugzilla.redhat.com/show_bug.cgi?id=2003649","https://lists.debian.org/debian-lts-announce/2023/04/msg00009.html","https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt"],"published_time":"2021-11-29T16:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3672","summary":"A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.","cvss":5.6,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":5.6,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17157,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1988342","https://c-ares.haxx.se/adv_20210810.html","https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","https://security.gentoo.org/glsa/202401-02","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1988342","https://c-ares.haxx.se/adv_20210810.html","https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","https://security.gentoo.org/glsa/202401-02","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2021-11-23T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3935","summary":"When PgBouncer is configured to use \"cert\" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1.","cvss":8.1,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00141,"ranking_epss":0.3428,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.pgbouncer.org/changelog.html#pgbouncer-116x","https://bugzilla.redhat.com/show_bug.cgi?id=2021251","https://lists.debian.org/debian-lts-announce/2022/02/msg00016.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNPCV3KRDI5PLLLKADFVIOHACQJLZMLI/","http://www.pgbouncer.org/changelog.html#pgbouncer-116x","https://bugzilla.redhat.com/show_bug.cgi?id=2021251","https://lists.debian.org/debian-lts-announce/2022/02/msg00016.html","https://lists.debian.org/debian-lts-announce/2025/05/msg00032.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNPCV3KRDI5PLLLKADFVIOHACQJLZMLI/"],"published_time":"2021-11-22T16:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43389","summary":"An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/11/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=2013180","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/","https://seclists.org/oss-sec/2021/q4/39","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html","http://www.openwall.com/lists/oss-security/2021/11/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=2013180","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.15","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1f3e2e97c003f80c4b087092b225c8787ff91e4d","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html","https://lore.kernel.org/netdev/CAFcO6XOvGQrRTaTkaJ0p3zR7y7nrAWD79r48=L_BbOyrK9X-vA%40mail.gmail.com/","https://seclists.org/oss-sec/2021/q4/39","https://www.debian.org/security/2022/dsa-5096","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2021-11-04T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3746","summary":"A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability is to system availability. This issue affects libtpms versions before 0.8.5, before 0.7.9 and before 0.6.6.","cvss":6.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00186,"ranking_epss":0.40451,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1998588","https://bugzilla.redhat.com/show_bug.cgi?id=1998588"],"published_time":"2021-10-19T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-32672","summary":"Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00287,"ranking_epss":0.52213,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd","https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/","https://security.gentoo.org/glsa/202209-17","https://security.netapp.com/advisory/ntap-20211104-0003/","https://www.debian.org/security/2021/dsa-5001","https://www.oracle.com/security-alerts/cpuapr2022.html","https://github.com/redis/redis/commit/6ac3c0b7abd35f37201ed2d6298ecef4ea1ae1dd","https://github.com/redis/redis/security/advisories/GHSA-9mj9-xx53-qmxm","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HTYQ5ZF37HNGTZWVNJD3VXP7I6MEEF42/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL5KXFN3ATM7IIM7Q4O4PWTSRGZ5744Z/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR5WKJWXD4D6S3DJCZ56V74ESLTDQRAB/","https://security.gentoo.org/glsa/202209-17","https://security.netapp.com/advisory/ntap-20211104-0003/","https://www.debian.org/security/2021/dsa-5001","https://www.oracle.com/security-alerts/cpuapr2022.html"],"published_time":"2021-10-04T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3653","summary":"A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"int_ctl\" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.1,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02852,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=1983686","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://www.openwall.com/lists/oss-security/2021/08/16/1","http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=1983686","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://www.openwall.com/lists/oss-security/2021/08/16/1"],"published_time":"2021-09-29T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40438","summary":"A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.","cvss":9.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":9.0,"cvss_v4":null,"epss":0.94432,"ranking_epss":0.99985,"kev":true,"propose_action":"A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.","ransomware_campaign":"Unknown","references":["https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/","https://security.gentoo.org/glsa/202208-20","https://security.netapp.com/advisory/ntap-20211008-0004/","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ","https://www.debian.org/security/2021/dsa-4982","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.tenable.com/security/tns-2021-17","https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E","https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/","https://security.gentoo.org/glsa/202208-20","https://security.netapp.com/advisory/ntap-20211008-0004/","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ","https://www.debian.org/security/2021/dsa-4982","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.tenable.com/security/tns-2021-17","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40438"],"published_time":"2021-09-16T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-39251","summary":"A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06297,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/08/30/1","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386","https://bugzilla.redhat.com/show_bug.cgi?id=2001649","https://github.com/tuxera/ntfs-3g/releases","https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","https://security.gentoo.org/glsa/202301-01","https://www.debian.org/security/2021/dsa-4971","http://www.openwall.com/lists/oss-security/2021/08/30/1","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386","https://bugzilla.redhat.com/show_bug.cgi?id=2001649","https://github.com/tuxera/ntfs-3g/releases","https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","https://security.gentoo.org/glsa/202301-01","https://www.debian.org/security/2021/dsa-4971"],"published_time":"2021-09-07T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33285","summary":"In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the \"bytes_in_use\" field should be less than the \"bytes_allocated\" field. When it is not, the parsing of the records proceeds into the wild.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11041,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/08/30/1","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386","https://bugzilla.redhat.com/show_bug.cgi?id=2001608","https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","https://security.gentoo.org/glsa/202301-01","https://www.debian.org/security/2021/dsa-4971","https://www.openwall.com/lists/oss-security/2021/08/30/1","http://www.openwall.com/lists/oss-security/2021/08/30/1","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988386","https://bugzilla.redhat.com/show_bug.cgi?id=2001608","https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","https://security.gentoo.org/glsa/202301-01","https://www.debian.org/security/2021/dsa-4971","https://www.openwall.com/lists/oss-security/2021/08/30/1"],"published_time":"2021-09-07T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3634","summary":"A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating \"secret_hash\" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00117,"ranking_epss":0.3056,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1978810","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/","https://security.gentoo.org/glsa/202312-05","https://security.netapp.com/advisory/ntap-20211004-0003/","https://www.debian.org/security/2021/dsa-4965","https://www.oracle.com/security-alerts/cpujan2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1978810","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/","https://security.gentoo.org/glsa/202312-05","https://security.netapp.com/advisory/ntap-20211004-0003/","https://www.debian.org/security/2021/dsa-4965","https://www.oracle.com/security-alerts/cpujan2022.html"],"published_time":"2021-08-31T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40153","summary":"squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.","cvss":8.1,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00542,"ranking_epss":0.6769,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1941790","https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646","https://github.com/plougher/squashfs-tools/issues/72","https://lists.debian.org/debian-lts-announce/2021/08/msg00030.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSMRKVJMJFX3MB7D3PXJSYY3TLZROE5S/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAOZ4BKWAC4Y3U2K5MMW3S77HWWXHQDL/","https://security.gentoo.org/glsa/202305-29","https://www.debian.org/security/2021/dsa-4967","https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1941790","https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646","https://github.com/plougher/squashfs-tools/issues/72","https://lists.debian.org/debian-lts-announce/2021/08/msg00030.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSMRKVJMJFX3MB7D3PXJSYY3TLZROE5S/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAOZ4BKWAC4Y3U2K5MMW3S77HWWXHQDL/","https://security.gentoo.org/glsa/202305-29","https://www.debian.org/security/2021/dsa-4967"],"published_time":"2021-08-27T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3605","summary":"There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00454,"ranking_epss":0.63784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970991","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299","https://bugzilla.redhat.com/show_bug.cgi?id=1970991","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299"],"published_time":"2021-08-25T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3573","summary":"A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.","cvss":6.4,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2023/07/02/1","https://bugzilla.redhat.com/show_bug.cgi?id=1966578","https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52","https://www.openwall.com/lists/oss-security/2021/06/08/2","http://www.openwall.com/lists/oss-security/2023/07/02/1","https://bugzilla.redhat.com/show_bug.cgi?id=1966578","https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52","https://www.openwall.com/lists/oss-security/2021/06/08/2"],"published_time":"2021-08-13T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3635","summary":"A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.","cvss":4.4,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00145,"ranking_epss":0.34927,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1976946","https://bugzilla.redhat.com/show_bug.cgi?id=1976946"],"published_time":"2021-08-13T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20314","summary":"Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00169,"ranking_epss":0.38131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1993070","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMSFT2NJDZ7PATRZSQPAOGSE7JD6ELOB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJRHPE5OSCPTNA3ZZ4ORDHT4JQH3Y4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6T4HYXXSUQCGJB2ES6X7Q74YYF7V7XU/","https://security.gentoo.org/glsa/202401-22","https://bugzilla.redhat.com/show_bug.cgi?id=1993070","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMSFT2NJDZ7PATRZSQPAOGSE7JD6ELOB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJRHPE5OSCPTNA3ZZ4ORDHT4JQH3Y4/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6T4HYXXSUQCGJB2ES6X7Q74YYF7V7XU/","https://security.gentoo.org/glsa/202401-22"],"published_time":"2021-08-12T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38160","summary":"In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22232,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2021-38160","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4","https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://security.netapp.com/advisory/ntap-20210902-0010/","https://www.debian.org/security/2021/dsa-4978","https://access.redhat.com/security/cve/cve-2021-38160","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4","https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://security.netapp.com/advisory/ntap-20210902-0010/","https://www.debian.org/security/2021/dsa-4978"],"published_time":"2021-08-07T04:15:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3655","summary":"A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.","cvss":3.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.3,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.054,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1984024","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://bugzilla.redhat.com/show_bug.cgi?id=1984024","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"],"published_time":"2021-08-05T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3580","summary":"A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.28288,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1967983","https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html","https://security.gentoo.org/glsa/202401-24","https://security.netapp.com/advisory/ntap-20211104-0006/","https://bugzilla.redhat.com/show_bug.cgi?id=1967983","https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html","https://security.gentoo.org/glsa/202401-24","https://security.netapp.com/advisory/ntap-20211104-0006/"],"published_time":"2021-08-05T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3679","summary":"A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01405,"ranking_epss":0.80458,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1989165","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://www.debian.org/security/2021/dsa-4978","https://bugzilla.redhat.com/show_bug.cgi?id=1989165","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://www.debian.org/security/2021/dsa-4978"],"published_time":"2021-08-05T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3682","summary":"A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.","cvss":8.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":8.5,"cvss_v4":null,"epss":0.00418,"ranking_epss":0.61837,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1989651","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210902-0006/","https://www.debian.org/security/2021/dsa-4980","https://bugzilla.redhat.com/show_bug.cgi?id=1989651","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210902-0006/","https://www.debian.org/security/2021/dsa-4980"],"published_time":"2021-08-05T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3612","summary":"An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1974079","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/","https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/","https://security.netapp.com/advisory/ntap-20210805-0005/","https://www.oracle.com/security-alerts/cpujul2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1974079","https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/","https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82%40gmail.com/","https://security.netapp.com/advisory/ntap-20210805-0005/","https://www.oracle.com/security-alerts/cpujul2022.html"],"published_time":"2021-07-09T11:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3570","summary":"A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.","cvss":8.8,"cvss_version":3.0,"cvss_v2":8.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.01226,"ranking_epss":0.79131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1966240","https://lists.debian.org/debian-lts-announce/2021/07/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/","https://www.debian.org/security/2021/dsa-4938","https://bugzilla.redhat.com/show_bug.cgi?id=1966240","https://lists.debian.org/debian-lts-announce/2021/07/msg00025.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/","https://www.debian.org/security/2021/dsa-4938"],"published_time":"2021-07-09T11:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3571","summary":"A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.","cvss":7.1,"cvss_version":3.0,"cvss_v2":5.5,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0072,"ranking_epss":0.72476,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1966241","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/","https://bugzilla.redhat.com/show_bug.cgi?id=1966241","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/"],"published_time":"2021-07-09T11:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3598","summary":"There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00162,"ranking_epss":0.37049,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970987","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299","https://bugzilla.redhat.com/show_bug.cgi?id=1970987","https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html","https://security.gentoo.org/glsa/202210-31","https://www.debian.org/security/2022/dsa-5299"],"published_time":"2021-07-06T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3595","summary":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","cvss":3.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06086,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970489","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=1970489","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/"],"published_time":"2021-06-15T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3592","summary":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","cvss":3.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970484","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2021/09/msg00004.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=1970484","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2021/09/msg00004.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/"],"published_time":"2021-06-15T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3593","summary":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","cvss":3.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.8,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05804,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970487","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=1970487","https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/"],"published_time":"2021-06-15T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3594","summary":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","cvss":3.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07945,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1970491","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/","https://bugzilla.redhat.com/show_bug.cgi?id=1970491","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","https://security.gentoo.org/glsa/202107-44","https://security.netapp.com/advisory/ntap-20210805-0004/"],"published_time":"2021-06-15T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-0129","summary":"Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.","cvss":5.7,"cvss_version":3.0,"cvss_v2":2.7,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00147,"ranking_epss":0.35149,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html","https://security.gentoo.org/glsa/202209-16","https://security.netapp.com/advisory/ntap-20210716-0002/","https://www.debian.org/security/2021/dsa-4951","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html","https://security.gentoo.org/glsa/202209-16","https://security.netapp.com/advisory/ntap-20210716-0002/","https://www.debian.org/security/2021/dsa-4951","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"],"published_time":"2021-06-09T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3565","summary":"A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.0039,"ranking_epss":0.60065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1964427","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ESY6HRYUKR5ZG2K5QAJQC5S6HMKZMFK7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK5M7I66PBXSN663TSLAZ3V6TWWFCV7C/","https://bugzilla.redhat.com/show_bug.cgi?id=1964427","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ESY6HRYUKR5ZG2K5QAJQC5S6HMKZMFK7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK5M7I66PBXSN663TSLAZ3V6TWWFCV7C/"],"published_time":"2021-06-04T12:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3569","summary":"A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14615,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1964358","https://bugzilla.redhat.com/show_bug.cgi?id=1964358"],"published_time":"2021-06-03T12:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-12067","summary":"The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00165,"ranking_epss":0.3742,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.suse.com/show_bug.cgi?id=1145642","https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01358.html","https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01487.html","https://security-tracker.debian.org/tracker/CVE-2019-12067","https://security.netapp.com/advisory/ntap-20210727-0001/","https://bugzilla.suse.com/show_bug.cgi?id=1145642","https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01358.html","https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01487.html","https://security-tracker.debian.org/tracker/CVE-2019-12067","https://security.netapp.com/advisory/ntap-20210727-0001/"],"published_time":"2021-06-02T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10742","summary":"A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality and system availability.","cvss":6.0,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00051,"ranking_epss":0.15783,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1835127","https://bugzilla.redhat.com/show_bug.cgi?id=1835127"],"published_time":"2021-06-02T11:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3516","summary":"There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00362,"ranking_epss":0.58327,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1954225","https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539","https://gitlab.gnome.org/GNOME/libxml2/-/issues/230","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210716-0005/","https://www.oracle.com/security-alerts/cpujan2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1954225","https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539","https://gitlab.gnome.org/GNOME/libxml2/-/issues/230","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210716-0005/","https://www.oracle.com/security-alerts/cpujan2022.html"],"published_time":"2021-06-01T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3543","summary":"A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00098,"ranking_epss":0.26914,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1953022","https://lore.kernel.org/lkml/20210429165941.27020-2-andraprs%40amazon.com/","https://bugzilla.redhat.com/show_bug.cgi?id=1953022","https://lore.kernel.org/lkml/20210429165941.27020-2-andraprs%40amazon.com/"],"published_time":"2021-06-01T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-32027","summary":"A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00491,"ranking_epss":0.65587,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1956876","https://security.gentoo.org/glsa/202211-04","https://security.netapp.com/advisory/ntap-20210713-0004/","https://www.postgresql.org/support/security/CVE-2021-32027/","https://bugzilla.redhat.com/show_bug.cgi?id=1956876","https://security.gentoo.org/glsa/202211-04","https://security.netapp.com/advisory/ntap-20210713-0004/","https://www.postgresql.org/support/security/CVE-2021-32027/"],"published_time":"2021-06-01T14:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20239","summary":"A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.","cvss":3.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24965,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1923636","https://bugzilla.redhat.com/show_bug.cgi?id=1923636"],"published_time":"2021-05-28T11:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20292","summary":"There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00106,"ranking_epss":0.2862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939686","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=1939686","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"],"published_time":"2021-05-28T11:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25710","summary":"A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.1746,"ranking_epss":0.95076,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1899678","https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html","https://security.netapp.com/advisory/ntap-20210716-0003/","https://www.debian.org/security/2020/dsa-4792","https://bugzilla.redhat.com/show_bug.cgi?id=1899678","https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html","https://security.netapp.com/advisory/ntap-20210716-0003/","https://www.debian.org/security/2020/dsa-4792"],"published_time":"2021-05-28T11:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20201","summary":"A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0073,"ranking_epss":0.72658,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://blog.qualys.com/product-tech/2011/10/31/tls-renegotiation-and-denial-of-service-attacks","https://bugzilla.redhat.com/show_bug.cgi?id=1921846","https://security.gentoo.org/glsa/202208-10","https://blog.qualys.com/product-tech/2011/10/31/tls-renegotiation-and-denial-of-service-attacks","https://bugzilla.redhat.com/show_bug.cgi?id=1921846","https://security.gentoo.org/glsa/202208-10"],"published_time":"2021-05-28T11:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20236","summary":"A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00316,"ranking_epss":0.547,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1921976","https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8","https://bugzilla.redhat.com/show_bug.cgi?id=1921976","https://github.com/zeromq/libzmq/security/advisories/GHSA-qq65-x72m-9wr8"],"published_time":"2021-05-28T11:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14301","summary":"An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the `dumpxml` command.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0049,"ranking_epss":0.65578,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1848640","https://security.netapp.com/advisory/ntap-20210629-0007/","https://bugzilla.redhat.com/show_bug.cgi?id=1848640","https://security.netapp.com/advisory/ntap-20210629-0007/"],"published_time":"2021-05-27T20:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1702","summary":"A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00169,"ranking_epss":0.38138,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1792796","https://bugzilla.redhat.com/show_bug.cgi?id=1792796"],"published_time":"2021-05-27T20:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10688","summary":"A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00222,"ranking_epss":0.4483,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1814974","https://github.com/quarkusio/quarkus/issues/7248","https://issues.redhat.com/browse/RESTEASY-2519","https://security.netapp.com/advisory/ntap-20210706-0008/","https://bugzilla.redhat.com/show_bug.cgi?id=1814974","https://github.com/quarkusio/quarkus/issues/7248","https://issues.redhat.com/browse/RESTEASY-2519","https://security.netapp.com/advisory/ntap-20210706-0008/"],"published_time":"2021-05-27T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10729","summary":"A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00079,"ranking_epss":0.23336,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1831089","https://github.com/ansible/ansible/issues/34144","https://www.debian.org/security/2021/dsa-4950","https://bugzilla.redhat.com/show_bug.cgi?id=1831089","https://github.com/ansible/ansible/issues/34144","https://www.debian.org/security/2021/dsa-4950"],"published_time":"2021-05-27T19:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-30500","summary":"Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00282,"ranking_epss":0.5157,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1948692","https://github.com/upx/upx/commit/90279abdfcd235172eab99651043051188938dcc","https://github.com/upx/upx/issues/485","https://bugzilla.redhat.com/show_bug.cgi?id=1948692","https://github.com/upx/upx/commit/90279abdfcd235172eab99651043051188938dcc","https://github.com/upx/upx/issues/485"],"published_time":"2021-05-27T00:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-30501","summary":"An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57487,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1948696","https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46","https://github.com/upx/upx/issues/486","https://github.com/upx/upx/pull/487","https://bugzilla.redhat.com/show_bug.cgi?id=1948696","https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46","https://github.com/upx/upx/issues/486","https://github.com/upx/upx/pull/487"],"published_time":"2021-05-27T00:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-30469","summary":"A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00168,"ranking_epss":0.3798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1947433","https://bugzilla.redhat.com/show_bug.cgi?id=1947433"],"published_time":"2021-05-26T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-30470","summary":"A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1947436","https://bugzilla.redhat.com/show_bug.cgi?id=1947436"],"published_time":"2021-05-26T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-30471","summary":"A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1947441","https://bugzilla.redhat.com/show_bug.cgi?id=1947441"],"published_time":"2021-05-26T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3527","summary":"A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resulting in a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.08002,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1955695","https://gitlab.com/qemu-project/qemu/-/commit/05a40b172e4d691371534828078be47e7fff524c","https://gitlab.com/qemu-project/qemu/-/commit/7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210708-0008/","https://www.openwall.com/lists/oss-security/2021/05/05/5","https://bugzilla.redhat.com/show_bug.cgi?id=1955695","https://gitlab.com/qemu-project/qemu/-/commit/05a40b172e4d691371534828078be47e7fff524c","https://gitlab.com/qemu-project/qemu/-/commit/7ec54f9eb62b5d177e30eb8b1cad795a5f8d8986","https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210708-0008/","https://www.openwall.com/lists/oss-security/2021/05/05/5"],"published_time":"2021-05-26T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20297","summary":"A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.2844,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1943282","https://bugzilla.redhat.com/show_bug.cgi?id=1943282"],"published_time":"2021-05-26T21:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20486","summary":"IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00186,"ranking_epss":0.40446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://exchange.xforce.ibmcloud.com/vulnerabilities/197668","https://www.ibm.com/support/pages/node/6456033","https://exchange.xforce.ibmcloud.com/vulnerabilities/197668","https://www.ibm.com/support/pages/node/6456033"],"published_time":"2021-05-26T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25009","summary":"A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00447,"ranking_epss":0.63499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100","https://bugzilla.redhat.com/show_bug.cgi?id=1956917","https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100","https://bugzilla.redhat.com/show_bug.cgi?id=1956917","https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25010","summary":"A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.0051,"ranking_epss":0.6639,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105","https://bugzilla.redhat.com/show_bug.cgi?id=1956918","https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105","https://bugzilla.redhat.com/show_bug.cgi?id=1956918","https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25011","summary":"A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59175,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119","https://bugzilla.redhat.com/show_bug.cgi?id=1956919","https://chromium.googlesource.com/webm/libwebp/+/v1.0.1","https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller&n=10000","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119","https://bugzilla.redhat.com/show_bug.cgi?id=1956919","https://chromium.googlesource.com/webm/libwebp/+/v1.0.1","https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller&n=10000"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25012","summary":"A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00575,"ranking_epss":0.6875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123","https://bugzilla.redhat.com/show_bug.cgi?id=1956922","https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123","https://bugzilla.redhat.com/show_bug.cgi?id=1956922","https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25013","summary":"A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.3397,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417","https://bugzilla.redhat.com/show_bug.cgi?id=1956926","https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417","https://bugzilla.redhat.com/show_bug.cgi?id=1956926","https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-25014","summary":"A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00154,"ranking_epss":0.36121,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496","https://bugzilla.redhat.com/show_bug.cgi?id=1956927","https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496","https://bugzilla.redhat.com/show_bug.cgi?id=1956927","https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-36328","summary":"A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00527,"ranking_epss":0.67061,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956829","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930","http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956829","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-36329","summary":"A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00503,"ranking_epss":0.66104,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956843","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930","http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956843","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-36330","summary":"A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00164,"ranking_epss":0.37413,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956853","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211104-0004/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930","http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956853","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211104-0004/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-36331","summary":"A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00189,"ranking_epss":0.40734,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956856","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930","http://seclists.org/fulldisclosure/2021/Jul/54","https://bugzilla.redhat.com/show_bug.cgi?id=1956856","https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html","https://security.netapp.com/advisory/ntap-20211112-0001/","https://support.apple.com/kb/HT212601","https://www.debian.org/security/2021/dsa-4930"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-36332","summary":"A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00818,"ranking_epss":0.74349,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1956868","https://security.netapp.com/advisory/ntap-20211104-0004/","https://www.debian.org/security/2021/dsa-4930","https://bugzilla.redhat.com/show_bug.cgi?id=1956868","https://security.netapp.com/advisory/ntap-20211104-0004/","https://www.debian.org/security/2021/dsa-4930"],"published_time":"2021-05-21T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3426","summary":"There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.","cvss":5.7,"cvss_version":3.0,"cvss_v2":2.7,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00081,"ranking_epss":0.23859,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1935913","https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/","https://security.gentoo.org/glsa/202104-04","https://security.netapp.com/advisory/ntap-20210629-0003/","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1935913","https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/","https://security.gentoo.org/glsa/202104-04","https://security.netapp.com/advisory/ntap-20210629-0003/","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-05-20T13:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3421","summary":"A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00177,"ranking_epss":0.39211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1927747","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/","https://security.gentoo.org/glsa/202107-43","https://bugzilla.redhat.com/show_bug.cgi?id=1927747","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/","https://security.gentoo.org/glsa/202107-43"],"published_time":"2021-05-19T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3445","summary":"A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.1151,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932079","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPMFGGQ5T6WVFTFX3OKMVTTM5O4EXWZR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4NL7TNWAHJ6JVRABQUPWHKKCTHUZMNF/","https://bugzilla.redhat.com/show_bug.cgi?id=1932079","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPMFGGQ5T6WVFTFX3OKMVTTM5O4EXWZR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4NL7TNWAHJ6JVRABQUPWHKKCTHUZMNF/"],"published_time":"2021-05-19T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3517","summary":"There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.","cvss":8.6,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00107,"ranking_epss":0.2884,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1954232","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://security.netapp.com/advisory/ntap-20211022-0004/","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1954232","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://security.netapp.com/advisory/ntap-20211022-0004/","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujan2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-05-19T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3518","summary":"There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0025,"ranking_epss":0.48398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2021/Jul/54","http://seclists.org/fulldisclosure/2021/Jul/55","http://seclists.org/fulldisclosure/2021/Jul/58","http://seclists.org/fulldisclosure/2021/Jul/59","https://bugzilla.redhat.com/show_bug.cgi?id=1954242","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://support.apple.com/kb/HT212601","https://support.apple.com/kb/HT212602","https://support.apple.com/kb/HT212604","https://support.apple.com/kb/HT212605","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html","http://seclists.org/fulldisclosure/2021/Jul/54","http://seclists.org/fulldisclosure/2021/Jul/55","http://seclists.org/fulldisclosure/2021/Jul/58","http://seclists.org/fulldisclosure/2021/Jul/59","https://bugzilla.redhat.com/show_bug.cgi?id=1954242","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://support.apple.com/kb/HT212601","https://support.apple.com/kb/HT212602","https://support.apple.com/kb/HT212604","https://support.apple.com/kb/HT212605","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-05-18T12:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3537","summary":"A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00111,"ranking_epss":0.29532,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1956522","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1956522","https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","https://security.gentoo.org/glsa/202107-05","https://security.netapp.com/advisory/ntap-20210625-0002/","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-05-14T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20221","summary":"An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.","cvss":6.0,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.0,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06294,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/02/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=1924601","https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.netapp.com/advisory/ntap-20210708-0005/","http://www.openwall.com/lists/oss-security/2021/02/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=1924601","https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.netapp.com/advisory/ntap-20210708-0005/"],"published_time":"2021-05-13T16:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27824","summary":"A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00274,"ranking_epss":0.50895,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1905723","https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQR4EWRFFZQDMFPZKFZ6I3USLMW6TKTP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1905723","https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQR4EWRFFZQDMFPZKFZ6I3USLMW6TKTP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-05-13T14:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3504","summary":"A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability.","cvss":5.4,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":5.4,"cvss_v4":null,"epss":0.0015,"ranking_epss":0.35503,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1949687","https://lists.debian.org/debian-lts-announce/2021/05/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5BNKNVYFL36P2GBEB5O36LHFRYU575H/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQXTEACRWYAZVNEOIWIYUFGG4GOXSQ22/","https://bugzilla.redhat.com/show_bug.cgi?id=1949687","https://lists.debian.org/debian-lts-announce/2021/05/msg00011.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5BNKNVYFL36P2GBEB5O36LHFRYU575H/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQXTEACRWYAZVNEOIWIYUFGG4GOXSQ22/"],"published_time":"2021-05-11T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31916","summary":"An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":6.1,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07003,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1946965","https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a","https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://seclists.org/oss-sec/2021/q1/268","https://bugzilla.redhat.com/show_bug.cgi?id=1946965","https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a","https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://seclists.org/oss-sec/2021/q1/268"],"published_time":"2021-05-06T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3507","summary":"A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.","cvss":6.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08328,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1951118","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.netapp.com/advisory/ntap-20210528-0005/","https://bugzilla.redhat.com/show_bug.cgi?id=1951118","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.netapp.com/advisory/ntap-20210528-0005/"],"published_time":"2021-05-06T16:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3501","summary":"A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12918,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1950136","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a","https://security.netapp.com/advisory/ntap-20210618-0008/","https://bugzilla.redhat.com/show_bug.cgi?id=1950136","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c4f2ee3f68c9a4bf1653d15f1a9a435ae33f7a","https://security.netapp.com/advisory/ntap-20210618-0008/"],"published_time":"2021-05-06T13:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20254","summary":"A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.","cvss":6.8,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01764,"ranking_epss":0.82618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1949442","https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EP2VJ73OVBPVSOSTVOMGIEQA3MWF6F7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZAF6L2M6CNAJ2YYYGXPWETTW5YLCWTVT/","https://security.gentoo.org/glsa/202105-22","https://security.netapp.com/advisory/ntap-20210430-0001/","https://www.samba.org/samba/security/CVE-2021-20254.html","https://bugzilla.redhat.com/show_bug.cgi?id=1949442","https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EP2VJ73OVBPVSOSTVOMGIEQA3MWF6F7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZAF6L2M6CNAJ2YYYGXPWETTW5YLCWTVT/","https://security.gentoo.org/glsa/202105-22","https://security.netapp.com/advisory/ntap-20210430-0001/","https://www.samba.org/samba/security/CVE-2021-20254.html"],"published_time":"2021-05-05T14:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3472","summary":"A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.25931,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/04/13/1","https://bugzilla.redhat.com/show_bug.cgi?id=1944167","https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd","https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/","https://lists.x.org/archives/xorg-announce/2021-April/003080.html","https://lists.x.org/archives/xorg-announce/2021-April/003080.html","https://seclists.org/oss-sec/2021/q2/20","https://security.gentoo.org/glsa/202104-02","https://www.debian.org/security/2021/dsa-4893","https://www.tenable.com/plugins/nessus/148701","https://www.zerodayinitiative.com/advisories/ZDI-21-463/","http://www.openwall.com/lists/oss-security/2021/04/13/1","https://bugzilla.redhat.com/show_bug.cgi?id=1944167","https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd","https://lists.debian.org/debian-lts-announce/2021/04/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDF7TAJE7NPZPNVOXSD5HBIFLNPUOD2V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6S5OPXUDYBSRSVWVLFLJ6AFERG4HNY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N63KL3T22HNFT4FJ7VMVF6U5Q4RFJIQF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEXPCLMVU25AUZTUXC4MYBGPKOAIM5TW/","https://lists.x.org/archives/xorg-announce/2021-April/003080.html","https://lists.x.org/archives/xorg-announce/2021-April/003080.html","https://seclists.org/oss-sec/2021/q2/20","https://security.gentoo.org/glsa/202104-02","https://www.debian.org/security/2021/dsa-4893","https://www.tenable.com/plugins/nessus/148701","https://www.zerodayinitiative.com/advisories/ZDI-21-463/"],"published_time":"2021-04-26T15:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20208","summary":"A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00374,"ranking_epss":0.59099,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1921116","https://bugzilla.samba.org/show_bug.cgi?id=14651","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4HSDIWXXNQBUW5ZS37RQMLJ7THK5AS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/66WJ3SVBHCSNQZAWSGLB6FBOCFU45FFG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4BZSJXROEFHYATAAHHRR6P3HUSMPQB3/","https://bugzilla.redhat.com/show_bug.cgi?id=1921116","https://bugzilla.samba.org/show_bug.cgi?id=14651","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4HSDIWXXNQBUW5ZS37RQMLJ7THK5AS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/66WJ3SVBHCSNQZAWSGLB6FBOCFU45FFG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4BZSJXROEFHYATAAHHRR6P3HUSMPQB3/"],"published_time":"2021-04-19T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3497","summary":"GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00176,"ranking_epss":0.39153,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1945339","https://gstreamer.freedesktop.org/security/sa-2021-0002.html","https://lists.debian.org/debian-lts-announce/2021/04/msg00027.html","https://security.gentoo.org/glsa/202208-31","https://www.debian.org/security/2021/dsa-4900","https://bugzilla.redhat.com/show_bug.cgi?id=1945339","https://gstreamer.freedesktop.org/security/sa-2021-0002.html","https://lists.debian.org/debian-lts-announce/2021/04/msg00027.html","https://security.gentoo.org/glsa/202208-31","https://www.debian.org/security/2021/dsa-4900"],"published_time":"2021-04-19T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3498","summary":"GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00238,"ranking_epss":0.46877,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/162952/Gstreamer-Matroska-Demuxing-Use-After-Free.html","https://bugzilla.redhat.com/show_bug.cgi?id=1945342","https://gstreamer.freedesktop.org/security/sa-2021-0003.html","https://security.gentoo.org/glsa/202208-31","https://www.debian.org/security/2021/dsa-4900","http://packetstormsecurity.com/files/162952/Gstreamer-Matroska-Demuxing-Use-After-Free.html","https://bugzilla.redhat.com/show_bug.cgi?id=1945342","https://gstreamer.freedesktop.org/security/sa-2021-0003.html","https://security.gentoo.org/glsa/202208-31","https://www.debian.org/security/2021/dsa-4900"],"published_time":"2021-04-19T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3505","summary":"A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate(), which is called before the prime number check. The highest threat from this vulnerability is to data confidentiality.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00126,"ranking_epss":0.31936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1950046","https://github.com/stefanberger/libtpms/issues/183","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUCZX4S53TUNTSGTCRDNOQZV2V2RI4RJ/","https://bugzilla.redhat.com/show_bug.cgi?id=1950046","https://github.com/stefanberger/libtpms/issues/183","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUCZX4S53TUNTSGTCRDNOQZV2V2RI4RJ/"],"published_time":"2021-04-19T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26582","summary":"A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00351,"ranking_epss":0.57563,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04086en_us","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04086en_us"],"published_time":"2021-04-15T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3448","summary":"A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.","cvss":4.0,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12605,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939368","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/","https://security.gentoo.org/glsa/202105-20","https://www.oracle.com/security-alerts/cpujan2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1939368","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/","https://security.gentoo.org/glsa/202105-20","https://www.oracle.com/security-alerts/cpujan2022.html"],"published_time":"2021-04-08T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3482","summary":"A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data.","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00202,"ranking_epss":0.42329,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1946314","https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/","https://www.debian.org/security/2021/dsa-4958","https://bugzilla.redhat.com/show_bug.cgi?id=1946314","https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2XQT5F5IINTDYDAFGVGQZ7PMMLG7I5ZZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/","https://www.debian.org/security/2021/dsa-4958"],"published_time":"2021-04-08T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20305","summary":"A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":8.1,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00176,"ranking_epss":0.39119,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1942533","https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/","https://security.gentoo.org/glsa/202105-31","https://security.netapp.com/advisory/ntap-20211022-0002/","https://www.debian.org/security/2021/dsa-4933","https://bugzilla.redhat.com/show_bug.cgi?id=1942533","https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/","https://security.gentoo.org/glsa/202105-31","https://security.netapp.com/advisory/ntap-20211022-0002/","https://www.debian.org/security/2021/dsa-4933"],"published_time":"2021-04-05T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20291","summary":"A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).","cvss":6.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01026,"ranking_epss":0.77283,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939485","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/","https://unit42.paloaltonetworks.com/cve-2021-20291/","https://bugzilla.redhat.com/show_bug.cgi?id=1939485","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM/","https://unit42.paloaltonetworks.com/cve-2021-20291/"],"published_time":"2021-04-01T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3393","summary":"An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.","cvss":4.3,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.2839,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1924005","https://security.gentoo.org/glsa/202105-32","https://security.netapp.com/advisory/ntap-20210507-0006/","https://bugzilla.redhat.com/show_bug.cgi?id=1924005","https://security.gentoo.org/glsa/202105-32","https://security.netapp.com/advisory/ntap-20210507-0006/"],"published_time":"2021-04-01T14:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20271","summary":"A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.","cvss":7.0,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00228,"ranking_epss":0.45611,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1934125","https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/","https://security.gentoo.org/glsa/202107-43","https://www.starwindsoftware.com/security/sw-20220805-0002/","https://bugzilla.redhat.com/show_bug.cgi?id=1934125","https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/","https://security.gentoo.org/glsa/202107-43","https://www.starwindsoftware.com/security/sw-20220805-0002/"],"published_time":"2021-03-26T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35508","summary":"A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.","cvss":4.5,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":4.5,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.16484,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1902724","https://github.com/torvalds/linux/commit/b4e00444cab4c3f3fec876dc0cccc8cbb0d1a948","https://security.netapp.com/advisory/ntap-20210513-0006/","https://bugzilla.redhat.com/show_bug.cgi?id=1902724","https://github.com/torvalds/linux/commit/b4e00444cab4c3f3fec876dc0cccc8cbb0d1a948","https://security.netapp.com/advisory/ntap-20210513-0006/"],"published_time":"2021-03-26T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35518","summary":"When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00801,"ranking_epss":0.74066,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1905565","https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32","https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc","https://github.com/389ds/389-ds-base/issues/4480","https://bugzilla.redhat.com/show_bug.cgi?id=1905565","https://github.com/389ds/389-ds-base/commit/b6aae4d8e7c8a6ddd21646f94fef1bf7f22c3f32","https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc","https://github.com/389ds/389-ds-base/issues/4480"],"published_time":"2021-03-26T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20197","summary":"There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.","cvss":6.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00115,"ranking_epss":0.30186,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1913743","https://security.gentoo.org/glsa/202208-30","https://security.netapp.com/advisory/ntap-20210528-0009/","https://sourceware.org/bugzilla/show_bug.cgi?id=26945","https://bugzilla.redhat.com/show_bug.cgi?id=1913743","https://security.gentoo.org/glsa/202208-30","https://security.netapp.com/advisory/ntap-20210528-0009/","https://sourceware.org/bugzilla/show_bug.cgi?id=26945"],"published_time":"2021-03-26T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3466","summary":"A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Only version 0.9.70 is vulnerable.","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00419,"ranking_epss":0.61904,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939127","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4334XJNDJPYQNFE6S3S2KUJJ7TMHYCWL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75HDMREKITMGPGE62NP7KE62ZJVLETXN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5NEPVGP3L2CZHLZ4UB44PEILHKPDBOG/","https://security.gentoo.org/glsa/202311-08","https://bugzilla.redhat.com/show_bug.cgi?id=1939127","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4334XJNDJPYQNFE6S3S2KUJJ7TMHYCWL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75HDMREKITMGPGE62NP7KE62ZJVLETXN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5NEPVGP3L2CZHLZ4UB44PEILHKPDBOG/","https://security.gentoo.org/glsa/202311-08"],"published_time":"2021-03-25T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3443","summary":"A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10551,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939233","https://bugzilla.redhat.com/show_bug.cgi?id=1939233"],"published_time":"2021-03-25T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3446","summary":"A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps. The highest threat from this vulnerability is to data confidentiality.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14597,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1939664","https://bugzilla.redhat.com/show_bug.cgi?id=1939664"],"published_time":"2021-03-25T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19354","summary":"An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/articles/4859371","https://bugzilla.redhat.com/show_bug.cgi?id=1791534","https://bugzilla.redhat.com/show_bug.cgi?id=1793278","https://access.redhat.com/articles/4859371","https://bugzilla.redhat.com/show_bug.cgi?id=1791534","https://bugzilla.redhat.com/show_bug.cgi?id=1793278"],"published_time":"2021-03-24T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3409","summary":"The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.","cvss":5.7,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00188,"ranking_epss":0.40573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1928146","https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210507-0001/","https://www.openwall.com/lists/oss-security/2021/03/09/1","https://bugzilla.redhat.com/show_bug.cgi?id=1928146","https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210507-0001/","https://www.openwall.com/lists/oss-security/2021/03/09/1"],"published_time":"2021-03-23T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20270","summary":"An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00205,"ranking_epss":0.42655,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1922136","https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html","https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html","https://www.debian.org/security/2021/dsa-4889","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1922136","https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html","https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html","https://www.debian.org/security/2021/dsa-4889","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2021-03-23T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10196","summary":"A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Denial of Service through the usage of all available CPU resources and data exposure through an uninitialized memory leak in setups where an attacker could submit typed input to the auth parameter.","cvss":9.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00364,"ranking_epss":0.58483,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1567245","https://www.npmjs.com/advisories/607","https://bugzilla.redhat.com/show_bug.cgi?id=1567245","https://www.npmjs.com/advisories/607"],"published_time":"2021-03-19T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-4635","summary":"IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames.","cvss":3.7,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00163,"ranking_epss":0.37211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://exchange.xforce.ibmcloud.com/vulnerabilities/185502","https://www.ibm.com/support/pages/node/6431265","https://exchange.xforce.ibmcloud.com/vulnerabilities/185502","https://www.ibm.com/support/pages/node/6431265"],"published_time":"2021-03-19T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3416","summary":"A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.","cvss":6.0,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.0,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00322,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932827","https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210507-0002/","https://www.openwall.com/lists/oss-security/2021/02/26/1","https://bugzilla.redhat.com/show_bug.cgi?id=1932827","https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html","https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html","https://security.gentoo.org/glsa/202208-27","https://security.netapp.com/advisory/ntap-20210507-0002/","https://www.openwall.com/lists/oss-security/2021/02/26/1"],"published_time":"2021-03-18T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14850","summary":"A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side.","cvss":3.7,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00299,"ranking_epss":0.53246,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1757258","https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html","https://bugzilla.redhat.com/show_bug.cgi?id=1757258","https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html"],"published_time":"2021-03-18T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27827","summary":"A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00415,"ranking_epss":0.61673,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1921438","https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/","https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html","https://security.gentoo.org/glsa/202311-16","https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07","https://bugzilla.redhat.com/show_bug.cgi?id=1921438","https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/","https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html","https://security.gentoo.org/glsa/202311-16","https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07"],"published_time":"2021-03-18T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-3897","summary":"It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00179,"ranking_epss":0.39472,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1593768","https://bugzilla.redhat.com/show_bug.cgi?id=1593768"],"published_time":"2021-03-16T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20286","summary":"A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.","cvss":2.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":2.7,"cvss_v4":null,"epss":0.00248,"ranking_epss":0.48114,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1934727","https://gitlab.com/nbdkit/libnbd/-/commit/fb4440de9cc76e9c14bd3ddf3333e78621f40ad0","https://bugzilla.redhat.com/show_bug.cgi?id=1934727","https://gitlab.com/nbdkit/libnbd/-/commit/fb4440de9cc76e9c14bd3ddf3333e78621f40ad0"],"published_time":"2021-03-15T18:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20179","summary":"A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.","cvss":8.1,"cvss_version":3.0,"cvss_v2":5.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00291,"ranking_epss":0.52507,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1914379","https://github.com/dogtagpki/pki/pull/3474","https://github.com/dogtagpki/pki/pull/3475","https://github.com/dogtagpki/pki/pull/3476","https://github.com/dogtagpki/pki/pull/3477","https://github.com/dogtagpki/pki/pull/3478","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDOLFOLEIV7I4EUC3SCZBXL6E2ER7ZEN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRE44N6P24AEDKRMWK7RPRLMCUUBRJII/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3I7BRAHLE2WWSY76W3CKFCF5WSSAE24/","https://bugzilla.redhat.com/show_bug.cgi?id=1914379","https://github.com/dogtagpki/pki/pull/3474","https://github.com/dogtagpki/pki/pull/3475","https://github.com/dogtagpki/pki/pull/3476","https://github.com/dogtagpki/pki/pull/3477","https://github.com/dogtagpki/pki/pull/3478","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDOLFOLEIV7I4EUC3SCZBXL6E2ER7ZEN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRE44N6P24AEDKRMWK7RPRLMCUUBRJII/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3I7BRAHLE2WWSY76W3CKFCF5WSSAE24/"],"published_time":"2021-03-15T13:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20231","summary":"A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01195,"ranking_epss":0.78876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1922276","https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/","https://security.netapp.com/advisory/ntap-20210416-0005/","https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10","https://bugzilla.redhat.com/show_bug.cgi?id=1922276","https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/","https://security.netapp.com/advisory/ntap-20210416-0005/","https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10"],"published_time":"2021-03-12T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20232","summary":"A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00844,"ranking_epss":0.74768,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1922275","https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/","https://security.netapp.com/advisory/ntap-20210416-0005/","https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10","https://bugzilla.redhat.com/show_bug.cgi?id=1922275","https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/","https://security.netapp.com/advisory/ntap-20210416-0005/","https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10"],"published_time":"2021-03-12T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20261","summary":"A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. The impact of this issue is lessened by the fact that the default permissions on the floppy device (/dev/fd0) are restricted to root. If the permissions on the device have changed the impact changes greatly. In the default configuration root (or equivalent) permissions are required to attack this flaw.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09639,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932150","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0c80efe5956ccce9fe7ae5c78542578c07bc20a","https://bugzilla.redhat.com/show_bug.cgi?id=1932150","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a0c80efe5956ccce9fe7ae5c78542578c07bc20a"],"published_time":"2021-03-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35524","summary":"A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00413,"ranking_epss":0.61526,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932044","https://gitlab.com/libtiff/libtiff/-/merge_requests/159","https://gitlab.com/rzkn/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22","https://lists.debian.org/debian-lts-announce/2021/06/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://www.debian.org/security/2021/dsa-4869","https://bugzilla.redhat.com/show_bug.cgi?id=1932044","https://gitlab.com/libtiff/libtiff/-/merge_requests/159","https://gitlab.com/rzkn/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22","https://lists.debian.org/debian-lts-announce/2021/06/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://www.debian.org/security/2021/dsa-4869"],"published_time":"2021-03-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3411","summary":"A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00111,"ranking_epss":0.29552,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://blog.pi3.com.pl/?p=831","https://bugzilla.redhat.com/show_bug.cgi?id=1928236","http://blog.pi3.com.pl/?p=831","https://bugzilla.redhat.com/show_bug.cgi?id=1928236"],"published_time":"2021-03-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35521","summary":"A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22241,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932034","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://bugzilla.redhat.com/show_bug.cgi?id=1932034","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/"],"published_time":"2021-03-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35522","summary":"In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13071,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932037","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://bugzilla.redhat.com/show_bug.cgi?id=1932037","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/"],"published_time":"2021-03-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35523","summary":"An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00227,"ranking_epss":0.45521,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1932040","https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2","https://gitlab.com/libtiff/libtiff/-/merge_requests/160","https://lists.debian.org/debian-lts-announce/2021/06/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://www.debian.org/security/2021/dsa-4869","https://bugzilla.redhat.com/show_bug.cgi?id=1932040","https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2","https://gitlab.com/libtiff/libtiff/-/merge_requests/160","https://lists.debian.org/debian-lts-announce/2021/06/msg00023.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/","https://security.gentoo.org/glsa/202104-06","https://security.netapp.com/advisory/ntap-20210521-0009/","https://www.debian.org/security/2021/dsa-4869"],"published_time":"2021-03-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20244","summary":"A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0013,"ranking_epss":0.32466,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1928959","https://github.com/ImageMagick/ImageMagick/pull/3194","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=1928959","https://github.com/ImageMagick/ImageMagick/pull/3194","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2021-03-09T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20245","summary":"A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.46224,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1928943","https://github.com/ImageMagick/ImageMagick/issues/3176","https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=1928943","https://github.com/ImageMagick/ImageMagick/issues/3176","https://lists.debian.org/debian-lts-announce/2021/06/msg00000.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2021-03-09T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20246","summary":"A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0029,"ranking_epss":0.5245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1928941","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html","https://bugzilla.redhat.com/show_bug.cgi?id=1928941","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html"],"published_time":"2021-03-09T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3403","summary":"In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00889,"ranking_epss":0.75502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1926967","https://github.com/Yeraze/ytnef/issues/85","https://bugzilla.redhat.com/show_bug.cgi?id=1926967","https://github.com/Yeraze/ytnef/issues/85"],"published_time":"2021-03-04T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-3404","summary":"In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02066,"ranking_epss":0.8393,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1926965","https://github.com/Yeraze/ytnef/issues/86","https://bugzilla.redhat.com/show_bug.cgi?id=1926965","https://github.com/Yeraze/ytnef/issues/86"],"published_time":"2021-03-04T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25639","summary":"A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.","cvss":4.4,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1876995","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE4CT3NL6OEBRRBUKHIX63GLNVOWCVRW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUCBCKRHWP3UD2AVVYQJE7BIJEMCMXW5/","https://bugzilla.redhat.com/show_bug.cgi?id=1876995","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HE4CT3NL6OEBRRBUKHIX63GLNVOWCVRW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUCBCKRHWP3UD2AVVYQJE7BIJEMCMXW5/"],"published_time":"2021-03-04T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20233","summary":"A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":8.2,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00173,"ranking_epss":0.38705,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1926263","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1926263","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14372","summary":"A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.2,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01884,"ranking_epss":0.83158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/vulnerabilities/RHSB-2021-003","https://bugzilla.redhat.com/show_bug.cgi?id=1873150","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20210416-0004/","https://access.redhat.com/security/vulnerabilities/RHSB-2021-003","https://bugzilla.redhat.com/show_bug.cgi?id=1873150","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20210416-0004/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25632","summary":"A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":8.2,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.0612,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1879577","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1879577","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25647","summary":"A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.6,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.6,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01157,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1886936","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1886936","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27749","summary":"A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00046,"ranking_epss":0.13957,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1899966","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1899966","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27779","summary":"A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1900698","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1900698","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20225","summary":"A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.0007,"ranking_epss":0.21389,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1924696","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=1924696","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20220325-0001/"],"published_time":"2021-03-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20194","summary":"There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15464,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1912683","https://security.netapp.com/advisory/ntap-20210326-0003/","https://bugzilla.redhat.com/show_bug.cgi?id=1912683","https://security.netapp.com/advisory/ntap-20210326-0003/"],"published_time":"2021-02-23T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20229","summary":"A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24762,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1925296","https://security.gentoo.org/glsa/202105-32","https://security.netapp.com/advisory/ntap-20210326-0005/","https://bugzilla.redhat.com/show_bug.cgi?id=1925296","https://security.gentoo.org/glsa/202105-32","https://security.netapp.com/advisory/ntap-20210326-0005/"],"published_time":"2021-02-23T18:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-20188","summary":"A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.2468,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1915734","https://bugzilla.redhat.com/show_bug.cgi?id=1915734"],"published_time":"2021-02-11T18:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14391","summary":"A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00166,"ranking_epss":0.37654,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1873093","https://bugzilla.redhat.com/show_bug.cgi?id=1873093"],"published_time":"2021-02-08T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35513","summary":"A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service.","cvss":4.9,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.9,"cvss_v4":null,"epss":0.00317,"ranking_epss":0.54762,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1911309","https://patchwork.kernel.org/project/linux-nfs/patch/20180403203916.GH20297%40fieldses.org/","https://bugzilla.redhat.com/show_bug.cgi?id=1911309","https://patchwork.kernel.org/project/linux-nfs/patch/20180403203916.GH20297%40fieldses.org/"],"published_time":"2021-01-26T18:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25657","summary":"A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61119,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1889823","https://bugzilla.redhat.com/show_bug.cgi?id=1889823"],"published_time":"2021-01-12T15:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27842","summary":"There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.2976,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1907513","https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/","https://security.gentoo.org/glsa/202101-29","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuApr2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1907513","https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV/","https://security.gentoo.org/glsa/202101-29","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuApr2021.html"],"published_time":"2021-01-05T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-35507","summary":"There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00229,"ranking_epss":0.45669,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1911691","https://security.gentoo.org/glsa/202107-24","https://security.netapp.com/advisory/ntap-20210212-0007/","https://bugzilla.redhat.com/show_bug.cgi?id=1911691","https://security.gentoo.org/glsa/202107-24","https://security.netapp.com/advisory/ntap-20210212-0007/"],"published_time":"2021-01-04T15:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27846","summary":"A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.07544,"ranking_epss":0.91824,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1907670","https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9","https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/","https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/","https://security.netapp.com/advisory/ntap-20210205-0002/","https://bugzilla.redhat.com/show_bug.cgi?id=1907670","https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9","https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YUTKIRWT6TWU7DS6GF3EOANVQBFQZYI/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICP3YRY2VUCNCF2VFUSK77ZMRIC77FEM/","https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/","https://security.netapp.com/advisory/ntap-20210205-0002/"],"published_time":"2020-12-21T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27777","summary":"A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07612,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1900844","https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=bd59380c5ba4147dcbaad3e582b55ccfd120b764","https://www.openwall.com/lists/oss-security/2020/10/09/1","https://www.openwall.com/lists/oss-security/2020/11/23/2","https://bugzilla.redhat.com/show_bug.cgi?id=1900844","https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=bd59380c5ba4147dcbaad3e582b55ccfd120b764","https://www.openwall.com/lists/oss-security/2020/10/09/1","https://www.openwall.com/lists/oss-security/2020/11/23/2"],"published_time":"2020-12-15T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25712","summary":"A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00134,"ranking_epss":0.33054,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1887276","https://lists.x.org/archives/xorg-announce/2020-December/003066.html","https://bugzilla.redhat.com/show_bug.cgi?id=1887276","https://lists.x.org/archives/xorg-announce/2020-December/003066.html"],"published_time":"2020-12-15T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27825","summary":"A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.","cvss":5.7,"cvss_version":3.0,"cvss_v2":5.4,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00138,"ranking_epss":0.33568,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1905155","https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html","https://security.netapp.com/advisory/ntap-20210521-0008/","https://www.debian.org/security/2021/dsa-4843","https://bugzilla.redhat.com/show_bug.cgi?id=1905155","https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html","https://security.netapp.com/advisory/ntap-20210521-0008/","https://www.debian.org/security/2021/dsa-4843"],"published_time":"2020-12-11T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27786","summary":"A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.07604,"ranking_epss":0.91855,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2020/12/03/1","https://bugzilla.redhat.com/show_bug.cgi?id=1900933","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d","https://security.netapp.com/advisory/ntap-20210122-0002/","http://www.openwall.com/lists/oss-security/2020/12/03/1","https://bugzilla.redhat.com/show_bug.cgi?id=1900933","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d","https://security.netapp.com/advisory/ntap-20210122-0002/"],"published_time":"2020-12-11T05:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25692","summary":"A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.06241,"ranking_epss":0.90897,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1894567","https://security.netapp.com/advisory/ntap-20210108-0006/","https://bugzilla.redhat.com/show_bug.cgi?id=1894567","https://security.netapp.com/advisory/ntap-20210108-0006/"],"published_time":"2020-12-08T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-29573","summary":"sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.36934,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://security.gentoo.org/glsa/202101-20","https://security.netapp.com/advisory/ntap-20210122-0004/","https://sourceware.org/bugzilla/show_bug.cgi?id=26649","https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html","https://security.gentoo.org/glsa/202101-20","https://security.netapp.com/advisory/ntap-20210122-0004/","https://sourceware.org/bugzilla/show_bug.cgi?id=26649","https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"],"published_time":"2020-12-06T00:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27772","summary":"A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24759,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898291","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898291","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27773","summary":"A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.2605,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898295","https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898295","https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27774","summary":"A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24759,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898296","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898296","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27775","summary":"A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24759,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898300","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898300","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27776","summary":"A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned long. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.20285,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898304","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898304","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27765","summary":"A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24759,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1894684","https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1894684","https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27767","summary":"A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24759,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1894687","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1894687","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27771","summary":"In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts the return value of GetPixelIndex() to ssize_t type to avoid this bug. This undefined behavior could be triggered when ImageMagick processes a crafted pdf file. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was demonstrated in this case. This flaw affects ImageMagick versions prior to 7.0.9-0.","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28452,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1898290","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=1898290","https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html","https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html"],"published_time":"2020-12-04T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27778","summary":"A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00283,"ranking_epss":0.51719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1900712","https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html","https://bugzilla.redhat.com/show_bug.cgi?id=1900712","https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html"],"published_time":"2020-12-03T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-27783","summary":"A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.01246,"ranking_epss":0.79288,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://advisory.checkmarx.net/advisory/CX-2020-4286","https://bugzilla.redhat.com/show_bug.cgi?id=1901633","https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/","https://security.netapp.com/advisory/ntap-20210521-0003/","https://www.debian.org/security/2020/dsa-4810","https://www.oracle.com//security-alerts/cpujul2021.html","https://advisory.checkmarx.net/advisory/CX-2020-4286","https://bugzilla.redhat.com/show_bug.cgi?id=1901633","https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/","https://security.netapp.com/advisory/ntap-20210521-0003/","https://www.debian.org/security/2020/dsa-4810","https://www.oracle.com//security-alerts/cpujul2021.html"],"published_time":"2020-12-03T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14339","summary":"A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00076,"ranking_epss":0.22805,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1860069","https://security.gentoo.org/glsa/202101-22","https://security.gentoo.org/glsa/202210-06","https://bugzilla.redhat.com/show_bug.cgi?id=1860069","https://security.gentoo.org/glsa/202101-22","https://security.gentoo.org/glsa/202210-06"],"published_time":"2020-12-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14351","summary":"A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0013,"ranking_epss":0.32499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1862849","https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html","https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html","https://bugzilla.redhat.com/show_bug.cgi?id=1862849","https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html","https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html"],"published_time":"2020-12-03T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14318","summary":"A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00157,"ranking_epss":0.36517,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1892631","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://security.gentoo.org/glsa/202012-24","https://www.samba.org/samba/security/CVE-2020-14318.html","https://bugzilla.redhat.com/show_bug.cgi?id=1892631","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://security.gentoo.org/glsa/202012-24","https://www.samba.org/samba/security/CVE-2020-14318.html"],"published_time":"2020-12-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14383","summary":"A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate, but many RPC services will not.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00465,"ranking_epss":0.64336,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1892636","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://security.gentoo.org/glsa/202012-24","https://www.samba.org/samba/security/CVE-2020-14383.html","https://bugzilla.redhat.com/show_bug.cgi?id=1892636","https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html","https://security.gentoo.org/glsa/202012-24","https://www.samba.org/samba/security/CVE-2020-14383.html"],"published_time":"2020-12-02T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25656","summary":"A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.","cvss":4.1,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":4.1,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01351,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1888726","https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html","https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html","https://lkml.org/lkml/2020/10/16/84","https://lkml.org/lkml/2020/10/29/528","https://www.starwindsoftware.com/security/sw-20210325-0006/","https://bugzilla.redhat.com/show_bug.cgi?id=1888726","https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html","https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html","https://lkml.org/lkml/2020/10/16/84","https://lkml.org/lkml/2020/10/29/528","https://www.starwindsoftware.com/security/sw-20210325-0006/"],"published_time":"2020-12-02T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10772","summary":"An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned erratum. This issue is about the incomplete fix for CVE-2020-12662, and it does not affect upstream versions of Unbound.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00303,"ranking_epss":0.53588,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1846026","https://bugzilla.redhat.com/show_bug.cgi?id=1846026"],"published_time":"2020-11-27T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25708","summary":"A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00784,"ranking_epss":0.73751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1896739","https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html","https://bugzilla.redhat.com/show_bug.cgi?id=1896739","https://lists.debian.org/debian-lts-announce/2022/09/msg00035.html"],"published_time":"2020-11-27T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10763","summary":"An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00048,"ranking_epss":0.14792,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1845387","https://github.com/heketi/heketi/releases/tag/v10.1.0","https://bugzilla.redhat.com/show_bug.cgi?id=1845387","https://github.com/heketi/heketi/releases/tag/v10.1.0"],"published_time":"2020-11-24T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25705","summary":"A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version","cvss":7.4,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":7.4,"cvss_v4":null,"epss":0.01063,"ranking_epss":0.77663,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03","https://us-cert.cisa.gov/ics/advisories/icsa-21-131-03"],"published_time":"2020-11-17T02:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25661","summary":"A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","cvss":7.5,"cvss_version":3.0,"cvss_v2":8.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0164,"ranking_epss":0.81941,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2020-12351","https://access.redhat.com/security/vulnerabilities/BleedingTooth","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25661","https://access.redhat.com/security/cve/CVE-2020-12351","https://access.redhat.com/security/vulnerabilities/BleedingTooth","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25661"],"published_time":"2020-11-05T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25662","summary":"A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.","cvss":5.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00756,"ranking_epss":0.73251,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2020-12352","https://access.redhat.com/security/vulnerabilities/BleedingTooth","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662","https://access.redhat.com/security/cve/CVE-2020-12352","https://access.redhat.com/security/vulnerabilities/BleedingTooth","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25662"],"published_time":"2020-11-05T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25648","summary":"A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00099,"ranking_epss":0.2704,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1887319","https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes","https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E","https://lists.debian.org/debian-lts-announce/2023/10/msg00039.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://bugzilla.redhat.com/show_bug.cgi?id=1887319","https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes","https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E","https://lists.debian.org/debian-lts-announce/2023/10/msg00039.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERA5SVJQXQMDGES7RIT4F4NQVLD35RXN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRM53IQCPZT2US3M7JXTP6I6IBA5RGOD/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RPOLN6DJUYQ3QBQEGLZGV73SNIPK7GHV/","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2022.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2020-10-20T22:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14355","summary":"Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.","cvss":6.6,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":6.6,"cvss_v4":null,"epss":0.01111,"ranking_epss":0.78144,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html","http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html","https://bugzilla.redhat.com/show_bug.cgi?id=1868435","https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html","https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html","https://usn.ubuntu.com/4572-1/","https://usn.ubuntu.com/4572-2/","https://www.debian.org/security/2020/dsa-4771","https://www.openwall.com/lists/oss-security/2020/10/06/10","http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html","http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00001.html","https://bugzilla.redhat.com/show_bug.cgi?id=1868435","https://lists.debian.org/debian-lts-announce/2020/11/msg00001.html","https://lists.debian.org/debian-lts-announce/2020/11/msg00002.html","https://usn.ubuntu.com/4572-1/","https://usn.ubuntu.com/4572-2/","https://www.debian.org/security/2020/dsa-4771","https://www.openwall.com/lists/oss-security/2020/10/06/10"],"published_time":"2020-10-07T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25743","summary":"hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.","cvss":3.2,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.2,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13366,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2020/09/29/1","https://bugzilla.redhat.com/show_bug.cgi?id=1881409","https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html","https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b","http://www.openwall.com/lists/oss-security/2020/09/29/1","https://bugzilla.redhat.com/show_bug.cgi?id=1881409","https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html","https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b"],"published_time":"2020-10-06T15:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25641","summary":"A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05195,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html","http://www.openwall.com/lists/oss-security/2020/10/06/9","https://bugzilla.redhat.com/show_bug.cgi?id=1881424","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://usn.ubuntu.com/4576-1/","https://www.kernel.org/doc/html/latest/block/biovecs.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html","http://www.openwall.com/lists/oss-security/2020/10/06/9","https://bugzilla.redhat.com/show_bug.cgi?id=1881424","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://usn.ubuntu.com/4576-1/","https://www.kernel.org/doc/html/latest/block/biovecs.html"],"published_time":"2020-10-06T14:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-25643","summary":"A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.2,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":7.2,"cvss_v4":null,"epss":0.00414,"ranking_epss":0.61532,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html","https://bugzilla.redhat.com/show_bug.cgi?id=1879981","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105","https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://security.netapp.com/advisory/ntap-20201103-0002/","https://www.debian.org/security/2020/dsa-4774","https://www.starwindsoftware.com/security/sw-20210325-0002/","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html","https://bugzilla.redhat.com/show_bug.cgi?id=1879981","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105","https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://security.netapp.com/advisory/ntap-20201103-0002/","https://www.debian.org/security/2020/dsa-4774","https://www.starwindsoftware.com/security/sw-20210325-0002/"],"published_time":"2020-10-06T14:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10687","summary":"A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.","cvss":4.8,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":4.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.31396,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1785049","https://lists.apache.org/thread.html/r6603513ea8afbf6857fd77ca5888ec8385d0af493baa4250e28c351c%40%3Cdev.cxf.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0015/","https://bugzilla.redhat.com/show_bug.cgi?id=1785049","https://lists.apache.org/thread.html/r6603513ea8afbf6857fd77ca5888ec8385d0af493baa4250e28c351c%40%3Cdev.cxf.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0015/"],"published_time":"2020-09-23T13:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14370","summary":"An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00177,"ranking_epss":0.39314,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1874268","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/","https://bugzilla.redhat.com/show_bug.cgi?id=1874268","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"],"published_time":"2020-09-23T13:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14382","summary":"A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement \"intervals = malloc(first_backup * sizeof(*intervals));\"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00282,"ranking_epss":0.51615,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1874712","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OJTQ4KSVCW2NMSU5WFVPOHY46WMNF4OB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD6YSD63LLRRC4WQ7DJLSXWNUCY6FWBM/","https://usn.ubuntu.com/4493-1/","https://bugzilla.redhat.com/show_bug.cgi?id=1874712","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OJTQ4KSVCW2NMSU5WFVPOHY46WMNF4OB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD6YSD63LLRRC4WQ7DJLSXWNUCY6FWBM/","https://usn.ubuntu.com/4493-1/"],"published_time":"2020-09-16T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10759","summary":"A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity.","cvss":6.0,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.0,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00601,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1844316","https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md","https://bugzilla.redhat.com/show_bug.cgi?id=1844316","https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md"],"published_time":"2020-09-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14331","summary":"A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":6.6,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1858679","https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://lists.openwall.net/linux-kernel/2020/07/29/234","https://www.openwall.com/lists/oss-security/2020/07/28/2","https://bugzilla.redhat.com/show_bug.cgi?id=1858679","https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://lists.openwall.net/linux-kernel/2020/07/29/234","https://www.openwall.com/lists/oss-security/2020/07/28/2"],"published_time":"2020-09-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14346","summary":"A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00169,"ranking_epss":0.38048,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1862246","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1417/","https://bugzilla.redhat.com/show_bug.cgi?id=1862246","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1417/"],"published_time":"2020-09-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14361","summary":"A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00233,"ranking_epss":0.46156,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1869142","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1418/","https://bugzilla.redhat.com/show_bug.cgi?id=1869142","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1418/"],"published_time":"2020-09-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14362","summary":"A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00178,"ranking_epss":0.39387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1869144","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1419/","https://bugzilla.redhat.com/show_bug.cgi?id=1869144","https://lists.x.org/archives/xorg-announce/2020-August/003058.html","https://security.gentoo.org/glsa/202012-01","https://usn.ubuntu.com/4488-2/","https://www.zerodayinitiative.com/advisories/ZDI-20-1419/"],"published_time":"2020-09-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0570","summary":"Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.","cvss":7.3,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.3,"cvss_v4":null,"epss":0.00329,"ranking_epss":0.55919,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugreports.qt.io/browse/QTBUG-81272","https://bugzilla.redhat.com/show_bug.cgi?id=1800604","https://lists.qt-project.org/pipermail/development/2020-January/038534.html","https://bugreports.qt.io/browse/QTBUG-81272","https://bugzilla.redhat.com/show_bug.cgi?id=1800604","https://lists.qt-project.org/pipermail/development/2020-January/038534.html"],"published_time":"2020-09-14T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1045","summary":"<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>\n<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p>\n<p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.20401,"ranking_epss":0.9554,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:3699","https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045","https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600","https://access.redhat.com/errata/RHSA-2020:3699","https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.8/3.1.8.md#changes-in-318","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LN2FUVBSVPGK7AU3NMLO3YR6CGONQPB/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ASICXQXS4M7MTAF6SGQMCLCA63DLCUT3/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1045","https://security.snyk.io/vuln/SNYK-RHEL8-DOTNET-1439600"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1749","summary":"A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00155,"ranking_epss":0.3628,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1749","https://security.netapp.com/advisory/ntap-20201222-0001/","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1749","https://security.netapp.com/advisory/ntap-20201222-0001/"],"published_time":"2020-09-09T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14373","summary":"A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00167,"ranking_epss":0.37807,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugs.ghostscript.com/show_bug.cgi?id=702851","https://bugzilla.redhat.com/show_bug.cgi?id=1873239","https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=ece5cbbd9979cd35737b00e68267762d72feb2ea%3Bhp=1ef5f08f2c2e27efa978f0010669ff22355c385f","https://bugs.ghostscript.com/show_bug.cgi?id=702851","https://bugzilla.redhat.com/show_bug.cgi?id=1873239","https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=ece5cbbd9979cd35737b00e68267762d72feb2ea%3Bhp=1ef5f08f2c2e27efa978f0010669ff22355c385f"],"published_time":"2020-09-03T18:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14364","summary":"An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.","cvss":5.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":5.0,"cvss_v4":null,"epss":0.13903,"ranking_epss":0.94309,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00024.html","https://bugzilla.redhat.com/show_bug.cgi?id=1869201","https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTZQUQ6ZBPMFMNAUQBVJFELYNMUZLL6P/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52WIRMZL6TZRYZ65N6OAYNNFHV62O2N/","https://security.gentoo.org/glsa/202009-14","https://security.gentoo.org/glsa/202011-09","https://security.netapp.com/advisory/ntap-20200924-0006/","https://usn.ubuntu.com/4511-1/","https://www.debian.org/security/2020/dsa-4760","https://www.openwall.com/lists/oss-security/2020/08/24/2","https://www.openwall.com/lists/oss-security/2020/08/24/3","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00024.html","https://bugzilla.redhat.com/show_bug.cgi?id=1869201","https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTZQUQ6ZBPMFMNAUQBVJFELYNMUZLL6P/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52WIRMZL6TZRYZ65N6OAYNNFHV62O2N/","https://security.gentoo.org/glsa/202009-14","https://security.gentoo.org/glsa/202011-09","https://security.netapp.com/advisory/ntap-20200924-0006/","https://usn.ubuntu.com/4511-1/","https://www.debian.org/security/2020/dsa-4760","https://www.openwall.com/lists/oss-security/2020/08/24/2","https://www.openwall.com/lists/oss-security/2020/08/24/3"],"published_time":"2020-08-31T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14356","summary":"A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00765,"ranking_epss":0.73439,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html","https://bugzilla.kernel.org/show_bug.cgi?id=208003","https://bugzilla.redhat.com/show_bug.cgi?id=1868453","https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/","https://security.netapp.com/advisory/ntap-20200904-0002/","https://usn.ubuntu.com/4483-1/","https://usn.ubuntu.com/4484-1/","https://usn.ubuntu.com/4526-1/","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html","https://bugzilla.kernel.org/show_bug.cgi?id=208003","https://bugzilla.redhat.com/show_bug.cgi?id=1868453","https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html","https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html","https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/","https://security.netapp.com/advisory/ntap-20200904-0002/","https://usn.ubuntu.com/4483-1/","https://usn.ubuntu.com/4484-1/","https://usn.ubuntu.com/4526-1/"],"published_time":"2020-08-19T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-9490","summary":"Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.76276,"ranking_epss":0.98929,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html","http://packetstormsecurity.com/files/160392/Apache-2.4.43-mod_http2-Memory-Corruption.html","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490","https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r0b6541c5fb2f8fb383861333400add7def625bc993300300de0b4f8d%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r97d0faab6ed8fd0d439234b16d05d77b22a07b0c4817e7b3cca419cc%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9e485ce5a01c9dc3d4d785a7d28aa7400ead1e81884034ff1f03cfee%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/ra4da876037477c06f2677d7a1e10b5a8613000fca99c813958070fe9%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rfed9fea918e090383da33e393eb6c2755fccf05032bd7d6eb4737c9e%40%3Ccvs.httpd.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/","https://security.gentoo.org/glsa/202008-04","https://security.netapp.com/advisory/ntap-20200814-0005/","https://usn.ubuntu.com/4458-1/","https://www.debian.org/security/2020/dsa-4757","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00081.html","http://packetstormsecurity.com/files/160392/Apache-2.4.43-mod_http2-Memory-Corruption.html","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490","https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r0b6541c5fb2f8fb383861333400add7def625bc993300300de0b4f8d%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r5debe8f82728a00a4a68bc904dd6c35423bdfc8d601cfb4579f38bf1%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r97d0faab6ed8fd0d439234b16d05d77b22a07b0c4817e7b3cca419cc%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9e485ce5a01c9dc3d4d785a7d28aa7400ead1e81884034ff1f03cfee%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71%40%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/ra4da876037477c06f2677d7a1e10b5a8613000fca99c813958070fe9%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/rfed9fea918e090383da33e393eb6c2755fccf05032bd7d6eb4737c9e%40%3Ccvs.httpd.apache.org%3E","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NKWG2EXAQQB6LMLATKZ7KLSRGCSHVAN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVFDBVM6E3JF3O7RYLRPRCH3RDRHJJY/","https://security.gentoo.org/glsa/202008-04","https://security.netapp.com/advisory/ntap-20200814-0005/","https://usn.ubuntu.com/4458-1/","https://www.debian.org/security/2020/dsa-4757","https://www.oracle.com/security-alerts/cpujan2021.html","https://www.oracle.com/security-alerts/cpuoct2020.html"],"published_time":"2020-08-07T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14310","summary":"There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.","cvss":5.7,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16953,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14310","https://security.gentoo.org/glsa/202104-05","https://usn.ubuntu.com/4432-1/","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14310","https://security.gentoo.org/glsa/202104-05","https://usn.ubuntu.com/4432-1/"],"published_time":"2020-07-31T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-14311","summary":"There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.","cvss":5.7,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14311","https://security.gentoo.org/glsa/202104-05","https://usn.ubuntu.com/4432-1/","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14311","https://security.gentoo.org/glsa/202104-05","https://usn.ubuntu.com/4432-1/"],"published_time":"2020-07-31T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15705","summary":"GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06361,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","http://www.openwall.com/lists/oss-security/2021/03/02/3","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","http://www.openwall.com/lists/oss-security/2021/03/02/3","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15706","summary":"GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16253,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15707","summary":"Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.","cvss":5.7,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09162,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15719","summary":"libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.","cvss":4.2,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00216,"ranking_epss":0.44064,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html","https://access.redhat.com/errata/RHBA-2019:3674","https://bugs.openldap.org/show_bug.cgi?id=9266","https://bugzilla.redhat.com/show_bug.cgi?id=1740070","https://kc.mcafee.com/corporate/index?page=content&id=SB10365","https://www.oracle.com/security-alerts/cpuapr2022.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html","https://access.redhat.com/errata/RHBA-2019:3674","https://bugs.openldap.org/show_bug.cgi?id=9266","https://bugzilla.redhat.com/show_bug.cgi?id=1740070","https://kc.mcafee.com/corporate/index?page=content&id=SB10365","https://www.oracle.com/security-alerts/cpuapr2022.html"],"published_time":"2020-07-14T14:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19338","summary":"A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00091,"ranking_epss":0.25554,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338","https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort","https://www.openwall.com/lists/oss-security/2019/12/10/3","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338","https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort","https://www.openwall.com/lists/oss-security/2019/12/10/3"],"published_time":"2020-07-13T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10756","summary":"An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06826,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00040.html","https://bugzilla.redhat.com/show_bug.cgi?id=1835986","https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYTZ32P67PZER6P7TW6FQK3SZRKQLVEI/","https://security.netapp.com/advisory/ntap-20201001-0001/","https://usn.ubuntu.com/4437-1/","https://usn.ubuntu.com/4467-1/","https://www.debian.org/security/2020/dsa-4728","https://www.zerodayinitiative.com/advisories/ZDI-20-1005/","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00040.html","https://bugzilla.redhat.com/show_bug.cgi?id=1835986","https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYTZ32P67PZER6P7TW6FQK3SZRKQLVEI/","https://security.netapp.com/advisory/ntap-20201001-0001/","https://usn.ubuntu.com/4437-1/","https://usn.ubuntu.com/4467-1/","https://www.debian.org/security/2020/dsa-4728","https://www.zerodayinitiative.com/advisories/ZDI-20-1005/"],"published_time":"2020-07-09T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-7140","summary":"A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gateway Option) could be exploited remotely to cause a remote cross-site scripting (XSS). HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewall_patchaccess","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00398,"ranking_epss":0.60592,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04011en_us","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04011en_us"],"published_time":"2020-07-08T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14900","summary":"A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01814,"ranking_epss":0.82844,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1666499","https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0020/","https://bugzilla.redhat.com/show_bug.cgi?id=1666499","https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0020/"],"published_time":"2020-07-06T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10769","summary":"A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00177,"ranking_epss":0.39207,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html","https://bugzilla.redhat.com/show_bug.cgi?id=1708775%3B","https://lkml.org/lkml/2019/1/21/675","https://www.oracle.com/security-alerts/cpuApr2021.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html","https://bugzilla.redhat.com/show_bug.cgi?id=1708775%3B","https://lkml.org/lkml/2019/1/21/675","https://www.oracle.com/security-alerts/cpuApr2021.html"],"published_time":"2020-06-26T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10705","summary":"A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00299,"ranking_epss":0.53269,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1803241","https://security.netapp.com/advisory/ntap-20220210-0014/","https://bugzilla.redhat.com/show_bug.cgi?id=1803241","https://security.netapp.com/advisory/ntap-20220210-0014/"],"published_time":"2020-06-10T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10757","summary":"A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00669,"ranking_epss":0.71292,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1842525","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5bfea2d9b17f1034a68147a8b03b9789af5700f9","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IEM47BXZJLODRH5YNNZSAQ2NVM63MYMC/","https://security.netapp.com/advisory/ntap-20200702-0004/","https://usn.ubuntu.com/4426-1/","https://usn.ubuntu.com/4439-1/","https://usn.ubuntu.com/4440-1/","https://usn.ubuntu.com/4483-1/","https://www.debian.org/security/2020/dsa-4698","https://www.debian.org/security/2020/dsa-4699","https://www.openwall.com/lists/oss-security/2020/06/04/4","http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1842525","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5bfea2d9b17f1034a68147a8b03b9789af5700f9","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IEM47BXZJLODRH5YNNZSAQ2NVM63MYMC/","https://security.netapp.com/advisory/ntap-20200702-0004/","https://usn.ubuntu.com/4426-1/","https://usn.ubuntu.com/4439-1/","https://usn.ubuntu.com/4440-1/","https://usn.ubuntu.com/4483-1/","https://www.debian.org/security/2020/dsa-4698","https://www.debian.org/security/2020/dsa-4699","https://www.openwall.com/lists/oss-security/2020/06/04/4"],"published_time":"2020-06-09T13:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10761","summary":"An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.","cvss":5.0,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.0,"cvss_v4":null,"epss":0.00841,"ranking_epss":0.74716,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10761","https://security.gentoo.org/glsa/202011-09","https://security.netapp.com/advisory/ntap-20200731-0001/","https://usn.ubuntu.com/4467-1/","https://www.openwall.com/lists/oss-security/2020/06/09/1","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10761","https://security.gentoo.org/glsa/202011-09","https://security.netapp.com/advisory/ntap-20200731-0001/","https://usn.ubuntu.com/4467-1/","https://www.openwall.com/lists/oss-security/2020/06/09/1"],"published_time":"2020-06-09T13:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10749","summary":"A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.","cvss":6.0,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":6.0,"cvss_v4":null,"epss":0.05187,"ranking_epss":0.89917,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749","https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749","https://groups.google.com/forum/#%21topic/kubernetes-security-announce/BMb_6ICCfp8","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC/"],"published_time":"2020-06-03T14:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10719","summary":"A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00167,"ranking_epss":0.3782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719","https://security.netapp.com/advisory/ntap-20220210-0014/","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719","https://security.netapp.com/advisory/ntap-20220210-0014/"],"published_time":"2020-05-26T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10711","summary":"A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.05438,"ranking_epss":0.90175,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4411-1/","https://usn.ubuntu.com/4412-1/","https://usn.ubuntu.com/4413-1/","https://usn.ubuntu.com/4414-1/","https://usn.ubuntu.com/4419-1/","https://www.debian.org/security/2020/dsa-4698","https://www.debian.org/security/2020/dsa-4699","https://www.openwall.com/lists/oss-security/2020/05/12/2","http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10711","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4411-1/","https://usn.ubuntu.com/4412-1/","https://usn.ubuntu.com/4413-1/","https://usn.ubuntu.com/4414-1/","https://usn.ubuntu.com/4419-1/","https://www.debian.org/security/2020/dsa-4698","https://www.debian.org/security/2020/dsa-4699","https://www.openwall.com/lists/oss-security/2020/05/12/2"],"published_time":"2020-05-22T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-12826","summary":"A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20904,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1822077","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5","https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://lists.openwall.net/linux-kernel/2020/03/24/1803","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4367-1/","https://usn.ubuntu.com/4369-1/","https://usn.ubuntu.com/4391-1/","https://www.openwall.com/lists/kernel-hardening/2020/03/25/1","https://bugzilla.redhat.com/show_bug.cgi?id=1822077","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.5","https://github.com/torvalds/linux/commit/7395ea4e65c2a00d23185a3f63ad315756ba9cef","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://lists.openwall.net/linux-kernel/2020/03/24/1803","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4367-1/","https://usn.ubuntu.com/4369-1/","https://usn.ubuntu.com/4391-1/","https://www.openwall.com/lists/kernel-hardening/2020/03/25/1"],"published_time":"2020-05-12T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10690","summary":"There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00126,"ranking_epss":0.31898,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4419-1/","http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://security.netapp.com/advisory/ntap-20200608-0001/","https://usn.ubuntu.com/4419-1/"],"published_time":"2020-05-08T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10693","summary":"A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00282,"ranking_epss":0.51551,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693","https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E","https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E","https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E","https://www.oracle.com/security-alerts/cpuapr2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693","https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E","https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E","https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E","https://www.oracle.com/security-alerts/cpuapr2022.html"],"published_time":"2020-05-06T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-12458","summary":"An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0007,"ranking_epss":0.21324,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/CVE-2020-12458","https://bugzilla.redhat.com/show_bug.cgi?id=1827765","https://github.com/grafana/grafana/issues/8283","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/","https://security.netapp.com/advisory/ntap-20200518-0001/","https://access.redhat.com/security/cve/CVE-2020-12458","https://bugzilla.redhat.com/show_bug.cgi?id=1827765","https://github.com/grafana/grafana/issues/8283","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A/","https://security.netapp.com/advisory/ntap-20200518-0001/"],"published_time":"2020-04-29T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-12430","summary":"An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00859,"ranking_epss":0.75008,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1804548","https://bugzilla.redhat.com/show_bug.cgi?id=1828190","https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/","https://security.netapp.com/advisory/ntap-20200518-0003/","https://usn.ubuntu.com/4371-1/","https://bugzilla.redhat.com/show_bug.cgi?id=1804548","https://bugzilla.redhat.com/show_bug.cgi?id=1828190","https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581","https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/","https://security.netapp.com/advisory/ntap-20200518-0003/","https://usn.ubuntu.com/4371-1/"],"published_time":"2020-04-28T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1722","summary":"A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.4,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00368,"ranking_epss":0.58736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1722","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1722"],"published_time":"2020-04-27T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1751","summary":"An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.","cvss":5.1,"cvss_version":3.0,"cvss_v2":5.9,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00138,"ranking_epss":0.33566,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751","https://security.gentoo.org/glsa/202006-04","https://security.netapp.com/advisory/ntap-20200430-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=25423","https://usn.ubuntu.com/4416-1/","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751","https://security.gentoo.org/glsa/202006-04","https://security.netapp.com/advisory/ntap-20200430-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=25423","https://usn.ubuntu.com/4416-1/"],"published_time":"2020-04-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-11868","summary":"ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.","cvss":5.9,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01301,"ranking_epss":0.7973,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html","http://support.ntp.org/bin/view/Main/NtpBug3592","https://bugzilla.redhat.com/show_bug.cgi?id=1716665","https://lists.debian.org/debian-lts-announce/2020/05/msg00004.html","https://security.gentoo.org/glsa/202007-12","https://security.netapp.com/advisory/ntap-20200424-0002/","https://www.oracle.com//security-alerts/cpujul2021.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html","http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html","http://support.ntp.org/bin/view/Main/NtpBug3592","https://bugzilla.redhat.com/show_bug.cgi?id=1716665","https://lists.debian.org/debian-lts-announce/2020/05/msg00004.html","https://security.gentoo.org/glsa/202007-12","https://security.netapp.com/advisory/ntap-20200424-0002/","https://www.oracle.com//security-alerts/cpujul2021.html"],"published_time":"2020-04-17T04:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1730","summary":"A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/","https://security.netapp.com/advisory/ntap-20200424-0001/","https://usn.ubuntu.com/4327-1/","https://www.libssh.org/security/advisories/CVE-2020-1730.txt","https://www.oracle.com/security-alerts/cpuoct2020.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VLSWHBQ3EPKGTGLQNH554Z746BJ3C554/","https://security.netapp.com/advisory/ntap-20200424-0001/","https://usn.ubuntu.com/4327-1/","https://www.libssh.org/security/advisories/CVE-2020-1730.txt","https://www.oracle.com/security-alerts/cpuoct2020.html"],"published_time":"2020-04-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-11669","summary":"An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html","https://access.redhat.com/errata/RHSA-2019:3517","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2","https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0","https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html","https://security.netapp.com/advisory/ntap-20200430-0001/","https://usn.ubuntu.com/4363-1/","https://usn.ubuntu.com/4368-1/","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html","https://access.redhat.com/errata/RHSA-2019:3517","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2","https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0","https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html","https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html","https://security.netapp.com/advisory/ntap-20200430-0001/","https://usn.ubuntu.com/4363-1/","https://usn.ubuntu.com/4368-1/"],"published_time":"2020-04-10T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2732","summary":"A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.","cvss":5.8,"cvss_version":3.0,"cvss_v2":2.3,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00438,"ranking_epss":0.63094,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1805135","https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec","https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c","https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d","https://linux.oracle.com/errata/ELSA-2020-5540.html","https://linux.oracle.com/errata/ELSA-2020-5542.html","https://linux.oracle.com/errata/ELSA-2020-5543.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://www.debian.org/security/2020/dsa-4667","https://www.debian.org/security/2020/dsa-4698","https://www.openwall.com/lists/oss-security/2020/02/25/3","https://www.spinics.net/lists/kvm/msg208259.html","https://bugzilla.redhat.com/show_bug.cgi?id=1805135","https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec","https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c","https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d","https://linux.oracle.com/errata/ELSA-2020-5540.html","https://linux.oracle.com/errata/ELSA-2020-5542.html","https://linux.oracle.com/errata/ELSA-2020-5543.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://www.debian.org/security/2020/dsa-4667","https://www.debian.org/security/2020/dsa-4698","https://www.openwall.com/lists/oss-security/2020/02/25/3","https://www.spinics.net/lists/kvm/msg208259.html"],"published_time":"2020-04-08T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-10696","summary":"A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00301,"ranking_epss":0.53414,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2020-10696","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10696","https://github.com/containers/buildah/pull/2245","https://access.redhat.com/security/cve/cve-2020-10696","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10696","https://github.com/containers/buildah/pull/2245"],"published_time":"2020-03-31T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1712","summary":"A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28599,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712","https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54","https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb","https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d","https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2","https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html","https://www.openwall.com/lists/oss-security/2020/02/05/1","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712","https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54","https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb","https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d","https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2","https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html","https://www.openwall.com/lists/oss-security/2020/02/05/1"],"published_time":"2020-03-31T17:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10179","summary":"A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00451,"ranking_epss":0.63694,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179"],"published_time":"2020-03-20T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10221","summary":"A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00694,"ranking_epss":0.71887,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221"],"published_time":"2020-03-20T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10146","summary":"A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.","cvss":4.7,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00191,"ranking_epss":0.40964,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146"],"published_time":"2020-03-18T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1720","summary":"A flaw was found in PostgreSQL's \"ALTER ... DEPENDS ON EXTENSION\", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et al., leading to database corruption. This issue affects PostgreSQL versions before 12.2, before 11.7, before 10.12 and before 9.6.17.","cvss":3.1,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00351,"ranking_epss":0.57539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720","https://www.postgresql.org/about/news/2011/","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1720","https://www.postgresql.org/about/news/2011/"],"published_time":"2020-03-17T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2014-4650","summary":"The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.07232,"ranking_epss":0.91622,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://bugs.python.org/issue21766","http://openwall.com/lists/oss-security/2014/06/26/3","https://access.redhat.com/security/cve/cve-2014-4650","http://bugs.python.org/issue21766","http://openwall.com/lists/oss-security/2014/06/26/3","https://access.redhat.com/security/cve/cve-2014-4650"],"published_time":"2020-02-20T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2014-8089","summary":"SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands via a null byte.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01121,"ranking_epss":0.7825,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://framework.zend.com/security/advisory/ZF2014-06","http://seclists.org/oss-sec/2014/q4/276","http://www.securityfocus.com/bid/70011","https://bugzilla.redhat.com/show_bug.cgi?id=1151277","http://framework.zend.com/security/advisory/ZF2014-06","http://seclists.org/oss-sec/2014/q4/276","http://www.securityfocus.com/bid/70011","https://bugzilla.redhat.com/show_bug.cgi?id=1151277"],"published_time":"2020-02-17T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-8945","summary":"The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01939,"ranking_epss":0.8342,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0679","https://access.redhat.com/errata/RHSA-2020:0689","https://access.redhat.com/errata/RHSA-2020:0697","https://bugzilla.redhat.com/show_bug.cgi?id=1795838","https://github.com/containers/image/commit/4c7a23f82ef09127b0ff28366d1cf31316dd6cc1","https://github.com/proglottis/gpgme/compare/v0.1.0...v0.1.1","https://github.com/proglottis/gpgme/pull/23","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6P6SSNKN4H6GSEVROHBDXA64PX7EOED/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDBT77KV3U7BESJX3P4S4MPVDGRTAQA2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXV7NZELYWRRCXATXU3FYD3G3WJT3WYM/","https://access.redhat.com/errata/RHSA-2020:0679","https://access.redhat.com/errata/RHSA-2020:0689","https://access.redhat.com/errata/RHSA-2020:0697","https://bugzilla.redhat.com/show_bug.cgi?id=1795838","https://github.com/containers/image/commit/4c7a23f82ef09127b0ff28366d1cf31316dd6cc1","https://github.com/proglottis/gpgme/compare/v0.1.0...v0.1.1","https://github.com/proglottis/gpgme/pull/23","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6P6SSNKN4H6GSEVROHBDXA64PX7EOED/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDBT77KV3U7BESJX3P4S4MPVDGRTAQA2/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXV7NZELYWRRCXATXU3FYD3G3WJT3WYM/"],"published_time":"2020-02-12T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-8595","summary":"Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match.","cvss":7.3,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":7.3,"cvss_v4":null,"epss":0.0106,"ranking_epss":0.77636,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0477","https://access.redhat.com/security/cve/cve-2020-8595","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-8595","https://github.com/istio/istio/commits/master","https://istio.io/news/security/","https://istio.io/news/security/istio-security-2020-001/","https://access.redhat.com/errata/RHSA-2020:0477","https://access.redhat.com/security/cve/cve-2020-8595","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-8595","https://github.com/istio/istio/commits/master","https://istio.io/news/security/","https://istio.io/news/security/istio-security-2020-001/"],"published_time":"2020-02-12T15:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1726","summary":"A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.","cvss":5.9,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00163,"ranking_epss":0.37182,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00097.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00103.html","https://access.redhat.com/errata/RHSA-2020:0680","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1726","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00097.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00103.html","https://access.redhat.com/errata/RHSA-2020:0680","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1726"],"published_time":"2020-02-11T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1711","summary":"An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.","cvss":7.7,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00559,"ranking_epss":0.68236,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html","https://access.redhat.com/errata/RHSA-2020:0669","https://access.redhat.com/errata/RHSA-2020:0730","https://access.redhat.com/errata/RHSA-2020:0731","https://access.redhat.com/errata/RHSA-2020:0773","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711","https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html","https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html","https://security.gentoo.org/glsa/202005-02","https://usn.ubuntu.com/4283-1/","https://www.openwall.com/lists/oss-security/2020/01/23/3","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html","https://access.redhat.com/errata/RHSA-2020:0669","https://access.redhat.com/errata/RHSA-2020:0730","https://access.redhat.com/errata/RHSA-2020:0731","https://access.redhat.com/errata/RHSA-2020:0773","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1711","https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html","https://lists.gnu.org/archive/html/qemu-devel/2020-01/msg05535.html","https://security.gentoo.org/glsa/202005-02","https://usn.ubuntu.com/4283-1/","https://www.openwall.com/lists/oss-security/2020/01/23/3"],"published_time":"2020-02-11T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2009-4067","summary":"Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00636,"ranking_epss":0.70454,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=722393","http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf","https://bugzilla.redhat.com/show_bug.cgi?id=722393"],"published_time":"2020-02-11T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-4512","summary":"The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to \"type confusion.\"","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11497,"ranking_epss":0.93614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html","http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html","http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352","http://rhn.redhat.com/errata/RHSA-2012-1416.html","http://rhn.redhat.com/errata/RHSA-2012-1418.html","http://secunia.com/advisories/51097","http://secunia.com/advisories/51145","http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc","http://www.openwall.com/lists/oss-security/2012/10/11/11","http://www.openwall.com/lists/oss-security/2012/10/30/6","http://www.securitytracker.com/id?1027709","http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html","http://em386.blogspot.com/2010/12/webkit-css-type-confusion.html","http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=a872c8a969a8bd3706253d6ba24088e4f07f3352","http://rhn.redhat.com/errata/RHSA-2012-1416.html","http://rhn.redhat.com/errata/RHSA-2012-1418.html","http://secunia.com/advisories/51097","http://secunia.com/advisories/51145","http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc","http://www.openwall.com/lists/oss-security/2012/10/11/11","http://www.openwall.com/lists/oss-security/2012/10/30/6","http://www.securitytracker.com/id?1027709"],"published_time":"2020-02-08T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2015-5741","summary":"The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01751,"ranking_epss":0.8256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html","http://seclists.org/oss-sec/2015/q3/237","http://seclists.org/oss-sec/2015/q3/292","http://seclists.org/oss-sec/2015/q3/294","https://bugzilla.redhat.com/show_bug.cgi?id=1250352","https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168029.html","http://seclists.org/oss-sec/2015/q3/237","http://seclists.org/oss-sec/2015/q3/292","http://seclists.org/oss-sec/2015/q3/294","https://bugzilla.redhat.com/show_bug.cgi?id=1250352","https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f"],"published_time":"2020-02-08T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-13163","summary":"The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32163,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html","https://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/interstage-systemwalker-tls-202001.html"],"published_time":"2020-02-07T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-15604","summary":"Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.03533,"ranking_epss":0.87666,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://hackerone.com/reports/746733","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://hackerone.com/reports/746733","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html"],"published_time":"2020-02-07T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-15605","summary":"HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.32252,"ranking_epss":0.96834,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://access.redhat.com/errata/RHSA-2020:0703","https://access.redhat.com/errata/RHSA-2020:0707","https://access.redhat.com/errata/RHSA-2020:0708","https://hackerone.com/reports/735748","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CT3WTR4P5VAJ3GJGKPYEDUPTNZ3IEDUR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLB676PDU4RJQLWQUA277YNGYYNEYGWO/","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://access.redhat.com/errata/RHSA-2020:0703","https://access.redhat.com/errata/RHSA-2020:0707","https://access.redhat.com/errata/RHSA-2020:0708","https://hackerone.com/reports/735748","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CT3WTR4P5VAJ3GJGKPYEDUPTNZ3IEDUR/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLB676PDU4RJQLWQUA277YNGYYNEYGWO/","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html"],"published_time":"2020-02-07T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-15606","summary":"Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01338,"ranking_epss":0.79998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://hackerone.com/reports/730779","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0598","https://access.redhat.com/errata/RHSA-2020:0602","https://hackerone.com/reports/730779","https://nodejs.org/en/blog/release/v10.19.0/","https://nodejs.org/en/blog/release/v12.15.0/","https://nodejs.org/en/blog/release/v13.8.0/","https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/","https://security.gentoo.org/glsa/202003-48","https://security.netapp.com/advisory/ntap-20200221-0004/","https://www.debian.org/security/2020/dsa-4669","https://www.oracle.com//security-alerts/cpujul2021.html","https://www.oracle.com/security-alerts/cpuapr2020.html"],"published_time":"2020-02-07T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2015-6815","summary":"The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.","cvss":3.5,"cvss_version":3.0,"cvss_v2":2.7,"cvss_v3":3.5,"cvss_v4":null,"epss":0.01574,"ranking_epss":0.8154,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html","http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html","http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html","http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html","http://www.openwall.com/lists/oss-security/2015/09/04/4","http://www.openwall.com/lists/oss-security/2015/09/05/5","http://www.ubuntu.com/usn/USN-2745-1","https://bugzilla.redhat.com/show_bug.cgi?id=1260076","https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html","https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html","https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html","http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html","http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html","http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html","http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html","http://www.openwall.com/lists/oss-security/2015/09/04/4","http://www.openwall.com/lists/oss-security/2015/09/05/5","http://www.ubuntu.com/usn/USN-2745-1","https://bugzilla.redhat.com/show_bug.cgi?id=1260076","https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html","https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html","https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"],"published_time":"2020-01-31T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-20444","summary":"HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an \"invalid fold.\"","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.14873,"ranking_epss":0.94525,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0497","https://access.redhat.com/errata/RHSA-2020:0567","https://access.redhat.com/errata/RHSA-2020:0601","https://access.redhat.com/errata/RHSA-2020:0605","https://access.redhat.com/errata/RHSA-2020:0606","https://access.redhat.com/errata/RHSA-2020:0804","https://access.redhat.com/errata/RHSA-2020:0805","https://access.redhat.com/errata/RHSA-2020:0806","https://access.redhat.com/errata/RHSA-2020:0811","https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Final","https://github.com/netty/netty/issues/9866","https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-20444/5.0.0.Alpha1/exploit","https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e@%3Ccommits.camel.apache.org%3E","https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r0f5e72d5f69b4720dfe64fcbc2da9afae949ed1e9cbffa84bb7d92d7@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d@%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f@%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4@%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d@%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986@%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f@%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593@%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7@%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f@%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6@%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e@%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2@%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9@%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948@%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41@%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f@%3Cdev.flink.apache.org%3E","https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114@%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/","https://usn.ubuntu.com/4532-1/","https://www.debian.org/security/2021/dsa-4885","https://access.redhat.com/errata/RHSA-2020:0497","https://access.redhat.com/errata/RHSA-2020:0567","https://access.redhat.com/errata/RHSA-2020:0601","https://access.redhat.com/errata/RHSA-2020:0605","https://access.redhat.com/errata/RHSA-2020:0606","https://access.redhat.com/errata/RHSA-2020:0804","https://access.redhat.com/errata/RHSA-2020:0805","https://access.redhat.com/errata/RHSA-2020:0806","https://access.redhat.com/errata/RHSA-2020:0811","https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Final","https://github.com/netty/netty/issues/9866","https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e%40%3Ccommits.camel.apache.org%3E","https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r0f5e72d5f69b4720dfe64fcbc2da9afae949ed1e9cbffa84bb7d92d7%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4%40%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6%40%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9%40%3Ccommon-commits.hadoop.apache.org%3E","https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41%40%3Ccommon-issues.hadoop.apache.org%3E","https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f%40%3Cdev.flink.apache.org%3E","https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114%40%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/","https://usn.ubuntu.com/4532-1/","https://www.debian.org/security/2021/dsa-4885"],"published_time":"2020-01-29T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-20445","summary":"HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.02837,"ranking_epss":0.86189,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0497","https://access.redhat.com/errata/RHSA-2020:0567","https://access.redhat.com/errata/RHSA-2020:0601","https://access.redhat.com/errata/RHSA-2020:0605","https://access.redhat.com/errata/RHSA-2020:0606","https://access.redhat.com/errata/RHSA-2020:0804","https://access.redhat.com/errata/RHSA-2020:0805","https://access.redhat.com/errata/RHSA-2020:0806","https://access.redhat.com/errata/RHSA-2020:0811","https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Final","https://github.com/netty/netty/issues/9861","https://lists.apache.org/thread.html/r030beff88aeb6d7a2d6cd21342bd18686153ce6e26a4171d0e035663%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r46f93de62b1e199f3f9babb18128681677c53493546f532ed88c359d%40%3Creviews.spark.apache.org%3E","https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r4ff40646e9ccce13560458419accdfc227b8b6ca4ead3a8a91decc74%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r81700644754e66ffea465c869cb477de25f8041e21598e8818fc2c45%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rb5c065e7bd701b0744f9f28ad769943f91745102716c1eb516325f11%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rbdb59c683d666130906a9c05a1d2b034c4cc08cda7ed41322bd54fe2%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f%40%3Cdev.flink.apache.org%3E","https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114%40%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/","https://usn.ubuntu.com/4532-1/","https://www.debian.org/security/2021/dsa-4885","https://access.redhat.com/errata/RHSA-2020:0497","https://access.redhat.com/errata/RHSA-2020:0567","https://access.redhat.com/errata/RHSA-2020:0601","https://access.redhat.com/errata/RHSA-2020:0605","https://access.redhat.com/errata/RHSA-2020:0606","https://access.redhat.com/errata/RHSA-2020:0804","https://access.redhat.com/errata/RHSA-2020:0805","https://access.redhat.com/errata/RHSA-2020:0806","https://access.redhat.com/errata/RHSA-2020:0811","https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Final","https://github.com/netty/netty/issues/9861","https://lists.apache.org/thread.html/r030beff88aeb6d7a2d6cd21342bd18686153ce6e26a4171d0e035663%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r46f93de62b1e199f3f9babb18128681677c53493546f532ed88c359d%40%3Creviews.spark.apache.org%3E","https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r4ff40646e9ccce13560458419accdfc227b8b6ca4ead3a8a91decc74%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r81700644754e66ffea465c869cb477de25f8041e21598e8818fc2c45%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d%40%3Ccommits.cassandra.apache.org%3E","https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986%40%3Cdev.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f%40%3Cdev.geode.apache.org%3E","https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593%40%3Cissues.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rb5c065e7bd701b0744f9f28ad769943f91745102716c1eb516325f11%40%3Cissues.spark.apache.org%3E","https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f%40%3Ccommits.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rbdb59c683d666130906a9c05a1d2b034c4cc08cda7ed41322bd54fe2%40%3Cissues.flume.apache.org%3E","https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e%40%3Cissues.flink.apache.org%3E","https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2%40%3Ccommits.pulsar.apache.org%3E","https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f%40%3Cdev.flink.apache.org%3E","https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b%40%3Cnotifications.zookeeper.apache.org%3E","https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114%40%3Ccommits.druid.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html","https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html","https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/","https://usn.ubuntu.com/4532-1/","https://www.debian.org/security/2021/dsa-4885"],"published_time":"2020-01-29T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2015-0294","summary":"GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00584,"ranking_epss":0.69007,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.debian.org/security/2015/dsa-3191","https://bugzilla.redhat.com/show_bug.cgi?id=1196323","https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff","http://www.debian.org/security/2015/dsa-3191","https://bugzilla.redhat.com/show_bug.cgi?id=1196323","https://gitlab.com/gnutls/gnutls/commit/6e76e9b9fa845b76b0b9a45f05f4b54a052578ff"],"published_time":"2020-01-27T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-17570","summary":"An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.70524,"ranking_epss":0.98691,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2020/01/24/2","https://access.redhat.com/errata/RHSA-2020:0310","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-17570%3B","https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp","https://lists.apache.org/thread.html/846551673bbb7ec8d691008215384bcef03a3fb004d2da845cfe88ee%401390230951%40%3Cdev.ws.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/01/msg00033.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3QCRLJYQRGVTIYF4BXYRFSF3ONP3TBF/","https://seclists.org/bugtraq/2020/Feb/8","https://security.gentoo.org/glsa/202401-26","https://usn.ubuntu.com/4496-1/","https://www.debian.org/security/2020/dsa-4619","http://www.openwall.com/lists/oss-security/2020/01/24/2","https://access.redhat.com/errata/RHSA-2020:0310","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-17570%3B","https://github.com/orangecertcc/security-research/security/advisories/GHSA-x2r6-4m45-m4jp","https://lists.apache.org/thread.html/846551673bbb7ec8d691008215384bcef03a3fb004d2da845cfe88ee%401390230951%40%3Cdev.ws.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/01/msg00033.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3QCRLJYQRGVTIYF4BXYRFSF3ONP3TBF/","https://seclists.org/bugtraq/2020/Feb/8","https://security.gentoo.org/glsa/202401-26","https://usn.ubuntu.com/4496-1/","https://www.debian.org/security/2020/dsa-4619"],"published_time":"2020-01-23T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14907","summary":"All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with \"log level = 3\" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":6.5,"cvss_v4":null,"epss":0.10242,"ranking_epss":0.93148,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14907","https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html","https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/","https://security.gentoo.org/glsa/202003-52","https://security.netapp.com/advisory/ntap-20200122-0001/","https://usn.ubuntu.com/4244-1/","https://www.samba.org/samba/security/CVE-2019-14907.html","https://www.synology.com/security/advisory/Synology_SA_20_01","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14907","https://lists.debian.org/debian-lts-announce/2021/05/msg00023.html","https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ACZVNMIFQGGXNJPMHAVBN3H2U65FXQY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GQ6U65I2K23YJC4FESW477WL55TU3PPT/","https://security.gentoo.org/glsa/202003-52","https://security.netapp.com/advisory/ntap-20200122-0001/","https://usn.ubuntu.com/4244-1/","https://www.samba.org/samba/security/CVE-2019-14907.html","https://www.synology.com/security/advisory/Synology_SA_20_01"],"published_time":"2020-01-21T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19339","summary":"It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor. System software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor's Memory Management Unit (MMU) uses Paging structure entries to translate program's virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called - Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses. System software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor's TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00117,"ranking_epss":0.30539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19339"],"published_time":"2020-01-17T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-9503","summary":"The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.","cvss":7.9,"cvss_version":3.0,"cvss_v2":7.9,"cvss_v3":7.9,"cvss_v4":null,"epss":0.00514,"ranking_epss":0.66573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html","https://bugzilla.redhat.com/show_bug.cgi?id=1701842","https://bugzilla.suse.com/show_bug.cgi?id=1132828","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4176ec356c73a46c07c181c6d04039fafa34a9f","https://kb.cert.org/vuls/id/166939/","https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9503.html","https://security-tracker.debian.org/tracker/CVE-2019-9503","https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html","https://bugzilla.redhat.com/show_bug.cgi?id=1701842","https://bugzilla.suse.com/show_bug.cgi?id=1132828","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4176ec356c73a46c07c181c6d04039fafa34a9f","https://kb.cert.org/vuls/id/166939/","https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9503.html","https://security-tracker.debian.org/tracker/CVE-2019-9503"],"published_time":"2020-01-16T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2654","summary":"Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00339,"ranking_epss":0.56709,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2655","summary":"Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).","cvss":4.8,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":4.8,"cvss_v4":null,"epss":0.02147,"ranking_epss":0.8423,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0232","https://seclists.org/bugtraq/2020/Jan/24","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0232","https://seclists.org/bugtraq/2020/Jan/24","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2659","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00293,"ranking_epss":0.52625,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2601","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).","cvss":6.8,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00714,"ranking_epss":0.72328,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2604","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).","cvss":8.1,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01699,"ranking_epss":0.82282,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2021.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2021.html"],"published_time":"2020-01-15T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2583","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00519,"ranking_epss":0.66791,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2590","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00449,"ranking_epss":0.63594,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-2593","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).","cvss":4.8,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":4.8,"cvss_v4":null,"epss":0.0064,"ranking_epss":0.70542,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00060.html","https://access.redhat.com/errata/RHSA-2020:0122","https://access.redhat.com/errata/RHSA-2020:0128","https://access.redhat.com/errata/RHSA-2020:0157","https://access.redhat.com/errata/RHSA-2020:0196","https://access.redhat.com/errata/RHSA-2020:0202","https://access.redhat.com/errata/RHSA-2020:0231","https://access.redhat.com/errata/RHSA-2020:0232","https://access.redhat.com/errata/RHSA-2020:0465","https://access.redhat.com/errata/RHSA-2020:0467","https://access.redhat.com/errata/RHSA-2020:0468","https://access.redhat.com/errata/RHSA-2020:0469","https://access.redhat.com/errata/RHSA-2020:0470","https://access.redhat.com/errata/RHSA-2020:0541","https://access.redhat.com/errata/RHSA-2020:0632","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://lists.debian.org/debian-lts-announce/2020/02/msg00034.html","https://seclists.org/bugtraq/2020/Feb/22","https://seclists.org/bugtraq/2020/Jan/24","https://security.gentoo.org/glsa/202101-19","https://security.netapp.com/advisory/ntap-20200122-0003/","https://usn.ubuntu.com/4257-1/","https://www.debian.org/security/2020/dsa-4605","https://www.debian.org/security/2020/dsa-4621","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2020-01-15T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0602","summary":"A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04034,"ranking_epss":0.88495,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0130","https://access.redhat.com/errata/RHSA-2020:0134","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602","https://access.redhat.com/errata/RHSA-2020:0130","https://access.redhat.com/errata/RHSA-2020:0134","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0602"],"published_time":"2020-01-14T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0603","summary":"A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10785,"ranking_epss":0.93348,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0130","https://access.redhat.com/errata/RHSA-2020:0134","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603","https://access.redhat.com/errata/RHSA-2020:0130","https://access.redhat.com/errata/RHSA-2020:0134","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0603"],"published_time":"2020-01-14T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-6851","summary":"OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01434,"ranking_epss":0.80679,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0262","https://access.redhat.com/errata/RHSA-2020:0274","https://access.redhat.com/errata/RHSA-2020:0296","https://github.com/uclouvain/openjpeg/issues/1228","https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com/security-alerts/cpujul2020.html","https://access.redhat.com/errata/RHSA-2020:0262","https://access.redhat.com/errata/RHSA-2020:0274","https://access.redhat.com/errata/RHSA-2020:0296","https://github.com/uclouvain/openjpeg/issues/1228","https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html","https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/","https://www.debian.org/security/2021/dsa-4882","https://www.oracle.com/security-alerts/cpujul2020.html"],"published_time":"2020-01-13T06:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-2142","summary":"The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01333,"ranking_epss":0.79963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40","http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f","http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html","http://www.openwall.com/lists/oss-security/2013/08/09/5","http://www.openwall.com/lists/oss-security/2013/08/09/6","https://bugzilla.redhat.com/show_bug.cgi?id=789936","http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40","http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f","http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html","http://www.openwall.com/lists/oss-security/2013/08/09/5","http://www.openwall.com/lists/oss-security/2013/08/09/6","https://bugzilla.redhat.com/show_bug.cgi?id=789936"],"published_time":"2020-01-09T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19332","summary":"An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.","cvss":6.1,"cvss_version":3.0,"cvss_v2":5.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06153,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/","https://security.netapp.com/advisory/ntap-20200204-0002/","https://usn.ubuntu.com/4254-1/","https://usn.ubuntu.com/4254-2/","https://usn.ubuntu.com/4258-1/","https://usn.ubuntu.com/4284-1/","https://usn.ubuntu.com/4287-1/","https://usn.ubuntu.com/4287-2/","https://www.openwall.com/lists/oss-security/2019/12/16/1","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/","https://security.netapp.com/advisory/ntap-20200204-0002/","https://usn.ubuntu.com/4254-1/","https://usn.ubuntu.com/4254-2/","https://usn.ubuntu.com/4258-1/","https://usn.ubuntu.com/4284-1/","https://usn.ubuntu.com/4287-1/","https://usn.ubuntu.com/4287-2/","https://www.openwall.com/lists/oss-security/2019/12/16/1"],"published_time":"2020-01-09T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-17024","summary":"Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.03276,"ranking_epss":0.87171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html","http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html","https://access.redhat.com/errata/RHSA-2020:0085","https://access.redhat.com/errata/RHSA-2020:0086","https://access.redhat.com/errata/RHSA-2020:0111","https://access.redhat.com/errata/RHSA-2020:0120","https://access.redhat.com/errata/RHSA-2020:0123","https://access.redhat.com/errata/RHSA-2020:0127","https://access.redhat.com/errata/RHSA-2020:0292","https://access.redhat.com/errata/RHSA-2020:0295","https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507180%2C1595470%2C1598605%2C1601826","https://lists.debian.org/debian-lts-announce/2020/01/msg00005.html","https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html","https://seclists.org/bugtraq/2020/Jan/12","https://seclists.org/bugtraq/2020/Jan/18","https://seclists.org/bugtraq/2020/Jan/26","https://security.gentoo.org/glsa/202003-02","https://usn.ubuntu.com/4234-1/","https://usn.ubuntu.com/4241-1/","https://usn.ubuntu.com/4335-1/","https://www.debian.org/security/2020/dsa-4600","https://www.debian.org/security/2020/dsa-4603","https://www.mozilla.org/security/advisories/mfsa2020-01/","https://www.mozilla.org/security/advisories/mfsa2020-02/","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html","http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html","https://access.redhat.com/errata/RHSA-2020:0085","https://access.redhat.com/errata/RHSA-2020:0086","https://access.redhat.com/errata/RHSA-2020:0111","https://access.redhat.com/errata/RHSA-2020:0120","https://access.redhat.com/errata/RHSA-2020:0123","https://access.redhat.com/errata/RHSA-2020:0127","https://access.redhat.com/errata/RHSA-2020:0292","https://access.redhat.com/errata/RHSA-2020:0295","https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507180%2C1595470%2C1598605%2C1601826","https://lists.debian.org/debian-lts-announce/2020/01/msg00005.html","https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html","https://seclists.org/bugtraq/2020/Jan/12","https://seclists.org/bugtraq/2020/Jan/18","https://seclists.org/bugtraq/2020/Jan/26","https://security.gentoo.org/glsa/202003-02","https://usn.ubuntu.com/4234-1/","https://usn.ubuntu.com/4241-1/","https://usn.ubuntu.com/4335-1/","https://www.debian.org/security/2020/dsa-4600","https://www.debian.org/security/2020/dsa-4603","https://www.mozilla.org/security/advisories/mfsa2020-01/","https://www.mozilla.org/security/advisories/mfsa2020-02/"],"published_time":"2020-01-08T22:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14906","summary":"A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. This issue only affects Red Hat SDL packages, SDL versions through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow flaw while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or execute code.","cvss":8.1,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.0107,"ranking_epss":0.77724,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14906","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14906"],"published_time":"2020-01-07T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14866","summary":"In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system.","cvss":6.7,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09272,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866","https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html","https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html","https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866","https://lists.debian.org/debian-lts-announce/2023/06/msg00007.html","https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html","https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html"],"published_time":"2020-01-07T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-4451","summary":"Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\\PubSubHubbub, (3) Log\\Formatter\\Xml, (4) Tag\\Cloud\\Decorator, (5) Uri, (6) View\\Helper\\HeadStyle, (7) View\\Helper\\Navigation\\Sitemap, or (8) View\\Helper\\Placeholder\\Container\\AbstractStandalone, related to Escaper.","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.01779,"ranking_epss":0.82691,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://framework.zend.com/security/advisory/ZF2012-03","http://seclists.org/oss-sec/2012/q3/571","http://seclists.org/oss-sec/2012/q3/573","http://www.securityfocus.com/bid/55636","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688946#10","https://bugs.gentoo.org/show_bug.cgi?id=436210","https://bugzilla.redhat.com/show_bug.cgi?id=860738","https://github.com/zendframework/zf2/commit/27131ca9520bdf1d4c774c71459eba32f2b10733","http://framework.zend.com/security/advisory/ZF2012-03","http://seclists.org/oss-sec/2012/q3/571","http://seclists.org/oss-sec/2012/q3/573","http://www.securityfocus.com/bid/55636","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688946#10","https://bugs.gentoo.org/show_bug.cgi?id=436210","https://bugzilla.redhat.com/show_bug.cgi?id=860738","https://github.com/zendframework/zf2/commit/27131ca9520bdf1d4c774c71459eba32f2b10733"],"published_time":"2020-01-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14864","summary":"Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data.","cvss":5.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00964,"ranking_epss":0.76542,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14864","https://github.com/ansible/ansible/issues/63522","https://github.com/ansible/ansible/pull/63527","https://www.debian.org/security/2021/dsa-4950","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14864","https://github.com/ansible/ansible/issues/63522","https://github.com/ansible/ansible/pull/63527","https://www.debian.org/security/2021/dsa-4950"],"published_time":"2020-01-02T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-3585","summary":"Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.","cvss":4.7,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":4.7,"cvss_v4":null,"epss":0.0055,"ranking_epss":0.67949,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=742907","https://bugzilla.samba.org/show_bug.cgi?id=7179","https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee0294d9b371071cb08268200","https://www.openwall.com/lists/oss-security/2011/09/27/1","https://www.openwall.com/lists/oss-security/2011/09/30/5","https://bugzilla.redhat.com/show_bug.cgi?id=742907","https://bugzilla.samba.org/show_bug.cgi?id=7179","https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee0294d9b371071cb08268200","https://www.openwall.com/lists/oss-security/2011/09/27/1","https://www.openwall.com/lists/oss-security/2011/09/30/5"],"published_time":"2019-12-31T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-0196","summary":"A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.2929,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2013-0196","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196","https://access.redhat.com/security/cve/cve-2013-0196","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196"],"published_time":"2019-12-30T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18389","summary":"A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00338,"ranking_epss":0.56654,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18389","https://bugzilla.redhat.com/show_bug.cgi?id=1765577","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/cbc8d8b75be360236cada63784046688aeb6d921","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=9c280a28651507e6ef87b17b90d47b6af3a4ab7d","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18389","https://bugzilla.redhat.com/show_bug.cgi?id=1765577","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/cbc8d8b75be360236cada63784046688aeb6d921","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=9c280a28651507e6ef87b17b90d47b6af3a4ab7d","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"],"published_time":"2019-12-23T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18390","summary":"An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29805,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18390","https://bugzilla.redhat.com/show_bug.cgi?id=1765584","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18390","https://bugzilla.redhat.com/show_bug.cgi?id=1765584","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"],"published_time":"2019-12-23T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18391","summary":"A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29303,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18391","https://bugzilla.redhat.com/show_bug.cgi?id=1765589","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=8c9cfb4e425542e96f0717189fe4658555baaf08","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00028.html","https://access.redhat.com/security/cve/cve-2019-18391","https://bugzilla.redhat.com/show_bug.cgi?id=1765589","https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971","https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=8c9cfb4e425542e96f0717189fe4658555baaf08","https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html"],"published_time":"2019-12-23T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19340","summary":"A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where enabling RabbitMQ manager by setting it with '-e rabbitmq_enable_manager=true' exposes the RabbitMQ management interface publicly, as expected. If the default admin user is still active, an attacker could guess the password and gain access to the system.","cvss":8.2,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":8.2,"cvss_v4":null,"epss":0.0041,"ranking_epss":0.61313,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19340","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19340"],"published_time":"2019-12-19T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19906","summary":"cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00354,"ranking_epss":0.57798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/fulldisclosure/2020/Jul/23","http://seclists.org/fulldisclosure/2020/Jul/24","http://www.openwall.com/lists/oss-security/2022/02/23/4","https://github.com/cyrusimap/cyrus-sasl/issues/587","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00027.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MW6GZCLECGL2PBNHVNPJIX4RPVRVFR7R/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OB4GSVOJ6ESHQNT5GSV63OX5D4KPSTGT/","https://seclists.org/bugtraq/2019/Dec/42","https://support.apple.com/kb/HT211288","https://support.apple.com/kb/HT211289","https://usn.ubuntu.com/4256-1/","https://www.debian.org/security/2019/dsa-4591","https://www.openldap.org/its/index.cgi/Incoming?id=9123","http://seclists.org/fulldisclosure/2020/Jul/23","http://seclists.org/fulldisclosure/2020/Jul/24","http://www.openwall.com/lists/oss-security/2022/02/23/4","https://github.com/cyrusimap/cyrus-sasl/issues/587","https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00027.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MW6GZCLECGL2PBNHVNPJIX4RPVRVFR7R/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OB4GSVOJ6ESHQNT5GSV63OX5D4KPSTGT/","https://seclists.org/bugtraq/2019/Dec/42","https://support.apple.com/kb/HT211288","https://support.apple.com/kb/HT211289","https://usn.ubuntu.com/4256-1/","https://www.debian.org/security/2019/dsa-4591","https://www.openldap.org/its/index.cgi/Incoming?id=9123"],"published_time":"2019-12-19T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-16777","summary":"Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.","cvss":7.7,"cvss_version":3.0,"cvss_v2":5.5,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00334,"ranking_epss":0.56256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://security.gentoo.org/glsa/202003-48","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://security.gentoo.org/glsa/202003-48","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2019-12-13T01:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-16775","summary":"Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.","cvss":7.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00684,"ranking_epss":0.7165,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-m6cx-g6qm-p2cx","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-m6cx-g6qm-p2cx","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpuoct2021.html"],"published_time":"2019-12-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-16776","summary":"Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.","cvss":7.7,"cvss_version":3.0,"cvss_v2":5.5,"cvss_v3":7.7,"cvss_v4":null,"epss":0.00783,"ranking_epss":0.73737,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://www.oracle.com/security-alerts/cpujan2020.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00027.html","https://access.redhat.com/errata/RHEA-2020:0330","https://access.redhat.com/errata/RHSA-2020:0573","https://access.redhat.com/errata/RHSA-2020:0579","https://access.redhat.com/errata/RHSA-2020:0597","https://access.redhat.com/errata/RHSA-2020:0602","https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli","https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z36UKPO5F3PQ3Q2POMF5LEKXWAH5RUFP/","https://www.oracle.com/security-alerts/cpujan2020.html"],"published_time":"2019-12-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-13734","summary":"Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05904,"ranking_epss":0.90601,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html","https://access.redhat.com/errata/RHSA-2019:4238","https://access.redhat.com/errata/RHSA-2020:0227","https://access.redhat.com/errata/RHSA-2020:0229","https://access.redhat.com/errata/RHSA-2020:0273","https://access.redhat.com/errata/RHSA-2020:0451","https://access.redhat.com/errata/RHSA-2020:0463","https://access.redhat.com/errata/RHSA-2020:0476","https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html","https://crbug.com/1025466","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/","https://seclists.org/bugtraq/2020/Jan/27","https://security.gentoo.org/glsa/202003-08","https://usn.ubuntu.com/4298-1/","https://usn.ubuntu.com/4298-2/","https://www.debian.org/security/2020/dsa-4606","https://www.oracle.com/security-alerts/cpujan2022.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html","https://access.redhat.com/errata/RHSA-2019:4238","https://access.redhat.com/errata/RHSA-2020:0227","https://access.redhat.com/errata/RHSA-2020:0229","https://access.redhat.com/errata/RHSA-2020:0273","https://access.redhat.com/errata/RHSA-2020:0451","https://access.redhat.com/errata/RHSA-2020:0463","https://access.redhat.com/errata/RHSA-2020:0476","https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html","https://crbug.com/1025466","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/","https://seclists.org/bugtraq/2020/Jan/27","https://security.gentoo.org/glsa/202003-08","https://usn.ubuntu.com/4298-1/","https://usn.ubuntu.com/4298-2/","https://www.debian.org/security/2020/dsa-4606","https://www.oracle.com/security-alerts/cpujan2022.html"],"published_time":"2019-12-10T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19333","summary":"In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type \"bits\". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.","cvss":8.1,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00742,"ranking_epss":0.72969,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:4360","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19333","https://github.com/CESNET/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/","https://access.redhat.com/errata/RHSA-2019:4360","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19333","https://github.com/CESNET/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/"],"published_time":"2019-12-06T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19334","summary":"In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type \"identityref\". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.","cvss":8.1,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00781,"ranking_epss":0.73697,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:4360","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334","https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/","https://access.redhat.com/errata/RHSA-2019:4360","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334","https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/"],"published_time":"2019-12-06T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19624","summary":"An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of the heap-allocated arrays Ux and Uy.","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418","https://github.com/opencv/opencv/issues/14554","https://access.redhat.com/security/cve/cve-2019-19624","https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418","https://github.com/opencv/opencv/issues/14554"],"published_time":"2019-12-06T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-13456","summary":"In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the \"Dragonblood\" attack and CVE-2019-9494.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.9,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48191,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html","https://bugzilla.redhat.com/show_bug.cgi?id=1737663","https://freeradius.org/security/","https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa","https://wpa3.mathyvanhoef.com","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.html","https://bugzilla.redhat.com/show_bug.cgi?id=1737663","https://freeradius.org/security/","https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa","https://wpa3.mathyvanhoef.com"],"published_time":"2019-12-03T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-4235","summary":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","cvss":4.7,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00059,"ranking_epss":0.18427,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://security.gentoo.org/glsa/202210-26","https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://security.gentoo.org/glsa/202210-26"],"published_time":"2019-12-03T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14865","summary":"A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11395,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2024/02/06/3","https://access.redhat.com/errata/RHSA-2020:0335","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865","https://seclists.org/oss-sec/2019/q4/101","http://www.openwall.com/lists/oss-security/2024/02/06/3","https://access.redhat.com/errata/RHSA-2020:0335","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14865","https://seclists.org/oss-sec/2019/q4/101"],"published_time":"2019-11-29T10:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19319","summary":"In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00436,"ranking_epss":0.62936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","https://bugzilla.suse.com/show_bug.cgi?id=1158021","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=345c0dbf3a30","https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19319","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4391-1/","https://www.debian.org/security/2020/dsa-4698","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","https://bugzilla.suse.com/show_bug.cgi?id=1158021","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=345c0dbf3a30","https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19319","https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html","https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4391-1/","https://www.debian.org/security/2020/dsa-4698"],"published_time":"2019-11-27T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18660","summary":"The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.","cvss":4.7,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","http://www.openwall.com/lists/oss-security/2019/11/27/1","https://access.redhat.com/errata/RHSA-2020:0174","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/","https://seclists.org/bugtraq/2020/Jan/10","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/","https://usn.ubuntu.com/4227-1/","https://usn.ubuntu.com/4227-2/","https://usn.ubuntu.com/4228-1/","https://usn.ubuntu.com/4228-2/","https://www.openwall.com/lists/oss-security/2019/11/27/1","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","http://www.openwall.com/lists/oss-security/2019/11/27/1","https://access.redhat.com/errata/RHSA-2020:0174","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/","https://seclists.org/bugtraq/2020/Jan/10","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/","https://usn.ubuntu.com/4227-1/","https://usn.ubuntu.com/4227-2/","https://usn.ubuntu.com/4228-1/","https://usn.ubuntu.com/4228-2/","https://www.openwall.com/lists/oss-security/2019/11/27/1"],"published_time":"2019-11-27T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-2717","summary":"The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00685,"ranking_epss":0.71664,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-2717","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2717","https://vigilance.fr/vulnerability/dhcp6c-shell-command-injection-10869","https://www.openwall.com/lists/oss-security/2011/07/26/9","https://access.redhat.com/security/cve/cve-2011-2717","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2717","https://vigilance.fr/vulnerability/dhcp6c-shell-command-injection-10869","https://www.openwall.com/lists/oss-security/2011/07/26/9"],"published_time":"2019-11-27T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-2207","summary":"dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.01445,"ranking_epss":0.80739,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-2207","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627377","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207","https://security-tracker.debian.org/tracker/CVE-2011-2207","https://www.openwall.com/lists/oss-security/2011/06/15/6","https://access.redhat.com/security/cve/cve-2011-2207","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627377","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207","https://security-tracker.debian.org/tracker/CVE-2011-2207","https://www.openwall.com/lists/oss-security/2011/06/15/6"],"published_time":"2019-11-27T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-6655","summary":"An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.","cvss":3.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06066,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2014/08/16/7","http://www.securityfocus.com/bid/69245","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655","https://exchange.xforce.ibmcloud.com/vulnerabilities/95325","https://security-tracker.debian.org/tracker/CVE-2012-6655","http://www.openwall.com/lists/oss-security/2014/08/16/7","http://www.securityfocus.com/bid/69245","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655","https://exchange.xforce.ibmcloud.com/vulnerabilities/95325","https://security-tracker.debian.org/tracker/CVE-2012-6655"],"published_time":"2019-11-27T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19242","summary":"SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.002,"ranking_epss":0.4213,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c","https://usn.ubuntu.com/4205-1/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c","https://usn.ubuntu.com/4205-1/","https://www.oracle.com/security-alerts/cpuapr2020.html"],"published_time":"2019-11-27T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-4980","summary":"A password generation weakness exists in xquest through 2016-06-13.","cvss":2.5,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":2.5,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32286,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2016-4980","https://bugzilla.redhat.com/show_bug.cgi?id=1346016","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES/","https://access.redhat.com/security/cve/cve-2016-4980","https://bugzilla.redhat.com/show_bug.cgi?id=1346016","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES/"],"published_time":"2019-11-27T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10216","summary":"In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas.","cvss":7.3,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.3,"cvss_v4":null,"epss":0.00526,"ranking_epss":0.67015,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5b85ddd19","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216","https://security.gentoo.org/glsa/202004-03","http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5b85ddd19","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216","https://security.gentoo.org/glsa/202004-03"],"published_time":"2019-11-27T13:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14896","summary":"A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.","cvss":7.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00738,"ranking_epss":0.72851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html","http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14896","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/","https://usn.ubuntu.com/4227-1/","https://usn.ubuntu.com/4227-2/","https://usn.ubuntu.com/4228-1/","https://usn.ubuntu.com/4228-2/","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","http://packetstormsecurity.com/files/155879/Kernel-Live-Patch-Security-Notice-LSN-0061-1.html","http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14896","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MN6MLCN7G7VFTSXSZYXKXEFCUMFBUAXQ/","https://security.netapp.com/advisory/ntap-20200103-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/","https://usn.ubuntu.com/4227-1/","https://usn.ubuntu.com/4227-2/","https://usn.ubuntu.com/4228-1/","https://usn.ubuntu.com/4228-2/"],"published_time":"2019-11-27T09:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-3631","summary":"Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. A remote attacker could provide a specially-crafted directory tree and trick the local user into consolidating it, leading to hardlink executable crash or potentially arbitrary code execution with user privileges.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04155,"ranking_epss":0.88676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-3631","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3631","https://security-tracker.debian.org/tracker/CVE-2011-3631","https://access.redhat.com/security/cve/cve-2011-3631","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3631","https://security-tracker.debian.org/tracker/CVE-2011-3631"],"published_time":"2019-11-26T04:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-3632","summary":"Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00132,"ranking_epss":0.32713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-3632","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3632","https://security-tracker.debian.org/tracker/CVE-2011-3632","https://www.openwall.com/lists/oss-security/2011/10/15/2","https://www.openwall.com/lists/oss-security/2011/10/20/6","https://access.redhat.com/security/cve/cve-2011-3632","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3632","https://security-tracker.debian.org/tracker/CVE-2011-3632","https://www.openwall.com/lists/oss-security/2011/10/15/2","https://www.openwall.com/lists/oss-security/2011/10/20/6"],"published_time":"2019-11-26T04:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-3630","summary":"Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.03115,"ranking_epss":0.8683,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-3630","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3630","https://security-tracker.debian.org/tracker/CVE-2011-3630","https://www.openwall.com/lists/oss-security/2011/10/20/6","https://access.redhat.com/security/cve/cve-2011-3630","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645516","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3630","https://security-tracker.debian.org/tracker/CVE-2011-3630","https://www.openwall.com/lists/oss-security/2011/10/20/6"],"published_time":"2019-11-26T04:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10213","summary":"OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00428,"ranking_epss":0.62445,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:4082","https://access.redhat.com/errata/RHSA-2019:4088","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10213","https://access.redhat.com/errata/RHSA-2019:4082","https://access.redhat.com/errata/RHSA-2019:4088","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10213"],"published_time":"2019-11-25T15:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-5644","summary":"libuser has information disclosure when moving user's home directory","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20543,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html","https://access.redhat.com/security/cve/cve-2012-5644","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644","https://security-tracker.debian.org/tracker/CVE-2012-5644","http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html","https://access.redhat.com/security/cve/cve-2012-5644","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644","https://security-tracker.debian.org/tracker/CVE-2012-5644"],"published_time":"2019-11-25T15:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-5521","summary":"quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00331,"ranking_epss":0.56058,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2012/11/13/14","http://www.securityfocus.com/bid/56530","https://access.redhat.com/security/cve/cve-2012-5521","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521","https://exchange.xforce.ibmcloud.com/vulnerabilities/80096","https://security-tracker.debian.org/tracker/CVE-2012-5521","http://www.openwall.com/lists/oss-security/2012/11/13/14","http://www.securityfocus.com/bid/56530","https://access.redhat.com/security/cve/cve-2012-5521","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521","https://exchange.xforce.ibmcloud.com/vulnerabilities/80096","https://security-tracker.debian.org/tracker/CVE-2012-5521"],"published_time":"2019-11-25T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-5630","summary":"libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.","cvss":6.3,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00119,"ranking_epss":0.30825,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html","https://access.redhat.com/security/cve/cve-2012-5630","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5630","https://security-tracker.debian.org/tracker/CVE-2012-5630","https://www.securityfocus.com/bid/59285","http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html","https://access.redhat.com/security/cve/cve-2012-5630","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5630","https://security-tracker.debian.org/tracker/CVE-2012-5630","https://www.securityfocus.com/bid/59285"],"published_time":"2019-11-25T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14822","summary":"A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is using the graphical interface, change the input method engine, or modify other input related configurations of the victim user.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00165,"ranking_epss":0.37582,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1717958","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14822","https://usn.ubuntu.com/4134-3/","https://www.oracle.com/security-alerts/cpuapr2022.html","https://bugzilla.redhat.com/show_bug.cgi?id=1717958","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14822","https://usn.ubuntu.com/4134-3/","https://www.oracle.com/security-alerts/cpuapr2022.html"],"published_time":"2019-11-25T12:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10214","summary":"The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00473,"ranking_epss":0.64688,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10214","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10214"],"published_time":"2019-11-25T11:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14815","summary":"A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00182,"ranking_epss":0.39971,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0174","https://access.redhat.com/errata/RHSA-2020:0328","https://access.redhat.com/errata/RHSA-2020:0339","https://access.redhat.com/security/cve/cve-2019-14815","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815","https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com","https://security.netapp.com/advisory/ntap-20200103-0001/","https://www.openwall.com/lists/oss-security/2019/08/28/1","https://access.redhat.com/errata/RHSA-2020:0174","https://access.redhat.com/errata/RHSA-2020:0328","https://access.redhat.com/errata/RHSA-2020:0339","https://access.redhat.com/security/cve/cve-2019-14815","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815","https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com","https://security.netapp.com/advisory/ntap-20200103-0001/","https://www.openwall.com/lists/oss-security/2019/08/28/1"],"published_time":"2019-11-25T11:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10174","summary":"A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the application.","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00882,"ranking_epss":0.75396,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0481","https://access.redhat.com/errata/RHSA-2020:0727","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10174","https://security.netapp.com/advisory/ntap-20220210-0018/","https://access.redhat.com/errata/RHSA-2020:0481","https://access.redhat.com/errata/RHSA-2020:0727","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10174","https://security.netapp.com/advisory/ntap-20220210-0018/"],"published_time":"2019-11-25T11:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-0877","summary":"PyXML: Hash table collisions CPU usage Denial of Service","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00543,"ranking_epss":0.67735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://seclists.org/oss-sec/2014/q3/96","http://www.openwall.com/lists/oss-security/2014/07/08/11","https://access.redhat.com/security/cve/cve-2012-0877","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0877","https://security-tracker.debian.org/tracker/CVE-2012-0877","http://seclists.org/oss-sec/2014/q3/96","http://www.openwall.com/lists/oss-security/2014/07/08/11","https://access.redhat.com/security/cve/cve-2012-0877","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0877","https://security-tracker.debian.org/tracker/CVE-2012-0877"],"published_time":"2019-11-22T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2015-7810","summary":"libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files","cvss":4.7,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":4.7,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29268,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2015/10/12/7","http://www.securityfocus.com/bid/72769","https://access.redhat.com/security/cve/cve-2015-7810","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7810","https://security-tracker.debian.org/tracker/CVE-2015-7810","http://www.openwall.com/lists/oss-security/2015/10/12/7","http://www.securityfocus.com/bid/72769","https://access.redhat.com/security/cve/cve-2015-7810","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7810","https://security-tracker.debian.org/tracker/CVE-2015-7810"],"published_time":"2019-11-22T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2014-3585","summary":"redhat-upgrade-tool: Does not check GPG signatures when upgrading versions","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51101,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2014-3585","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3585","https://access.redhat.com/security/cve/cve-2014-3585","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3585"],"published_time":"2019-11-22T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-1817","summary":"MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01553,"ranking_epss":0.81427,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://security.gentoo.org/glsa/glsa-201310-21.xml","http://www.openwall.com/lists/oss-security/2013/03/05/4","http://www.securityfocus.com/bid/58305","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1817","https://exchange.xforce.ibmcloud.com/vulnerabilities/88359","https://security-tracker.debian.org/tracker/CVE-2013-1817","http://security.gentoo.org/glsa/glsa-201310-21.xml","http://www.openwall.com/lists/oss-security/2013/03/05/4","http://www.securityfocus.com/bid/58305","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1817","https://exchange.xforce.ibmcloud.com/vulnerabilities/88359","https://security-tracker.debian.org/tracker/CVE-2013-1817"],"published_time":"2019-11-20T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-1816","summary":"MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04103,"ranking_epss":0.88604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://security.gentoo.org/glsa/glsa-201310-21.xml","http://www.openwall.com/lists/oss-security/2013/03/05/4","http://www.securityfocus.com/bid/58306","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1816","https://exchange.xforce.ibmcloud.com/vulnerabilities/88360","https://security-tracker.debian.org/tracker/CVE-2013-1816","http://security.gentoo.org/glsa/glsa-201310-21.xml","http://www.openwall.com/lists/oss-security/2013/03/05/4","http://www.securityfocus.com/bid/58306","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1816","https://exchange.xforce.ibmcloud.com/vulnerabilities/88360","https://security-tracker.debian.org/tracker/CVE-2013-1816"],"published_time":"2019-11-20T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-6136","summary":"tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.0724,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6136","https://security-tracker.debian.org/tracker/CVE-2012-6136","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6136","https://security-tracker.debian.org/tracker/CVE-2012-6136"],"published_time":"2019-11-20T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-4967","summary":"tog-Pegasus has a package hash collision DoS vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00669,"ranking_epss":0.71306,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://bugzilla.openpegasus.org/show_bug.cgi?id=9182","http://www.openwall.com/lists/oss-security/2012/12/14/2","https://access.redhat.com/security/cve/cve-2011-4967","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4967","https://www.securityfocus.com/bid/56941","http://bugzilla.openpegasus.org/show_bug.cgi?id=9182","http://www.openwall.com/lists/oss-security/2012/12/14/2","https://access.redhat.com/security/cve/cve-2011-4967","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4967","https://www.securityfocus.com/bid/56941"],"published_time":"2019-11-19T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2014-5118","summary":"Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15593,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html","http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html","http://www.openwall.com/lists/oss-security/2014/07/30/4","http://www.securityfocus.com/bid/68960","https://exchange.xforce.ibmcloud.com/vulnerabilities/95063","http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html","http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html","http://www.openwall.com/lists/oss-security/2014/07/30/4","http://www.securityfocus.com/bid/68960","https://exchange.xforce.ibmcloud.com/vulnerabilities/95063"],"published_time":"2019-11-18T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19072","summary":"A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.","cvss":4.4,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00099,"ranking_epss":0.27588,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/","https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4225-1/","https://usn.ubuntu.com/4225-2/","https://usn.ubuntu.com/4226-1/"],"published_time":"2019-11-18T06:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19076","summary":"A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted","cvss":5.9,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.9,"cvss_v4":null,"epss":0.02333,"ranking_epss":0.8484,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6","https://git.kernel.org/linus/1d1997db870f4058676439ef7014390ba9e24eb2","https://github.com/torvalds/linux/commit/78beef629fd95be4ed853b2d37b832f766bd96ca","https://lore.kernel.org/lkml/20191204103955.63c4d9af%40cakuba.netronome.com/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4209-1/","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.6","https://git.kernel.org/linus/1d1997db870f4058676439ef7014390ba9e24eb2","https://github.com/torvalds/linux/commit/78beef629fd95be4ed853b2d37b832f766bd96ca","https://lore.kernel.org/lkml/20191204103955.63c4d9af%40cakuba.netronome.com/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4209-1/"],"published_time":"2019-11-18T06:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19081","summary":"A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory consumption), aka CID-8ce39eb5a67a.","cvss":5.9,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.9,"cvss_v4":null,"epss":0.0125,"ranking_epss":0.79325,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4","https://github.com/torvalds/linux/commit/8ce39eb5a67aee25d9f05b40b673c95b23502e3e","https://security.netapp.com/advisory/ntap-20191205-0001/","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4","https://github.com/torvalds/linux/commit/8ce39eb5a67aee25d9f05b40b673c95b23502e3e","https://security.netapp.com/advisory/ntap-20191205-0001/"],"published_time":"2019-11-18T06:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19062","summary":"A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.7,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00098,"ranking_epss":0.26899,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://seclists.org/bugtraq/2020/Jan/10","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4254-1/","https://usn.ubuntu.com/4254-2/","https://usn.ubuntu.com/4258-1/","https://usn.ubuntu.com/4284-1/","https://usn.ubuntu.com/4287-1/","https://usn.ubuntu.com/4287-2/","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://seclists.org/bugtraq/2020/Jan/10","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4254-1/","https://usn.ubuntu.com/4254-2/","https://usn.ubuntu.com/4258-1/","https://usn.ubuntu.com/4284-1/","https://usn.ubuntu.com/4287-1/","https://usn.ubuntu.com/4287-2/"],"published_time":"2019-11-18T06:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19066","summary":"A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.7,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24361,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","https://github.com/torvalds/linux/commit/0e62395da2bd5166d7c9e14cbc7503b256a34cb0","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4286-1/","https://usn.ubuntu.com/4286-2/","https://usn.ubuntu.com/4300-1/","https://usn.ubuntu.com/4301-1/","https://usn.ubuntu.com/4302-1/","https://www.oracle.com/security-alerts/cpuApr2021.html","http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html","https://github.com/torvalds/linux/commit/0e62395da2bd5166d7c9e14cbc7503b256a34cb0","https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4286-1/","https://usn.ubuntu.com/4286-2/","https://usn.ubuntu.com/4300-1/","https://usn.ubuntu.com/4301-1/","https://usn.ubuntu.com/4302-1/","https://www.oracle.com/security-alerts/cpuApr2021.html"],"published_time":"2019-11-18T06:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19068","summary":"A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.","cvss":4.6,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":4.6,"cvss_v4":null,"epss":0.00092,"ranking_epss":0.25869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","https://github.com/torvalds/linux/commit/a2cdd07488e666aa93a49a3fc9c9b1299e27ef3c","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4286-1/","https://usn.ubuntu.com/4286-2/","https://usn.ubuntu.com/4300-1/","https://usn.ubuntu.com/4301-1/","https://usn.ubuntu.com/4302-1/","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","https://github.com/torvalds/linux/commit/a2cdd07488e666aa93a49a3fc9c9b1299e27ef3c","https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4286-1/","https://usn.ubuntu.com/4286-2/","https://usn.ubuntu.com/4300-1/","https://usn.ubuntu.com/4301-1/","https://usn.ubuntu.com/4302-1/"],"published_time":"2019-11-18T06:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-19012","summary":"An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.14783,"ranking_epss":0.94502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/kkos/oniguruma/issues/164","https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2","https://github.com/tarantula-team/CVE-2019-19012","https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/","https://usn.ubuntu.com/4460-1/","https://github.com/kkos/oniguruma/issues/164","https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2","https://github.com/tarantula-team/CVE-2019-19012","https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/","https://usn.ubuntu.com/4460-1/"],"published_time":"2019-11-17T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-2726","summary":"An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00397,"ranking_epss":0.60547,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2012/03/19/10","http://www.openwall.com/lists/oss-security/2012/03/20/14","https://access.redhat.com/security/cve/cve-2011-2726","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2726","https://security-tracker.debian.org/tracker/CVE-2011-2726","https://www.drupal.org/node/1231510","http://www.openwall.com/lists/oss-security/2012/03/19/10","http://www.openwall.com/lists/oss-security/2012/03/20/14","https://access.redhat.com/security/cve/cve-2011-2726","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2726","https://security-tracker.debian.org/tracker/CVE-2011-2726","https://www.drupal.org/node/1231510"],"published_time":"2019-11-15T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-5285","summary":"A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01626,"ranking_epss":0.81861,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html","http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html","http://rhn.redhat.com/errata/RHSA-2016-2779.html","http://www.securityfocus.com/bid/94349","http://www.ubuntu.com/usn/USN-3163-1","https://bto.bluecoat.com/security-advisory/sa137","https://bugzilla.mozilla.org/show_bug.cgi?id=1306103","https://security.gentoo.org/glsa/201701-46","http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html","http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html","http://rhn.redhat.com/errata/RHSA-2016-2779.html","http://www.securityfocus.com/bid/94349","http://www.ubuntu.com/usn/USN-3163-1","https://bto.bluecoat.com/security-advisory/sa137","https://bugzilla.mozilla.org/show_bug.cgi?id=1306103","https://security.gentoo.org/glsa/201701-46"],"published_time":"2019-11-15T16:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-11135","summary":"TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.","cvss":6.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00319,"ranking_epss":0.54928,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html","http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","http://www.openwall.com/lists/oss-security/2019/12/10/3","http://www.openwall.com/lists/oss-security/2019/12/10/4","http://www.openwall.com/lists/oss-security/2019/12/11/1","https://access.redhat.com/errata/RHSA-2019:3936","https://access.redhat.com/errata/RHSA-2020:0026","https://access.redhat.com/errata/RHSA-2020:0028","https://access.redhat.com/errata/RHSA-2020:0204","https://access.redhat.com/errata/RHSA-2020:0279","https://access.redhat.com/errata/RHSA-2020:0366","https://access.redhat.com/errata/RHSA-2020:0555","https://access.redhat.com/errata/RHSA-2020:0666","https://access.redhat.com/errata/RHSA-2020:0730","https://kc.mcafee.com/corporate/index?page=content&id=SB10306","https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/","https://seclists.org/bugtraq/2019/Dec/28","https://seclists.org/bugtraq/2019/Nov/26","https://seclists.org/bugtraq/2020/Jan/21","https://security.gentoo.org/glsa/202003-56","https://support.f5.com/csp/article/K02912734?utm_source=f5support&amp%3Butm_medium=RSS","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us","https://usn.ubuntu.com/4186-2/","https://www.debian.org/security/2020/dsa-4602","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html","https://www.oracle.com/security-alerts/cpujan2021.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html","http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","http://www.openwall.com/lists/oss-security/2019/12/10/3","http://www.openwall.com/lists/oss-security/2019/12/10/4","http://www.openwall.com/lists/oss-security/2019/12/11/1","https://access.redhat.com/errata/RHSA-2019:3936","https://access.redhat.com/errata/RHSA-2020:0026","https://access.redhat.com/errata/RHSA-2020:0028","https://access.redhat.com/errata/RHSA-2020:0204","https://access.redhat.com/errata/RHSA-2020:0279","https://access.redhat.com/errata/RHSA-2020:0366","https://access.redhat.com/errata/RHSA-2020:0555","https://access.redhat.com/errata/RHSA-2020:0666","https://access.redhat.com/errata/RHSA-2020:0730","https://kc.mcafee.com/corporate/index?page=content&id=SB10306","https://lists.debian.org/debian-lts-announce/2019/12/msg00035.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZYATWNUGHRBG6I3TC24YHP5Y3J7I6KH/","https://seclists.org/bugtraq/2019/Dec/28","https://seclists.org/bugtraq/2019/Nov/26","https://seclists.org/bugtraq/2020/Jan/21","https://security.gentoo.org/glsa/202003-56","https://support.f5.com/csp/article/K02912734?utm_source=f5support&amp%3Butm_medium=RSS","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03968en_us","https://usn.ubuntu.com/4186-2/","https://www.debian.org/security/2020/dsa-4602","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html","https://www.oracle.com/security-alerts/cpujan2021.html"],"published_time":"2019-11-14T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-1155","summary":"Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01269,"ranking_epss":0.79482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1155","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155","https://moodle.org/mod/forum/discuss.php?d=198621","https://security-tracker.debian.org/tracker/CVE-2012-1155","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1155","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1155","https://moodle.org/mod/forum/discuss.php?d=198621","https://security-tracker.debian.org/tracker/CVE-2012-1155"],"published_time":"2019-11-14T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-1156","summary":"Moodle before 2.2.2 has users' private files included in course backups","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01229,"ranking_epss":0.79148,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1156","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156","https://moodle.org/mod/forum/discuss.php?d=198623","https://security-tracker.debian.org/tracker/CVE-2012-1156","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1156","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1156","https://moodle.org/mod/forum/discuss.php?d=198623","https://security-tracker.debian.org/tracker/CVE-2012-1156"],"published_time":"2019-11-14T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2012-1168","summary":"Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.","cvss":8.2,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":8.2,"cvss_v4":null,"epss":0.02216,"ranking_epss":0.84477,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1168","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168","https://moodle.org/mod/forum/discuss.php?d=198622","https://security-tracker.debian.org/tracker/CVE-2012-1168","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html","http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html","https://access.redhat.com/security/cve/cve-2012-1168","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1168","https://moodle.org/mod/forum/discuss.php?d=198622","https://security-tracker.debian.org/tracker/CVE-2012-1168"],"published_time":"2019-11-14T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-1145","summary":"The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00218,"ranking_epss":0.44444,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-1145","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1145","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-1145","https://security-tracker.debian.org/tracker/CVE-2011-1145","https://access.redhat.com/security/cve/cve-2011-1145","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1145","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-1145","https://security-tracker.debian.org/tracker/CVE-2011-1145"],"published_time":"2019-11-14T02:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2010-4664","summary":"In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00187,"ranking_epss":0.40498,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2010-4664","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4664","https://security-tracker.debian.org/tracker/CVE-2010-4664","https://access.redhat.com/security/cve/cve-2010-4664","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4664","https://security-tracker.debian.org/tracker/CVE-2010-4664"],"published_time":"2019-11-13T22:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2010-4657","summary":"PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0157,"ranking_epss":0.81524,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2010-4657","https://bugs.launchpad.net/php/%2Bbug/655442","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657","https://security-tracker.debian.org/tracker/CVE-2010-4657","https://access.redhat.com/security/cve/cve-2010-4657","https://bugs.launchpad.net/php/%2Bbug/655442","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657","https://security-tracker.debian.org/tracker/CVE-2010-4657"],"published_time":"2019-11-13T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2010-4661","summary":"udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00152,"ranking_epss":0.35908,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html","https://access.redhat.com/security/cve/cve-2010-4661","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661","https://security-tracker.debian.org/tracker/CVE-2010-4661","http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html","https://access.redhat.com/security/cve/cve-2010-4661","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661","https://security-tracker.debian.org/tracker/CVE-2010-4661"],"published_time":"2019-11-13T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2011-2897","summary":"gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00985,"ranking_epss":0.76816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2011-2897","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897","https://security-tracker.debian.org/tracker/CVE-2011-2897","https://access.redhat.com/security/cve/cve-2011-2897","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897","https://security-tracker.debian.org/tracker/CVE-2011-2897"],"published_time":"2019-11-12T14:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-10219","summary":"A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01674,"ranking_epss":0.8214,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219","https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee","https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe","https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219","https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit","https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E","https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E","https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0024/","https://www.oracle.com/security-alerts/cpujan2022.html","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219","https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee","https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe","https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219","https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit","https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E","https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E","https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E","https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E","https://security.netapp.com/advisory/ntap-20220210-0024/","https://www.oracle.com/security-alerts/cpujan2022.html"],"published_time":"2019-11-08T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14824","summary":"A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes.","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00194,"ranking_epss":0.41328,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:3981","https://access.redhat.com/errata/RHSA-2020:0464","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824","https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html","https://access.redhat.com/errata/RHSA-2019:3981","https://access.redhat.com/errata/RHSA-2020:0464","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824","https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html","https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html"],"published_time":"2019-11-08T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2008-3278","summary":"frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.15146,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2008-3278","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3278","https://security-tracker.debian.org/tracker/CVE-2008-3278","https://access.redhat.com/security/cve/cve-2008-3278","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3278","https://security-tracker.debian.org/tracker/CVE-2008-3278"],"published_time":"2019-11-07T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18811","summary":"A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.3178,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4284-1/","https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/","https://security.netapp.com/advisory/ntap-20191205-0001/","https://usn.ubuntu.com/4284-1/"],"published_time":"2019-11-07T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-18805","summary":"An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0057,"ranking_epss":0.68606,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html","https://access.redhat.com/errata/RHSA-2020:0740","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78","https://security.netapp.com/advisory/ntap-20191205-0001/","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html","https://access.redhat.com/errata/RHSA-2020:0740","https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11","https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78","https://security.netapp.com/advisory/ntap-20191205-0001/"],"published_time":"2019-11-07T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-1000037","summary":"Pagure: XSS possible in file attachment endpoint","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00414,"ranking_epss":0.61627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000037","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7EHB2WQ46M737B2STHQTOPTBSSQJDSS/","https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000037.json","https://security-tracker.debian.org/tracker/CVE-2016-1000037","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000037","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7EHB2WQ46M737B2STHQTOPTBSSQJDSS/","https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000037.json","https://security-tracker.debian.org/tracker/CVE-2016-1000037"],"published_time":"2019-11-06T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2014-8181","summary":"The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00229,"ranking_epss":0.45686,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1335817","https://bugzilla.redhat.com/show_bug.cgi?id=1335817"],"published_time":"2019-11-06T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-4983","summary":"A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.","cvss":3.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00143,"ranking_epss":0.34553,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html","https://bugzilla.redhat.com/show_bug.cgi?id=1346055","https://bugzilla.suse.com/show_bug.cgi?id=984639","http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html","https://bugzilla.redhat.com/show_bug.cgi?id=1346055","https://bugzilla.suse.com/show_bug.cgi?id=984639"],"published_time":"2019-11-05T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-5661","summary":"Cache Poisoning issue exists in DNS Response Rate Limiting.","cvss":5.9,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01066,"ranking_epss":0.7769,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5661","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5661","https://security-tracker.debian.org/tracker/CVE-2013-5661","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5661","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5661","https://security-tracker.debian.org/tracker/CVE-2013-5661"],"published_time":"2019-11-05T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2016-1000002","summary":"gdm3 3.14.2 and possibly later has an information leak before screen lock","cvss":2.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":2.4,"cvss_v4":null,"epss":0.0016,"ranking_epss":0.36869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000002","https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000002.json","https://security-tracker.debian.org/tracker/CVE-2016-1000002","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000002","https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000002.json","https://security-tracker.debian.org/tracker/CVE-2016-1000002"],"published_time":"2019-11-05T14:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-4409","summary":"An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01166,"ranking_epss":0.78631,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html","http://www.securityfocus.com/bid/63029","https://access.redhat.com/security/cve/cve-2013-4409","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409","https://exchange.xforce.ibmcloud.com/vulnerabilities/88059","https://security-tracker.debian.org/tracker/CVE-2013-4409","http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html","http://www.securityfocus.com/bid/63029","https://access.redhat.com/security/cve/cve-2013-4409","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409","https://exchange.xforce.ibmcloud.com/vulnerabilities/88059","https://security-tracker.debian.org/tracker/CVE-2013-4409"],"published_time":"2019-11-04T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2015-8980","summary":"The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.04573,"ranking_epss":0.89212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html","http://seclists.org/fulldisclosure/2016/Aug/76","http://www.openwall.com/lists/oss-security/2017/01/18/4","http://www.securityfocus.com/bid/95754","https://bugzilla.redhat.com/show_bug.cgi?id=1367462","https://launchpad.net/php-gettext/trunk/1.0.12","https://lwn.net/Alerts/708838/","http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html","http://seclists.org/fulldisclosure/2016/Aug/76","http://www.openwall.com/lists/oss-security/2017/01/18/4","http://www.securityfocus.com/bid/95754","https://bugzilla.redhat.com/show_bug.cgi?id=1367462","https://launchpad.net/php-gettext/trunk/1.0.12","https://lwn.net/Alerts/708838/"],"published_time":"2019-11-04T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2017-5332","summary":"The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.46239,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html","http://rhn.redhat.com/errata/RHSA-2017-0837.html","http://www.debian.org/security/2017/dsa-3765","http://www.openwall.com/lists/oss-security/2017/01/11/3","http://www.securityfocus.com/bid/95380","http://www.ubuntu.com/usn/USN-3178-1","https://bugzilla.redhat.com/show_bug.cgi?id=1412263","https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html","http://rhn.redhat.com/errata/RHSA-2017-0837.html","http://www.debian.org/security/2017/dsa-3765","http://www.openwall.com/lists/oss-security/2017/01/11/3","http://www.securityfocus.com/bid/95380","http://www.ubuntu.com/usn/USN-3178-1","https://bugzilla.redhat.com/show_bug.cgi?id=1412263","https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1aa9f28f7bcbdfff6a84a15ac8d9a87559b1596a"],"published_time":"2019-11-04T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2017-5333","summary":"Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.46239,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html","http://rhn.redhat.com/errata/RHSA-2017-0837.html","http://www.debian.org/security/2017/dsa-3765","http://www.openwall.com/lists/oss-security/2017/01/11/3","http://www.securityfocus.com/bid/95678","http://www.ubuntu.com/usn/USN-3178-1","https://bugzilla.redhat.com/show_bug.cgi?id=1412259","https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00024.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00026.html","http://rhn.redhat.com/errata/RHSA-2017-0837.html","http://www.debian.org/security/2017/dsa-3765","http://www.openwall.com/lists/oss-security/2017/01/11/3","http://www.securityfocus.com/bid/95678","http://www.ubuntu.com/usn/USN-3178-1","https://bugzilla.redhat.com/show_bug.cgi?id=1412259","https://git.savannah.gnu.org/cgit/icoutils.git/commit/?id=1a108713ac26215c7568353f6e02e727e6d4b24a"],"published_time":"2019-11-04T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-4251","summary":"The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html","http://www.securityfocus.com/bid/63008","https://access.redhat.com/security/cve/cve-2013-4251","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251","https://exchange.xforce.ibmcloud.com/vulnerabilities/88052","https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973","https://security-tracker.debian.org/tracker/CVE-2013-4251","http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html","http://www.securityfocus.com/bid/63008","https://access.redhat.com/security/cve/cve-2013-4251","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251","https://exchange.xforce.ibmcloud.com/vulnerabilities/88052","https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973","https://security-tracker.debian.org/tracker/CVE-2013-4251"],"published_time":"2019-11-04T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2005-4890","summary":"There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via \"su - user -c program\". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00135,"ranking_epss":0.33185,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2012/11/06/8","http://www.openwall.com/lists/oss-security/2013/05/20/3","http://www.openwall.com/lists/oss-security/2013/11/28/10","http://www.openwall.com/lists/oss-security/2013/11/29/5","http://www.openwall.com/lists/oss-security/2014/10/20/9","http://www.openwall.com/lists/oss-security/2014/10/21/1","http://www.openwall.com/lists/oss-security/2014/12/15/5","http://www.openwall.com/lists/oss-security/2016/02/25/6","https://access.redhat.com/security/cve/cve-2005-4890","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890","https://security-tracker.debian.org/tracker/CVE-2005-4890","http://www.openwall.com/lists/oss-security/2012/11/06/8","http://www.openwall.com/lists/oss-security/2013/05/20/3","http://www.openwall.com/lists/oss-security/2013/11/28/10","http://www.openwall.com/lists/oss-security/2013/11/29/5","http://www.openwall.com/lists/oss-security/2014/10/20/9","http://www.openwall.com/lists/oss-security/2014/10/21/1","http://www.openwall.com/lists/oss-security/2014/12/15/5","http://www.openwall.com/lists/oss-security/2016/02/25/6","https://access.redhat.com/security/cve/cve-2005-4890","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890","https://security-tracker.debian.org/tracker/CVE-2005-4890"],"published_time":"2019-11-04T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-4518","summary":"RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.2319,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2013-4518","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518","https://access.redhat.com/security/cve/cve-2013-4518","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4518"],"published_time":"2019-11-04T13:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-6470","summary":"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.","cvss":6.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00265,"ranking_epss":0.4999,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:2060","https://access.redhat.com/errata/RHSA-2019:3525","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122","https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html","https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html","https://access.redhat.com/errata/RHSA-2019:2060","https://access.redhat.com/errata/RHSA-2019:3525","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122","https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00048.html","https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00049.html"],"published_time":"2019-11-01T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-3718","summary":"evince is missing a check on number of pages which can lead to a segmentation fault","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00518,"ranking_epss":0.66733,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://bugzilla.gnome.org/show_bug.cgi?id=701302","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-3718","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-3718","https://security-tracker.debian.org/tracker/CVE-2013-3718","http://bugzilla.gnome.org/show_bug.cgi?id=701302","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-3718","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-3718","https://security-tracker.debian.org/tracker/CVE-2013-3718"],"published_time":"2019-11-01T13:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2013-4751","summary":"php-symfony2-Validator has loss of information during serialization","cvss":8.1,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00567,"ranking_epss":0.68498,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html","http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released","http://www.securityfocus.com/bid/61709","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751","https://exchange.xforce.ibmcloud.com/vulnerabilities/86364","http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html","http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114436.html","http://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released","http://www.securityfocus.com/bid/61709","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4751","https://exchange.xforce.ibmcloud.com/vulnerabilities/86364"],"published_time":"2019-11-01T13:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-5010","summary":"An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.","cvss":5.9,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.9,"cvss_v4":null,"epss":0.05355,"ranking_epss":0.90078,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","https://access.redhat.com/errata/RHSA-2019:3520","https://access.redhat.com/errata/RHSA-2019:3725","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","https://security.gentoo.org/glsa/202003-26","https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","https://access.redhat.com/errata/RHSA-2019:3520","https://access.redhat.com/errata/RHSA-2019:3725","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","https://security.gentoo.org/glsa/202003-26","https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758"],"published_time":"2019-10-31T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-5742","summary":"While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected.","cvss":5.9,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01301,"ranking_epss":0.79729,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/security/cve/cve-2018-5742","https://access.redhat.com/security/cve/cve-2018-5742"],"published_time":"2019-10-30T14:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-11043","summary":"In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.","cvss":8.7,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.7,"cvss_v4":null,"epss":0.94053,"ranking_epss":0.99902,"kev":true,"propose_action":"In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code execution.","ransomware_campaign":"Known","references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html","http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2020/Jan/40","https://access.redhat.com/errata/RHSA-2019:3286","https://access.redhat.com/errata/RHSA-2019:3287","https://access.redhat.com/errata/RHSA-2019:3299","https://access.redhat.com/errata/RHSA-2019:3300","https://access.redhat.com/errata/RHSA-2019:3724","https://access.redhat.com/errata/RHSA-2019:3735","https://access.redhat.com/errata/RHSA-2019:3736","https://access.redhat.com/errata/RHSA-2020:0322","https://bugs.php.net/bug.php?id=78599","https://github.com/neex/phuip-fpizdam","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/","https://seclists.org/bugtraq/2020/Jan/44","https://security.netapp.com/advisory/ntap-20191031-0003/","https://support.apple.com/kb/HT210919","https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4166-1/","https://usn.ubuntu.com/4166-2/","https://www.debian.org/security/2019/dsa-4552","https://www.debian.org/security/2019/dsa-4553","https://www.synology.com/security/advisory/Synology_SA_19_36","https://www.tenable.com/security/tns-2021-14","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html","http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html","http://seclists.org/fulldisclosure/2020/Jan/40","https://access.redhat.com/errata/RHSA-2019:3286","https://access.redhat.com/errata/RHSA-2019:3287","https://access.redhat.com/errata/RHSA-2019:3299","https://access.redhat.com/errata/RHSA-2019:3300","https://access.redhat.com/errata/RHSA-2019:3724","https://access.redhat.com/errata/RHSA-2019:3735","https://access.redhat.com/errata/RHSA-2019:3736","https://access.redhat.com/errata/RHSA-2020:0322","https://bugs.php.net/bug.php?id=78599","https://github.com/neex/phuip-fpizdam","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/","https://seclists.org/bugtraq/2020/Jan/44","https://security.netapp.com/advisory/ntap-20191031-0003/","https://support.apple.com/kb/HT210919","https://support.f5.com/csp/article/K75408500?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4166-1/","https://usn.ubuntu.com/4166-2/","https://www.debian.org/security/2019/dsa-4552","https://www.debian.org/security/2019/dsa-4553","https://www.synology.com/security/advisory/Synology_SA_19_36","https://www.tenable.com/security/tns-2021-14","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-11043"],"published_time":"2019-10-28T15:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-17596","summary":"Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0234,"ranking_epss":0.84862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html","https://access.redhat.com/errata/RHSA-2020:0101","https://access.redhat.com/errata/RHSA-2020:0329","https://github.com/golang/go/issues/34960","https://groups.google.com/d/msg/golang-announce/lVEm7llp0w0/VbafyRkgCgAJ","https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html","https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VS3HPSE25ZSGS4RSOTADC67YNOHIGVV/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVOWGM7IQGRO7DS2MCUMYZRQ4TYOZNAS/","https://security.netapp.com/advisory/ntap-20191122-0005/","https://www.arista.com/en/support/advisories-notices/security-advisories/10134-security-advisory-46","https://www.debian.org/security/2019/dsa-4551","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html","https://access.redhat.com/errata/RHSA-2020:0101","https://access.redhat.com/errata/RHSA-2020:0329","https://github.com/golang/go/issues/34960","https://groups.google.com/d/msg/golang-announce/lVEm7llp0w0/VbafyRkgCgAJ","https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html","https://lists.debian.org/debian-lts-announce/2021/03/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VS3HPSE25ZSGS4RSOTADC67YNOHIGVV/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WVOWGM7IQGRO7DS2MCUMYZRQ4TYOZNAS/","https://security.netapp.com/advisory/ntap-20191122-0005/","https://www.arista.com/en/support/advisories-notices/security-advisories/10134-security-advisory-46","https://www.debian.org/security/2019/dsa-4551"],"published_time":"2019-10-24T22:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14287","summary":"In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.85814,"ranking_epss":0.99384,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html","http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html","http://www.openwall.com/lists/oss-security/2019/10/14/1","http://www.openwall.com/lists/oss-security/2019/10/24/1","http://www.openwall.com/lists/oss-security/2019/10/29/3","http://www.openwall.com/lists/oss-security/2021/09/14/2","https://access.redhat.com/errata/RHBA-2019:3248","https://access.redhat.com/errata/RHSA-2019:3197","https://access.redhat.com/errata/RHSA-2019:3204","https://access.redhat.com/errata/RHSA-2019:3205","https://access.redhat.com/errata/RHSA-2019:3209","https://access.redhat.com/errata/RHSA-2019:3219","https://access.redhat.com/errata/RHSA-2019:3278","https://access.redhat.com/errata/RHSA-2019:3694","https://access.redhat.com/errata/RHSA-2019:3754","https://access.redhat.com/errata/RHSA-2019:3755","https://access.redhat.com/errata/RHSA-2019:3895","https://access.redhat.com/errata/RHSA-2019:3916","https://access.redhat.com/errata/RHSA-2019:3941","https://access.redhat.com/errata/RHSA-2019:4191","https://access.redhat.com/errata/RHSA-2020:0388","https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/","https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287","https://seclists.org/bugtraq/2019/Oct/20","https://seclists.org/bugtraq/2019/Oct/21","https://security.gentoo.org/glsa/202003-12","https://security.netapp.com/advisory/ntap-20191017-0003/","https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us","https://usn.ubuntu.com/4154-1/","https://www.debian.org/security/2019/dsa-4543","https://www.openwall.com/lists/oss-security/2019/10/15/2","https://www.sudo.ws/alerts/minus_1_uid.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html","http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html","http://www.openwall.com/lists/oss-security/2019/10/14/1","http://www.openwall.com/lists/oss-security/2019/10/24/1","http://www.openwall.com/lists/oss-security/2019/10/29/3","http://www.openwall.com/lists/oss-security/2021/09/14/2","https://access.redhat.com/errata/RHBA-2019:3248","https://access.redhat.com/errata/RHSA-2019:3197","https://access.redhat.com/errata/RHSA-2019:3204","https://access.redhat.com/errata/RHSA-2019:3205","https://access.redhat.com/errata/RHSA-2019:3209","https://access.redhat.com/errata/RHSA-2019:3219","https://access.redhat.com/errata/RHSA-2019:3278","https://access.redhat.com/errata/RHSA-2019:3694","https://access.redhat.com/errata/RHSA-2019:3754","https://access.redhat.com/errata/RHSA-2019:3755","https://access.redhat.com/errata/RHSA-2019:3895","https://access.redhat.com/errata/RHSA-2019:3916","https://access.redhat.com/errata/RHSA-2019:3941","https://access.redhat.com/errata/RHSA-2019:4191","https://access.redhat.com/errata/RHSA-2020:0388","https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/","https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287","https://seclists.org/bugtraq/2019/Oct/20","https://seclists.org/bugtraq/2019/Oct/21","https://security.gentoo.org/glsa/202003-12","https://security.netapp.com/advisory/ntap-20191017-0003/","https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS","https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us","https://usn.ubuntu.com/4154-1/","https://www.debian.org/security/2019/dsa-4543","https://www.openwall.com/lists/oss-security/2019/10/15/2","https://www.sudo.ws/alerts/minus_1_uid.html"],"published_time":"2019-10-17T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-17631","summary":"From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.","cvss":9.1,"cvss_version":3.0,"cvss_v2":6.4,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00497,"ranking_epss":0.65832,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://bugs.eclipse.org/bugs/show_bug.cgi?id=552129","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://bugs.eclipse.org/bugs/show_bug.cgi?id=552129"],"published_time":"2019-10-17T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2992","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00898,"ranking_epss":0.75643,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2996","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). The supported version that is affected is Java SE: 8u221; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).","cvss":4.2,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.2,"cvss_v4":null,"epss":0.02225,"ranking_epss":0.84514,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://security.netapp.com/advisory/ntap-20191017-0001/","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://security.netapp.com/advisory/ntap-20191017-0001/"],"published_time":"2019-10-16T18:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2999","summary":"Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.7,"cvss_v4":null,"epss":0.01308,"ranking_epss":0.79784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2975","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).","cvss":4.8,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":4.8,"cvss_v4":null,"epss":0.00488,"ranking_epss":0.65461,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://kc.mcafee.com/corporate/index?page=content&id=SB10315","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2978","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00476,"ranking_epss":0.6487,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2981","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00333,"ranking_epss":0.5616,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2983","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00344,"ranking_epss":0.57038,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2988","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00514,"ranking_epss":0.66556,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2962","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00476,"ranking_epss":0.64857,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2964","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00476,"ranking_epss":0.64857,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2973","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","cvss":3.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.7,"cvss_v4":null,"epss":0.00576,"ranking_epss":0.68773,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-2945","summary":"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).","cvss":3.1,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00296,"ranking_epss":0.52876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html","http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html","http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://access.redhat.com/errata/RHSA-2019:3134","https://access.redhat.com/errata/RHSA-2019:3135","https://access.redhat.com/errata/RHSA-2019:3136","https://access.redhat.com/errata/RHSA-2019:3157","https://access.redhat.com/errata/RHSA-2019:3158","https://access.redhat.com/errata/RHSA-2019:4109","https://access.redhat.com/errata/RHSA-2019:4110","https://access.redhat.com/errata/RHSA-2019:4113","https://access.redhat.com/errata/RHSA-2019:4115","https://access.redhat.com/errata/RHSA-2020:0006","https://access.redhat.com/errata/RHSA-2020:0046","https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html","https://seclists.org/bugtraq/2019/Oct/27","https://seclists.org/bugtraq/2019/Oct/31","https://security.netapp.com/advisory/ntap-20191017-0001/","https://usn.ubuntu.com/4223-1/","https://www.debian.org/security/2019/dsa-4546","https://www.debian.org/security/2019/dsa-4548"],"published_time":"2019-10-16T18:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14823","summary":"A flaw was found in the \"Leaf and Chain\" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.","cvss":6.8,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00287,"ranking_epss":0.52166,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:3067","https://access.redhat.com/errata/RHSA-2019:3225","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/","https://access.redhat.com/errata/RHSA-2019:3067","https://access.redhat.com/errata/RHSA-2019:3225","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/"],"published_time":"2019-10-14T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-14838","summary":"A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server","cvss":5.2,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00381,"ranking_epss":0.59542,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:3082","https://access.redhat.com/errata/RHSA-2019:3083","https://access.redhat.com/errata/RHSA-2019:4018","https://access.redhat.com/errata/RHSA-2019:4019","https://access.redhat.com/errata/RHSA-2019:4020","https://access.redhat.com/errata/RHSA-2019:4021","https://access.redhat.com/errata/RHSA-2019:4040","https://access.redhat.com/errata/RHSA-2019:4041","https://access.redhat.com/errata/RHSA-2019:4042","https://access.redhat.com/errata/RHSA-2019:4045","https://access.redhat.com/errata/RHSA-2020:0728","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838","https://access.redhat.com/errata/RHSA-2019:3082","https://access.redhat.com/errata/RHSA-2019:3083","https://access.redhat.com/errata/RHSA-2019:4018","https://access.redhat.com/errata/RHSA-2019:4019","https://access.redhat.com/errata/RHSA-2019:4020","https://access.redhat.com/errata/RHSA-2019:4021","https://access.redhat.com/errata/RHSA-2019:4040","https://access.redhat.com/errata/RHSA-2019:4041","https://access.redhat.com/errata/RHSA-2019:4042","https://access.redhat.com/errata/RHSA-2019:4045","https://access.redhat.com/errata/RHSA-2020:0728","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14838"],"published_time":"2019-10-14T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-6465","summary":"Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.","cvss":5.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0128,"ranking_epss":0.79571,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:3552","https://kb.isc.org/docs/cve-2019-6465","https://access.redhat.com/errata/RHSA-2019:3552","https://kb.isc.org/docs/cve-2019-6465"],"published_time":"2019-10-09T16:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-17267","summary":"A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.01195,"ranking_epss":0.78871,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10","https://github.com/FasterXML/jackson-databind/issues/2460","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8%40%3Cdev.skywalking.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html","https://security.netapp.com/advisory/ntap-20191017-0006/","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html","https://access.redhat.com/errata/RHSA-2019:3200","https://access.redhat.com/errata/RHSA-2020:0159","https://access.redhat.com/errata/RHSA-2020:0160","https://access.redhat.com/errata/RHSA-2020:0161","https://access.redhat.com/errata/RHSA-2020:0164","https://access.redhat.com/errata/RHSA-2020:0445","https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10","https://github.com/FasterXML/jackson-databind/issues/2460","https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E","https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E","https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E","https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8%40%3Cdev.skywalking.apache.org%3E","https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E","https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html","https://security.netapp.com/advisory/ntap-20191017-0006/","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/security-alerts/cpujul2020.html","https://www.oracle.com/security-alerts/cpuoct2020.html"],"published_time":"2019-10-07T00:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2019-15166","summary":"lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.","cvss":1.6,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":1.6,"cvss_v4":null,"epss":0.01018,"ranking_epss":0.77209,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14470","summary":"The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02005,"ranking_epss":0.8368,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14879","summary":"The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().","cvss":7.0,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0052,"ranking_epss":0.66811,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://support.f5.com/csp/article/K51512510?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://support.f5.com/csp/article/K51512510?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14880","summary":"The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00986,"ranking_epss":0.76827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://support.f5.com/csp/article/K56551263?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://support.f5.com/csp/article/K56551263?utm_source=f5support&amp%3Butm_medium=RSS","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14881","summary":"The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01518,"ranking_epss":0.81237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14882","summary":"The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02378,"ranking_epss":0.84986,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-16227","summary":"The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.03505,"ranking_epss":0.87619,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-16228","summary":"The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02169,"ranking_epss":0.84316,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-16229","summary":"The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0297,"ranking_epss":0.86503,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-16230","summary":"The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00474,"ranking_epss":0.64772,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-16451","summary":"The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00474,"ranking_epss":0.64772,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14461","summary":"The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00335,"ranking_epss":0.56365,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/aa5c6b710dfd8020d2c908d6b3bd41f1da719b3b","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/aa5c6b710dfd8020d2c908d6b3bd41f1da719b3b","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2018-14462","summary":"The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00519,"ranking_epss":0.66803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/1a1bce0526a77b62e41531b00f8bb5e21fd4f3a3","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html","http://seclists.org/fulldisclosure/2019/Dec/26","https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES","https://github.com/the-tcpdump-group/tcpdump/commit/1a1bce0526a77b62e41531b00f8bb5e21fd4f3a3","https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/","https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/","https://seclists.org/bugtraq/2019/Dec/23","https://seclists.org/bugtraq/2019/Oct/28","https://security.netapp.com/advisory/ntap-20200120-0001/","https://support.apple.com/kb/HT210788","https://usn.ubuntu.com/4252-1/","https://usn.ubuntu.com/4252-2/","https://www.debian.org/security/2019/dsa-4547"],"published_time":"2019-10-03T16:15:11","vendor":null,"product":null,"version":null}]}