Export limit exceeded: 10202 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10202 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-35269 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 7.8 High |
| NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. | ||||
| CVE-2021-35268 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 6.7 Medium |
| In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. | ||||
| CVE-2021-35267 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 7.8 High |
| NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root. | ||||
| CVE-2021-35266 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 7.8 High |
| In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution. | ||||
| CVE-2021-33289 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 7.8 High |
| In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. | ||||
| CVE-2021-33287 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2026-07-05 | 6.7 Medium |
| In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. | ||||
| CVE-2025-4598 | 5 Debian, Linux, Oracle and 2 more | 10 Debian Linux, Linux Kernel, Linux and 7 more | 2026-06-30 | 4.7 Medium |
| A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality. | ||||
| CVE-2026-4775 | 3 Debian, Libtiff, Redhat | 13 Debian Linux, Libtiff, Ai Inference Server and 10 more | 2026-06-30 | 7.8 High |
| A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution. | ||||
| CVE-2025-26466 | 4 Canonical, Debian, Openbsd and 1 more | 5 Ubuntu Linux, Debian Linux, Openssh and 2 more | 2026-06-30 | 5.9 Medium |
| A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | ||||
| CVE-2025-3891 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2026-06-29 | 7.5 High |
| A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability. | ||||
| CVE-2025-3155 | 3 Debian, Gnome, Redhat | 25 Debian Linux, Yelp, Codeready Linux Builder and 22 more | 2026-06-29 | 7.4 High |
| A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. | ||||
| CVE-2023-6478 | 4 Debian, Redhat, Tigervnc and 1 more | 11 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 8 more | 2026-06-23 | 7.6 High |
| A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. | ||||
| CVE-2023-6377 | 4 Debian, Redhat, Tigervnc and 1 more | 11 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 8 more | 2026-06-23 | 7.8 High |
| A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | ||||
| CVE-2023-5380 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Enterprise Linux and 2 more | 2026-06-23 | 4.7 Medium |
| A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. | ||||
| CVE-2023-5367 | 4 Debian, Fedoraproject, Redhat and 1 more | 17 Debian Linux, Fedora, Enterprise Linux and 14 more | 2026-06-23 | 7.8 High |
| A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. | ||||
| CVE-2023-4781 | 3 Apple, Debian, Vim | 3 Macos, Debian Linux, Vim | 2026-06-23 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. | ||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2026-06-23 | 5.5 Medium |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | ||||
| CVE-2025-38415 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-18 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfs_bio_read" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl("/dev/loop0", LOOP_SET_BLOCK_SIZE, 0x8000). Now if this ioctl occurs at the same time another process is in the process of mounting a Squashfs filesystem on /dev/loop0, the failure occurs. When this happens the following code in squashfs_fill_super() fails. ---- msblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE); msblk->devblksize_log2 = ffz(~msblk->devblksize); ---- sb_min_blocksize() returns 0, which means msblk->devblksize is set to 0. As a result, ffz(~msblk->devblksize) returns 64, and msblk->devblksize_log2 is set to 64. This subsequently causes the UBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36 shift exponent 64 is too large for 64-bit type 'u64' (aka 'unsigned long long') This commit adds a check for a 0 return by sb_min_blocksize(). | ||||
| CVE-2026-49975 | 3 Apache, Debian, F5 | 3 Http Server, Debian Linux, Nginx | 2026-06-18 | 7.5 High |
| Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67. | ||||
| CVE-2025-38553 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-17 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||