Total
5103 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41360 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2023-12-22 | N/A | 9.1 CRITICAL |
| An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. | |||||
| CVE-2023-41358 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2023-12-22 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | |||||
| CVE-2023-38802 | 4 Debian, Fedoraproject, Frrouting and 1 more | 4 Debian Linux, Fedora, Frrouting and 1 more | 2023-12-22 | N/A | 7.5 HIGH |
| FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). | |||||
| CVE-2023-41909 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2023-12-22 | N/A | 7.5 HIGH |
| An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. | |||||
| CVE-2023-5631 | 3 Debian, Fedoraproject, Roundcube | 3 Debian Linux, Fedora, Webmail | 2023-12-22 | N/A | 5.4 MEDIUM |
| Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code. | |||||
| CVE-2011-1027 | 2 Fedoraproject, Lars Hjemli | 2 Fedora, Cgit | 2023-12-22 | 5.0 MEDIUM | N/A |
| Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg sequence. | |||||
| CVE-2011-1002 | 5 Avahi, Canonical, Debian and 2 more | 5 Avahi, Ubuntu Linux, Debian Linux and 2 more | 2023-12-22 | 5.0 MEDIUM | N/A |
| avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244. | |||||
| CVE-2023-28322 | 4 Apple, Fedoraproject, Haxx and 1 more | 13 Macos, Fedora, Curl and 10 more | 2023-12-22 | N/A | 3.7 LOW |
| An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | |||||
| CVE-2021-28676 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2023-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load. | |||||
| CVE-2023-1667 | 4 Debian, Fedoraproject, Libssh and 1 more | 4 Debian Linux, Fedora, Libssh and 1 more | 2023-12-22 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. | |||||
| CVE-2021-3634 | 6 Debian, Fedoraproject, Libssh and 3 more | 7 Debian Linux, Fedora, Libssh and 4 more | 2023-12-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange. | |||||
| CVE-2021-37623 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37622 | 3 Debian, Exiv2, Fedoraproject | 3 Debian Linux, Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when deleting the IPTC data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-d I rm`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37621 | 3 Debian, Exiv2, Fedoraproject | 3 Debian Linux, Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37620 | 3 Debian, Exiv2, Fedoraproject | 3 Debian Linux, Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37619 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37618 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the image ICC profile, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p C`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37616 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-37615 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5. | |||||
| CVE-2021-34335 | 2 Exiv2, Fedoraproject | 2 Exiv2, Fedora | 2023-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5. | |||||