CVSS: 6.2EPSS: 0%CPEs: 14EXPL: 0CVE-2022-4900 – Potential buffer overflow in php_cli_server_startup_workers
https://notcve.org/view.php?id=CVE-2022-4900
02 Nov 2023 — A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. Se encontró una vulnerabilidad en PHP donde establecer la variable de entorno PHP_CLI_SERVER_WORKERS en un valor grande provoca un desbordamiento del búfer del heap. USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. • https://access.redhat.com/security/cve/CVE-2022-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-22024
https://notcve.org/view.php?id=CVE-2023-22024
20 Sep 2023 — In the Unbreakable Enterprise Kernel (UEK), the RDS module in UEK has two setsockopt(2) options, RDS_CONN_RESET and RDS6_CONN_RESET, that are not re-entrant. A malicious local user with CAP_NET_ADMIN can use this to crash the kernel. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). En Unbreakable Enterprise Kernel (UEK), el módulo RDS en UEK tiene dos opciones setsockopt(2), RDS_CONN_RESET y RDS6_CONN_RESET, que no son reentrantes. • https://linux.oracle.com/cve/CVE-2023-22024.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21504
https://notcve.org/view.php?id=CVE-2022-21504
14 Jun 2022 — The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). • https://github.com/oracle/linux-uek/commit/49c68f5f892d8c2be00e0a89ff2a035422c03b59 • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21499 – kernel: possible to use the debugger to write zero into a location of choice
https://notcve.org/view.php?id=CVE-2022-21499
03 Jun 2022 — KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). KGDB y KDB permiten el acceso de lectura y escritura a la memoria del kernel, y por lo tanto deben ser restrin... • http://packetstormsecurity.com/files/168191/Kernel-Live-Patch-Security-Notice-LSN-0089-1.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-2464
https://notcve.org/view.php?id=CVE-2021-2464
24 Sep 2021 — Vulnerability in Oracle Linux (component: OSwatcher). Supported versions that are affected are 7 and 8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Linux executes to compromise Oracle Linux. Successful attacks of this vulnerability can result in takeover of Oracle Linux. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). • https://linux.oracle.com/errata/ELSA-2021-9444.html •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2008-4306 – enscript: "font" special escape buffer overflows
https://notcve.org/view.php?id=CVE-2008-4306
04 Nov 2008 — Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence. Vulnerabilidad inespecífica en enscript antes de la v1.6.4 en Ubuntu Linux v6.06 LTS, v7.10, v8.04 y v8.10 que tiene un impacto y unos vectores de ataque desconocidos, posiblemente este relacionado con el desbordamiento de búfer. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 2%CPEs: 64EXPL: 0CVE-2008-2808 – Firefox file location escaping flaw
https://notcve.org/view.php?id=CVE-2008-2808
07 Jul 2008 — Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename. Mozilla Firefox anterior a 2.0.0.15 y SeaMonkey anterior a 1.1.10 no escapan correctamente el HTML en listados de directorios file:// URLs, lo que permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) o te... • http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2285
https://notcve.org/view.php?id=CVE-2008-2285
18 May 2008 — The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool. La herramienta ssh-vulnkey en Ubuntu Linux 7.04, 7.10 y 8.04 LTS no reconoce líneas authorized_keys que contienen opciones, lo que facilita a atacantes remotos explotar CVE-2008-0166 adivinando una clave que no fue identificada por esta herramienta. • http://www.ubuntu.com/usn/usn-612-5 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2008-0172 – boost regular expression NULL dereference flaw
https://notcve.org/view.php?id=CVE-2008-0172
17 Jan 2008 — The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression. La función get_repeat_type en basic_regex_creator.hpp de la librería de expresiones regulares (también conocido como Boost.Regex) de Boost 1.33 y 1.34 permite a atacantes remotos dependientes de contexto provocar una denegación de servicio (referencia nula y c... • http://bugs.gentoo.org/show_bug.cgi?id=205955 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 57%CPEs: 222EXPL: 1CVE-2007-5365 – Ubuntu 6.06 - DHCPd Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-5365
11 Oct 2007 — Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. Un desbordamiento de búfer en la región stack de la memoria en la función cons_options en el archivo options.c en dhcpd en OpenBSD versiones 4.0 hasta 4.2, y algunas o... • https://www.exploit-db.com/exploits/4601 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •