Export limit exceeded: 336904 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 336904 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 336904 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336904 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000517 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 8 High |
| BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e. | ||||
| CVE-2018-1000500 | 1 Busybox | 1 Busybox | 2025-06-09 | 6.5 Medium |
| Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file". | ||||
| CVE-2018-1000168 | 4 Debian, Nghttp2, Nodejs and 1 more | 4 Debian Linux, Nghttp2, Node.js and 1 more | 2025-06-09 | 7.5 High |
| nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1. | ||||
| CVE-2017-18018 | 1 Gnu | 1 Coreutils | 2025-06-09 | 7.1 High |
| In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. | ||||
| CVE-2017-16544 | 5 Busybox, Canonical, Debian and 2 more | 8 Busybox, Ubuntu Linux, Debian Linux and 5 more | 2025-06-09 | 8.8 High |
| In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | ||||
| CVE-2017-15874 | 1 Busybox | 1 Busybox | 2025-06-09 | 5 Medium |
| archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. | ||||
| CVE-2017-15873 | 3 Busybox, Canonical, Debian | 3 Busybox, Ubuntu Linux, Debian Linux | 2025-06-09 | 5.5 Medium |
| The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | ||||
| CVE-2017-12652 | 3 Libpng, Netapp, Redhat | 3 Libpng, Active Iq Unified Manager, Enterprise Linux | 2025-06-09 | 9.8 Critical |
| libpng before 1.6.32 does not properly check the length of chunks against the user limit. | ||||
| CVE-2016-3189 | 2 Bzip, Python | 2 Bzip2, Python | 2025-06-09 | 6.5 Medium |
| Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block. | ||||
| CVE-2016-2781 | 1 Gnu | 1 Coreutils | 2025-06-09 | 4.6 Medium |
| chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | ||||
| CVE-2015-0973 | 3 Apple, Libpng, Oracle | 3 Mac Os X, Libpng, Solaris | 2025-06-09 | 8.8 High |
| Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495. | ||||
| CVE-2014-9495 | 2 Apple, Libpng | 2 Mac Os X, Libpng | 2025-06-09 | 8.8 High |
| Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. | ||||
| CVE-2013-7354 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. | ||||
| CVE-2013-7353 | 1 Libpng | 1 Libpng | 2025-06-09 | 6.5 Medium |
| Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. | ||||
| CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2025-06-09 | 5 Medium |
| systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | ||||
| CVE-2011-3045 | 6 Debian, Fedoraproject, Google and 3 more | 13 Debian Linux, Fedora, Chrome and 10 more | 2025-06-09 | 8.8 High |
| Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||||
| CVE-2020-1712 | 3 Debian, Redhat, Systemd Project | 8 Debian Linux, Ceph Storage, Discovery and 5 more | 2025-06-09 | 7.8 High |
| A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages. | ||||
| CVE-2018-16864 | 5 Canonical, Debian, Oracle and 2 more | 16 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 13 more | 2025-06-09 | 7.8 High |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | ||||
| CVE-2018-16865 | 5 Canonical, Debian, Oracle and 2 more | 16 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 13 more | 2025-06-09 | 7.8 High |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | ||||
| CVE-2019-3843 | 5 Canonical, Fedoraproject, Netapp and 2 more | 9 Ubuntu Linux, Fedora, Cn1610 and 6 more | 2025-06-09 | 7.8 High |
| It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled. | ||||