Search Results (2839 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1070 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
CVE-2005-0736 3 Conectiva, Linux, Redhat 5 Linux, Linux Kernel, Enterprise Linux and 2 more 2026-04-16 N/A
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2005-0085 4 Htdig, Mandrakesoft, Redhat and 1 more 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2026-04-16 N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2005-0750 5 Conectiva, Linux, Redhat and 2 more 8 Linux, Linux Kernel, Enterprise Linux and 5 more 2026-04-16 N/A
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2006-0745 5 Mandrakesoft, Redhat, Sun and 2 more 6 Mandrake Linux, Fedora Core, Solaris and 3 more 2026-04-16 N/A
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
CVE-2019-5482 7 Debian, Fedoraproject, Haxx and 4 more 24 Debian Linux, Fedora, Curl and 21 more 2026-04-15 9.8 Critical
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-5436 8 Debian, F5, Fedoraproject and 5 more 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more 2026-04-15 7.8 High
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
CVE-2022-3786 4 Fedoraproject, Nodejs, Openssl and 1 more 4 Fedora, Node.js, Openssl and 1 more 2026-04-14 7.5 High
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-3602 5 Fedoraproject, Netapp, Nodejs and 2 more 5 Fedora, Clustered Data Ontap, Node.js and 2 more 2026-04-14 7.5 High
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).
CVE-2020-11022 9 Debian, Drupal, Fedoraproject and 6 more 88 Debian Linux, Drupal, Fedora and 85 more 2026-04-13 6.9 Medium
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2026-35093 3 Fedoraproject, Freedesktop, Redhat 3 Fedora, Libinput, Enterprise Linux 2026-04-08 8.8 High
A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same permissions as the program using libinput, such as a graphical compositor. This could lead to the attacker monitoring keyboard input and sending that information to an external location.
CVE-2026-35094 3 Fedoraproject, Freedesktop, Redhat 3 Fedora, Libinput, Enterprise Linux 2026-04-08 3.3 Low
A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could potentially expose sensitive data if the memory location is re-used, leading to information disclosure. For this exploit to work, Lua plugins must be enabled in libinput and loaded by the compositor.
CVE-2022-45063 3 Fedoraproject, Invisible-island, Redhat 3 Fedora, Xterm, Enterprise Linux 2026-04-08 9.8 Critical
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
CVE-2024-27834 5 Apple, Fedoraproject, Redhat and 2 more 12 Ipad Os, Ipados, Iphone Os and 9 more 2026-04-02 8.1 High
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
CVE-2024-23284 5 Apple, Fedoraproject, Redhat and 2 more 12 Ipados, Iphone Os, Macos and 9 more 2026-04-02 6.5 Medium
A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2024-23280 5 Apple, Fedoraproject, Redhat and 2 more 13 Ios, Ipad Os, Ipados and 10 more 2026-04-02 7.5 High
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.
CVE-2024-23263 5 Apple, Fedoraproject, Redhat and 2 more 13 Ipad Os, Ipados, Iphone Os and 10 more 2026-04-02 8.1 High
A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2024-23254 5 Apple, Fedoraproject, Redhat and 2 more 12 Ipad Os, Iphone Os, Macos and 9 more 2026-04-02 6.5 Medium
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.