Search Results (16514 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-43758 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-04-15 8.2 High
Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-12254 2 Python Software Foundation, Redhat 3 Cpython, Enterprise Linux, Rhel Eus 2026-04-15 7.5 High
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.
CVE-2024-24582 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-04-15 7.5 High
Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access.
CVE-2024-28047 1 Redhat 1 Enterprise Linux 2026-04-15 5.3 Medium
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
CVE-2025-25186 1 Redhat 2 Enterprise Linux, Logging 2026-04-15 6.5 Medium
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed `uid-set` data which is automatically read by the client's receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory.
CVE-2024-28127 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-04-15 7.5 High
Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-1094 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-04-15 8.1 High
Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.
CVE-2024-12705 1 Redhat 2 Enterprise Linux, Openshift 2026-04-15 7.5 High
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
CVE-2024-9902 1 Redhat 6 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 3 more 2026-04-15 6.3 Medium
A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.
CVE-2011-10007 1 Redhat 3 Enterprise Linux, Rhel Els, Rhel Eus 2026-04-15 8.8 High
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed. Example: $ mkdir /tmp/poc; echo > "/tmp/poc/|id" $ perl -MFile::Find::Rule \     -E 'File::Find::Rule->grep("foo")->in("/tmp/poc")' uid=1000(user) gid=1000(user) groups=1000(user),100(users)
CVE-2026-26127 4 Apple, Linux, Microsoft and 1 more 8 Macos, Linux Kernel, .net and 5 more 2026-04-14 7.5 High
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.
CVE-2022-3786 4 Fedoraproject, Nodejs, Openssl and 1 more 4 Fedora, Node.js, Openssl and 1 more 2026-04-14 7.5 High
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-3602 5 Fedoraproject, Netapp, Nodejs and 2 more 5 Fedora, Clustered Data Ontap, Node.js and 2 more 2026-04-14 7.5 High
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).
CVE-2020-26147 5 Arista, Debian, Linux and 2 more 15 C-65, C-65 Firmware, C-75 and 12 more 2026-04-14 5.4 Medium
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-26145 3 Redhat, Samsung, Siemens 27 Enterprise Linux, Galaxy I9305, Galaxy I9305 Firmware and 24 more 2026-04-14 6.5 Medium
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26144 4 Arista, Redhat, Samsung and 1 more 37 C-100, C-100 Firmware, C-110 and 34 more 2026-04-14 6.5 Medium
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26143 4 Alfa, Arista, Redhat and 1 more 13 Awus036h, Awus036h Firmware, C-65 and 10 more 2026-04-14 6.5 Medium
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141 4 Alfa, Cisco, Redhat and 1 more 191 Awus036h, Awus036h Firmware, Ip Conference Phone 8832 and 188 more 2026-04-14 6.5 Medium
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26140 6 Alfa, Arista, Cisco and 3 more 389 Awus036h, Awus036h Firmware, C-100 and 386 more 2026-04-14 6.5 Medium
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26139 6 Arista, Cisco, Debian and 3 more 331 C-100, C-100 Firmware, C-110 and 328 more 2026-04-14 5.3 Medium
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.