Export limit exceeded: 364939 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364939 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-12900 7 Bzip, Canonical, Debian and 4 more 9 Bzip2, Ubuntu Linux, Debian Linux and 6 more 2025-06-09 9.8 Critical
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
CVE-2018-6954 3 Canonical, Opensuse, Systemd Project 3 Ubuntu Linux, Leap, Systemd 2025-06-09 7.8 High
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.
CVE-2018-20679 2 Busybox, Canonical 2 Busybox, Ubuntu Linux 2025-06-09 7.5 High
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
CVE-2018-15688 4 Canonical, Debian, Redhat and 1 more 10 Ubuntu Linux, Debian Linux, Enterprise Linux and 7 more 2025-06-09 8.8 High
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
CVE-2018-15687 2 Canonical, Systemd Project 2 Ubuntu Linux, Systemd 2025-06-09 7.0 High
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
CVE-2018-15686 5 Canonical, Debian, Oracle and 2 more 10 Ubuntu Linux, Debian Linux, Communications Cloud Native Core Network Function Cloud Native Environment and 7 more 2025-06-09 7.8 High
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
CVE-2018-1000517 3 Busybox, Canonical, Debian 3 Busybox, Ubuntu Linux, Debian Linux 2025-06-09 8 High
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
CVE-2018-1000500 1 Busybox 1 Busybox 2025-06-09 6.5 Medium
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".
CVE-2018-1000168 4 Debian, Nghttp2, Nodejs and 1 more 4 Debian Linux, Nghttp2, Node.js and 1 more 2025-06-09 7.5 High
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.
CVE-2017-18018 1 Gnu 1 Coreutils 2025-06-09 7.1 High
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
CVE-2017-16544 5 Busybox, Canonical, Debian and 2 more 8 Busybox, Ubuntu Linux, Debian Linux and 5 more 2025-06-09 8.8 High
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
CVE-2017-15874 1 Busybox 1 Busybox 2025-06-09 5 Medium
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
CVE-2017-15873 3 Busybox, Canonical, Debian 3 Busybox, Ubuntu Linux, Debian Linux 2025-06-09 5.5 Medium
The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
CVE-2017-12652 3 Libpng, Netapp, Redhat 3 Libpng, Active Iq Unified Manager, Enterprise Linux 2025-06-09 9.8 Critical
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
CVE-2016-3189 2 Bzip, Python 2 Bzip2, Python 2025-06-09 6.5 Medium
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
CVE-2016-2781 1 Gnu 1 Coreutils 2025-06-09 4.6 Medium
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVE-2015-0973 3 Apple, Libpng, Oracle 3 Mac Os X, Libpng, Solaris 2025-06-09 8.8 High
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
CVE-2014-9495 2 Apple, Libpng 2 Mac Os X, Libpng 2025-06-09 8.8 High
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
CVE-2013-7354 1 Libpng 1 Libpng 2025-06-09 6.5 Medium
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
CVE-2013-7353 1 Libpng 1 Libpng 2025-06-09 6.5 Medium
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.