Search Results (1772 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-0966 2 Libssh, Redhat 6 Libssh, Enterprise Linux, Hardened Images and 3 more 2026-05-19 8.2 High
A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_PACKET (3)` or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process.
CVE-2026-0964 2 Libssh, Redhat 6 Libssh, Enterprise Linux, Hardened Images and 3 more 2026-05-19 6.3 Medium
A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111.
CVE-2019-11840 3 Debian, Golang, Redhat 3 Debian Linux, Crypto, Openshift 2026-05-18 5.9 Medium
An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can lead to loss of confidentiality in encryption applications, or to predictability in CSPRNG applications.
CVE-2026-4948 2 Firewalld, Redhat 5 Firewalld, Enterprise Linux, Firewalld and 2 more 2026-05-15 5.5 Medium
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations.
CVE-2026-6732 2 Redhat, Xmlsoft 8 Enterprise Linux, Hardened Images, Hummingbird and 5 more 2026-05-15 6.5 Medium
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.
CVE-2026-6862 2 Redhat, Ubuntu 4 Enterprise Linux, Openshift, Openshift Container Platform and 1 more 2026-05-13 5.5 Medium
A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmware Interface) device path node header. A local user could exploit this vulnerability by providing a specially crafted device path node. This can lead to infinite recursion, causing stack exhaustion and a process crash, resulting in a denial of service (DoS).
CVE-2024-50302 5 Debian, Google, Linux and 2 more 42 Debian Linux, Android, Linux Kernel and 39 more 2026-05-12 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
CVE-2023-44487 33 Akka, Amazon, Apache and 30 more 378 Http Server, Opensearch Data Prepper, Apisix and 375 more 2026-05-12 7.5 High
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2025-26465 4 Debian, Netapp, Openbsd and 1 more 9 Debian Linux, Active Iq Unified Manager, Ontap and 6 more 2026-05-12 6.8 Medium
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
CVE-2025-22871 1 Redhat 13 Acm, Ansible Automation Platform, Cryostat and 10 more 2026-05-12 9.1 Critical
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
CVE-2024-6387 13 Almalinux, Amazon, Apple and 10 more 85 Almalinux, Amazon Linux, Macos and 82 more 2026-05-12 8.1 High
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
CVE-2024-6119 3 Netapp, Openssl, Redhat 34 500f, 500f Firmware, A250 and 31 more 2026-05-12 7.5 High
Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
CVE-2024-45492 3 Libexpat, Libexpat Project, Redhat 5 Expat, Libexpat, Enterprise Linux and 2 more 2026-05-12 7.3 High
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
CVE-2024-45491 3 Libexpat, Libexpat Project, Redhat 5 Expat, Libexpat, Enterprise Linux and 2 more 2026-05-12 7.3 High
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
CVE-2024-45490 2 Libexpat Project, Redhat 5 Libexpat, Enterprise Linux, Jboss Core Services and 2 more 2026-05-12 9.8 Critical
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
CVE-2024-3596 5 Broadcom, Freeradius, Ietf and 2 more 12 Brocade Sannav, Fabric Operating System, Freeradius and 9 more 2026-05-12 9 Critical
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
CVE-2024-2961 4 Debian, Gnu, Netapp and 1 more 29 Debian Linux, Glibc, Active Iq Unified Manager and 26 more 2026-05-12 7.3 High
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
CVE-2024-12243 1 Redhat 5 Discovery, Enterprise Linux, Openshift and 2 more 2026-05-12 5.3 Medium
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
CVE-2023-51385 3 Debian, Openbsd, Redhat 5 Debian Linux, Openssh, Enterprise Linux and 2 more 2026-05-12 6.5 Medium
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
CVE-2023-5363 4 Debian, Netapp, Openssl and 1 more 16 Debian Linux, H300s, H300s Firmware and 13 more 2026-05-12 7.5 High
Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.