Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-0730

Summary
Assigner-canonical
Assigner Org ID-cc1ad9ee-3454-478d-9317-d3e869d708bc
Published At-02 Jun, 2011 | 19:00
Updated At-06 Aug, 2024 | 22:05
Rejected At-
Credits

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signature Element Wrapping" or a "SOAP signature replay" issue.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:canonical
Assigner Org ID:cc1ad9ee-3454-478d-9317-d3e869d708bc
Published At:02 Jun, 2011 | 19:00
Updated At:06 Aug, 2024 | 22:05
Rejected At:
▼CVE Numbering Authority (CNA)

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signature Element Wrapping" or a "SOAP signature replay" issue.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://open.eucalyptus.com/wiki/esa-02
x_refsource_CONFIRM
http://secunia.com/advisories/44705
third-party-advisory
x_refsource_SECUNIA
http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
vdb-entry
x_refsource_XF
http://www.ubuntu.com/usn/USN-1137-1
vendor-advisory
x_refsource_UBUNTU
https://bugs.launchpad.net/bugs/746101
x_refsource_CONFIRM
http://www.securityfocus.com/bid/48000
vdb-entry
x_refsource_BID
https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
x_refsource_CONFIRM
Hyperlink: http://open.eucalyptus.com/wiki/esa-02
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/44705
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.ubuntu.com/usn/USN-1137-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://bugs.launchpad.net/bugs/746101
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/48000
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://open.eucalyptus.com/wiki/esa-02
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/44705
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
vdb-entry
x_refsource_XF
x_transferred
http://www.ubuntu.com/usn/USN-1137-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://bugs.launchpad.net/bugs/746101
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/48000
vdb-entry
x_refsource_BID
x_transferred
https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
x_refsource_CONFIRM
x_transferred
Hyperlink: http://open.eucalyptus.com/wiki/esa-02
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/44705
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1137-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://bugs.launchpad.net/bugs/746101
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/48000
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@ubuntu.com
Published At:02 Jun, 2011 | 19:55
Updated At:29 Apr, 2026 | 01:13

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signature Element Wrapping" or a "SOAP signature replay" issue.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.5
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches

eucalyptus
eucalyptus
>>eucalyptus>>Versions before 2.0.2(exclusive)
cpe:2.3:a:eucalyptus:eucalyptus:*:*:*:*:enterprise:*:*:*
eucalyptus
eucalyptus
>>eucalyptus>>Versions before 2.0.3(exclusive)
cpe:2.3:a:eucalyptus:eucalyptus:*:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>10.10
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>11.04
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gzsecurity@ubuntu.com
Patch
Third Party Advisory
http://open.eucalyptus.com/wiki/esa-02security@ubuntu.com
Vendor Advisory
http://secunia.com/advisories/44705security@ubuntu.com
Third Party Advisory
http://www.securityfocus.com/bid/48000security@ubuntu.com
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1137-1security@ubuntu.com
Third Party Advisory
https://bugs.launchpad.net/bugs/746101security@ubuntu.com
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/67670security@ubuntu.com
Third Party Advisory
VDB Entry
https://launchpad.net/ubuntu/+source/eucalyptus/+changelogsecurity@ubuntu.com
Patch
Third Party Advisory
http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gzaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
http://open.eucalyptus.com/wiki/esa-02af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/44705af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/48000af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1137-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugs.launchpad.net/bugs/746101af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/67670af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://launchpad.net/ubuntu/+source/eucalyptus/+changelogaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
Hyperlink: http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
Source: security@ubuntu.com
Resource:
Patch
Third Party Advisory
Hyperlink: http://open.eucalyptus.com/wiki/esa-02
Source: security@ubuntu.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/44705
Source: security@ubuntu.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/48000
Source: security@ubuntu.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1137-1
Source: security@ubuntu.com
Resource:
Third Party Advisory
Hyperlink: https://bugs.launchpad.net/bugs/746101
Source: security@ubuntu.com
Resource:
Third Party Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
Source: security@ubuntu.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
Source: security@ubuntu.com
Resource:
Patch
Third Party Advisory
Hyperlink: http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: http://open.eucalyptus.com/wiki/esa-02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/44705
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/48000
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-1137-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bugs.launchpad.net/bugs/746101
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

542Records found

CVE-2018-1058
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-14.14% / 96.13%
||
7 Day CHG~0.00%
Published-02 Mar, 2018 | 15:00
Updated-17 Sep, 2024 | 03:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

Action-Not Available
Vendor-Canonical Ltd.The PostgreSQL Global Development GroupRed Hat, Inc.
Product-ubuntu_linuxcloudformspostgresqlpostgresql
CWE ID-CWE-20
Improper Input Validation
CVE-2018-10858
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-4.30% / 89.95%
||
7 Day CHG~0.00%
Published-22 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.

Action-Not Available
Vendor-Canonical Ltd.Debian GNU/LinuxSambaRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxvirtualizationdebian_linuxsambaenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopsamba
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10873
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-8.3||HIGH
EPSS-3.93% / 89.11%
||
7 Day CHG~0.00%
Published-17 Aug, 2018 | 12:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.

Action-Not Available
Vendor-spice_project[UNKNOWN]Canonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxvirtualizationdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationvirtualization_hostspiceenterprise_linux_server_tusenterprise_linux_desktopspice:
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1899
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-54.31% / 98.89%
||
7 Day CHG~0.00%
Published-04 Apr, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a "-" (hyphen).

Action-Not Available
Vendor-n/aCanonical Ltd.The PostgreSQL Global Development Group
Product-postgresqlubuntu_linuxn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-0208
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-2.50% / 82.80%
||
7 Day CHG~0.00%
Published-13 Feb, 2013 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.

Action-Not Available
Vendor-n/aOpenStackCanonical Ltd.
Product-folsomubuntu_linuxessexn/a
CVE-2012-5612
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-20.84% / 97.24%
||
7 Day CHG~0.00%
Published-03 Dec, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationSUSE
Product-ubuntu_linuxlinux_enterprise_desktopmariadbmysqllinux_enterprise_serverlinux_enterprise_software_development_kitn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-4064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.15% / 63.04%
||
7 Day CHG~0.00%
Published-01 Oct, 2012 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id.

Action-Not Available
Vendor-eucalyptusn/a
Product-eucalyptusn/a
CVE-2020-14697
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-2.04% / 78.74%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 17:34
Updated-26 Sep, 2024 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenteractive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2020-12689
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.56% / 72.25%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 23:43
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenStack
Product-ubuntu_linuxkeystonen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-1057
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-10.31% / 95.14%
||
7 Day CHG~0.00%
Published-13 Mar, 2018 | 16:00
Updated-05 Aug, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers).

Action-Not Available
Vendor-Canonical Ltd.Debian GNU/LinuxSamba
Product-ubuntu_linuxdebian_linuxsambaSamba
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-10192
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-26.05% / 97.73%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 18:30
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.

Action-Not Available
Vendor-Oracle CorporationDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.Redis Inc.
Product-ubuntu_linuxcommunications_operations_monitordebian_linuxsoftware_collectionsenterprise_linux_server_ausopenstackenterprise_linuxredisenterprise_linux_eusenterprise_linux_server_tusredis
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10193
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-23.70% / 97.54%
||
7 Day CHG~0.00%
Published-11 Jul, 2019 | 18:30
Updated-04 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

Action-Not Available
Vendor-Oracle CorporationDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.Redis Inc.
Product-ubuntu_linuxcommunications_operations_monitordebian_linuxenterprise_linux_server_ausopenstackenterprise_linuxredisenterprise_linux_eusenterprise_linux_server_tusredis
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1000805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.41% / 90.15%
||
7 Day CHG~0.00%
Published-08 Oct, 2018 | 15:00
Updated-05 Aug, 2024 | 12:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

Action-Not Available
Vendor-paramikon/aCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationvirtualization_hostparamikoenterprise_linux_server_tusenterprise_linux_desktopansible_towern/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2016-0714
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-13.08% / 95.87%
||
7 Day CHG~0.00%
Published-25 Feb, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationDebian GNU/Linux
Product-tomcatdebian_linuxubuntu_linuxn/a
CVE-2016-8520
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-1.38% / 68.84%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 23:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.

Action-Not Available
Vendor-eucalyptusHewlett Packard Enterprise (HPE)
Product-eucalyptusHelion Eucalyptus
CWE ID-CWE-275
Not Available
CVE-2016-8528
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-8.8||HIGH
EPSS-2.83% / 84.90%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 22:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.

Action-Not Available
Vendor-eucalyptusHewlett Packard Enterprise (HPE)
Product-eucalyptusHelion Eucalyptus
CWE ID-CWE-264
Not Available
CVE-2016-0763
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.3||MEDIUM
EPSS-11.30% / 95.44%
||
7 Day CHG~0.00%
Published-25 Feb, 2016 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationDebian GNU/Linux
Product-tomcatdebian_linuxubuntu_linuxn/a
CVE-2015-0258
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-3.78% / 88.64%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 17:46
Updated-06 Aug, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

Action-Not Available
Vendor-o-dynn/aCanonical Ltd.Debian GNU/Linux
Product-collabtivedebian_linuxubuntu_linuxCollabtive
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2015-2617
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-3.09% / 86.10%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle Corporation
Product-mysqlubuntu_linuxn/a
CVE-2013-4222
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.89% / 77.07%
||
7 Day CHG~0.00%
Published-30 Sep, 2013 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenStackRed Hat, Inc.Fedora Project
Product-openstackubuntu_linuxkeystonefedoran/a
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2017-8386
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-12.39% / 95.71%
||
7 Day CHG+0.65%
Published-01 Jun, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Action-Not Available
Vendor-gitn/aCanonical Ltd.openSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxleapfedoragit-shelln/a
CVE-2020-9402
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-22.51% / 97.42%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 14:49
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.DjangoNetApp, Inc.Fedora Project
Product-ubuntu_linuxdebian_linuxfedoradjangosteelstore_cloud_integrated_storagen/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-25722
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.58% / 72.54%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 00:00
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxSambaFedora Project
Product-ubuntu_linuxdebian_linuxfedorasambasamba
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-14678
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-2.04% / 78.74%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 17:34
Updated-27 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenteractive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2020-14355
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.6||MEDIUM
EPSS-2.66% / 83.82%
||
7 Day CHG+0.11%
Published-07 Oct, 2020 | 14:41
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.

Action-Not Available
Vendor-spice_projectn/aCanonical Ltd.Red Hat, Inc.openSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxopenstackspiceenterprise_linuxenterprise_linux_ausenterprise_linux_eusenterprise_linux_update_services_for_sap_solutionsenterprise_linux_tusleapspice
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-14663
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-2.12% / 79.61%
||
7 Day CHG~0.00%
Published-15 Jul, 2020 | 17:34
Updated-27 Sep, 2024 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenteractive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2020-12691
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.92% / 91.05%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 23:43
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenStack
Product-ubuntu_linuxkeystonen/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-13398
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.3||HIGH
EPSS-2.39% / 81.93%
||
7 Day CHG~0.00%
Published-22 May, 2020 | 00:00
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEFreeRDPDebian GNU/Linux
Product-freerdpubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11100
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-60.73% / 99.04%
||
7 Day CHG~0.00%
Published-02 Apr, 2020 | 14:23
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

Action-Not Available
Vendor-haproxyn/aDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.openSUSEFedora Project
Product-ubuntu_linuxdebian_linuxopenshift_container_platformfedorahaproxyleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-16544
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-6.24% / 92.69%
||
7 Day CHG~0.00%
Published-20 Nov, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Action-Not Available
Vendor-busyboxredlionn/aCanonical Ltd.Debian GNU/LinuxVMware (Broadcom Inc.)
Product-debian_linuxubuntu_linuxn-tron_702m12-wn-tron_702-w_firmwareesxin-tron_702m12-w_firmwaren-tron_702-wbusyboxn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-1874
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.60% / 44.38%
||
7 Day CHG~0.00%
Published-28 Feb, 2014 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, IncSUSE
Product-linux_enterprise_serverubuntu_linuxlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2241
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.57% / 72.39%
||
7 Day CHG~0.00%
Published-18 Mar, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.

Action-Not Available
Vendor-freetypen/aCanonical Ltd.
Product-ubuntu_linuxfreetypen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-1426
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-8.6||HIGH
EPSS-1.41% / 69.35%
||
7 Day CHG~0.00%
Published-22 Apr, 2019 | 15:35
Updated-16 Sep, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
get_file_by_name does not check owner

A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.

Action-Not Available
Vendor-Canonical Ltd.Ubuntu
Product-metal_as_a_servicemaas
CWE ID-CWE-20
Improper Input Validation
CVE-2007-1349
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-10.11% / 95.08%
||
7 Day CHG~0.00%
Published-30 Mar, 2007 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationRed Hat, Inc.
Product-ubuntu_linuxsatelliteenterprise_linux_workstationenterprise_linux_serverenterprise_linux_desktopmod_perlenterprise_linux_eusn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-0476
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-3.7||LOW
EPSS-3.83% / 88.80%
||
7 Day CHG~0.00%
Published-25 Oct, 2014 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.

Action-Not Available
Vendor-chkrootkitn/aCanonical Ltd.
Product-chkrootkitubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6422
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-2.76% / 84.48%
||
7 Day CHG~0.00%
Published-23 Dec, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

Action-Not Available
Vendor-n/aCanonical Ltd.CURLDebian GNU/Linux
Product-debian_linuxubuntu_linuxlibcurln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-7327
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.68% / 84.00%
||
7 Day CHG~0.00%
Published-18 Feb, 2014 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.

Action-Not Available
Vendor-n/aThe PHP GroupCanonical Ltd.
Product-ubuntu_linuxphpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4474
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-10.48% / 95.20%
||
7 Day CHG~0.00%
Published-23 Nov, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial of service (crash) via format string specifiers in a destination filename.

Action-Not Available
Vendor-n/afreedesktop.orgCanonical Ltd.
Product-ubuntu_linuxpopplern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4402
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-5.03% / 91.22%
||
7 Day CHG~0.00%
Published-28 Oct, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.

Action-Not Available
Vendor-gnupgn/aCanonical Ltd.
Product-ubuntu_linuxgnupgn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4544
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.9||MEDIUM
EPSS-0.72% / 49.33%
||
7 Day CHG~0.00%
Published-08 May, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers or (3) interrupt indices. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMU
Product-ubuntu_linuxqemun/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4248
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.59% / 88.01%
||
7 Day CHG~0.00%
Published-18 Aug, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.The PHP Group
Product-ubuntu_linuxphpenterprise_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1943
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.45% / 35.98%
||
7 Day CHG~0.00%
Published-16 Jul, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, Inc
Product-enterprise_linuxubuntu_linuxlinux_kernelenterprise_linux_eusn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2145
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.56% / 42.35%
||
7 Day CHG~0.00%
Published-19 Aug, 2013 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.

Action-Not Available
Vendor-perlmonksn/aCanonical Ltd.openSUSE
Product-ubuntu_linuxmodule\opensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2038
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-4.15% / 89.62%
||
7 Day CHG~0.00%
Published-06 Feb, 2014 | 16:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpreted sentence that lacks certain fields and a terminator. NOTE: a separate issue in the AIS driver was also reported, but it might not be a vulnerability.

Action-Not Available
Vendor-gpsd_projectn/aCanonical Ltd.
Product-gpsdubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1057
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.59% / 43.72%
||
7 Day CHG~0.00%
Published-15 Nov, 2013 | 18:16
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.

Action-Not Available
Vendor-n/aCanonical Ltd.
Product-maasubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0757
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.3||HIGH
EPSS-60.86% / 99.04%
||
7 Day CHG~0.00%
Published-13 Jan, 2013 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSEMozilla Corporation
Product-thunderbirdfirefoxubuntu_linuxseamonkeylinux_enterprise_desktopthunderbird_esrlinux_enterprise_serverlinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1051
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-4.3||MEDIUM
EPSS-1.34% / 67.93%
||
7 Day CHG~0.00%
Published-21 Mar, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/Linux
Product-aptubuntu_linuxadvanced_package_tooln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-0747
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.19% / 80.23%
||
7 Day CHG~0.00%
Published-13 Jan, 2013 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly enforce the Same Origin Policy, which allows remote attackers to conduct clickjacking attacks via crafted JavaScript code that listens for a mutation event.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSEMozilla Corporation
Product-thunderbirdfirefoxubuntu_linuxseamonkeylinux_enterprise_desktopthunderbird_esrlinux_enterprise_serverlinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-5688
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-10.90% / 95.33%
||
7 Day CHG~0.00%
Published-06 Dec, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Action-Not Available
Vendor-n/aCanonical Ltd.Internet Systems Consortium, Inc.
Product-ubuntu_linuxbindn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-6656
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-3.44% / 87.52%
||
7 Day CHG~0.00%
Published-05 Dec, 2014 | 16:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.

Action-Not Available
Vendor-n/aCanonical Ltd.GNUDebian GNU/Linux
Product-glibcdebian_linuxubuntu_linuxn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found