ByteOS Network

Vulnerability Details :

CVE-2022-23806

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-11 Feb, 2022 | 00:00

Updated At-03 Aug, 2024 | 03:51

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:11 Feb, 2022 | 00:00

Updated At:03 Aug, 2024 | 03:51

▼CVE Numbering Authority (CNA)

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html	mailing-list
https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html	mailing-list
https://www.oracle.com/security-alerts/cpujul2022.html	N/A
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ	N/A
https://security.netapp.com/advisory/ntap-20220225-0006/	N/A
https://security.gentoo.org/glsa/202208-02	vendor-advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html	mailing-list

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html

Resource:

mailing-list

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html

Resource:

mailing-list

Hyperlink: https://www.oracle.com/security-alerts/cpujul2022.html

Resource: N/A

Hyperlink: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ

Resource: N/A

Hyperlink: https://security.netapp.com/advisory/ntap-20220225-0006/

Resource: N/A

Hyperlink: https://security.gentoo.org/glsa/202208-02

Resource:

vendor-advisory

Hyperlink: https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html

Resource:

mailing-list

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html	mailing-list x_transferred
https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html	mailing-list x_transferred
https://www.oracle.com/security-alerts/cpujul2022.html	x_transferred
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ	x_transferred
https://security.netapp.com/advisory/ntap-20220225-0006/	x_transferred
https://security.gentoo.org/glsa/202208-02	vendor-advisory x_transferred
https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html	mailing-list x_transferred

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html

Resource:

mailing-list

x_transferred

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html

Resource:

mailing-list

x_transferred

Hyperlink: https://www.oracle.com/security-alerts/cpujul2022.html

Resource:

x_transferred

Hyperlink: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ

Resource:

x_transferred

Hyperlink: https://security.netapp.com/advisory/ntap-20220225-0006/

Resource:

x_transferred

Hyperlink: https://security.gentoo.org/glsa/202208-02

Resource:

vendor-advisory

x_transferred

Hyperlink: https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html

Resource:

mailing-list

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:11 Feb, 2022 | 01:15

Updated At:20 Apr, 2023 | 00:15

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Primary	2.0	6.4	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:P

Type: Primary

Version: 3.1

Base score: 9.1

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Type: Primary

Version: 2.0

Base score: 6.4

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:N/I:P/A:P

CPE Matches

>>go>>Versions before 1.16.14(exclusive)

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*

>>go>>Versions from 1.17.0(inclusive) to 1.17.7(exclusive)

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*

NetApp, Inc.

>>beegfs_csi_driver>>-

cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*

NetApp, Inc.

>>cloud_insights_telegraf_agent>>-

cpe:2.3:a:netapp:cloud_insights_telegraf_agent:-:*:*:*:*:*:*:*

NetApp, Inc.

>>kubernetes_monitoring_operator>>-

cpe:2.3:a:netapp:kubernetes_monitoring_operator:-:*:*:*:*:*:*:*

NetApp, Inc.

>>storagegrid>>-

cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>9.0

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-252	Primary	nvd@nist.gov

CWE ID: CWE-252

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ	cve@mitre.org	Release Notes Vendor Advisory
https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html	cve@mitre.org	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html	cve@mitre.org	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html	cve@mitre.org	N/A
https://security.gentoo.org/glsa/202208-02	cve@mitre.org	Third Party Advisory
https://security.netapp.com/advisory/ntap-20220225-0006/	cve@mitre.org	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	cve@mitre.org	Third Party Advisory

Hyperlink: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ

Source: cve@mitre.org

Resource:

Release Notes

Vendor Advisory

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html

Source: cve@mitre.org

Resource:

Mailing List

Third Party Advisory

Hyperlink: https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://security.gentoo.org/glsa/202208-02

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: https://security.netapp.com/advisory/ntap-20220225-0006/

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: https://www.oracle.com/security-alerts/cpujul2022.html

Source: cve@mitre.org

Resource:

Third Party Advisory

Similar CVEs

59Records found

CVE-2018-14622

Matching Score-6

Assigner-Red Hat, Inc.

View Details

Matching Score-6

Assigner-Red Hat, Inc.

CVSS Score-5.3||MEDIUM

EPSS-2.65% / 85.17%

7 Day CHG~0.00%

Published-30 Aug, 2018 | 13:00

Updated-05 Aug, 2024 | 09:29

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.

Vendor-libtirpc_project [UNKNOWN]Canonical Ltd.Red Hat, Inc.Debian GNU/Linux

Product-ubuntu_linux libtirpc debian_linux enterprise_linux_server_eus enterprise_linux_server_aus enterprise_linux_workstation enterprise_linux enterprise_linux_desktop libtirpc

CWE ID-CWE-252

Unchecked Return Value

CVE-2022-0907

Matching Score-6

Assigner-GitLab Inc.

View Details

Matching Score-6

Assigner-GitLab Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.07% / 21.36%

7 Day CHG~0.00%

Published-11 Mar, 2022 | 00:00

Updated-02 Aug, 2024 | 23:47

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

Vendor-NetApp, Inc.LibTIFF Fedora Project Debian GNU/Linux

Product-ontap_select_deploy_administration_utility libtiff debian_linux fedora libtiff

CWE ID-CWE-252

Unchecked Return Value

CVE-2021-3998

Matching Score-6

Assigner-Red Hat, Inc.

View Details

Matching Score-6

Assigner-Red Hat, Inc.

CVSS Score-7.5||HIGH

EPSS-0.10% / 28.00%

7 Day CHG~0.00%

Published-24 Aug, 2022 | 00:00

Updated-09 Jun, 2025 | 15:15

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

Vendor-n/a GNU NetApp, Inc.

Product-h700s h300s h410s_firmware h410c_firmware h300s_firmware h700s_firmware h410c h500s h500s_firmware glibc ontap_select_deploy_administration_utility h410s glibc

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-252

Unchecked Return Value

CVE-2017-6964

Matching Score-6

Assigner-MITRE Corporation

View Details

Matching Score-6

Assigner-MITRE Corporation

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.74%

7 Day CHG~0.00%

Published-28 Mar, 2017 | 01:00

Updated-20 Apr, 2025 | 01:37

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.

Vendor-n/a Debian GNU/Linux Canonical Ltd.

Product-ubuntu_linux debian_linux n/a

CWE ID-CWE-252

Unchecked Return Value

CVE-2021-3911

Matching Score-6

Assigner-Cloudflare, Inc.

View Details

Matching Score-6

Assigner-Cloudflare, Inc.

CVSS Score-4.2||MEDIUM

EPSS-0.56% / 67.10%

7 Day CHG~0.00%

Published-11 Nov, 2021 | 21:45

Updated-16 Sep, 2024 | 22:31

Misconfigured IP address field in ROA leads to OctoRPKI crash

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.

Vendor-Debian GNU/Linux Cloudflare, Inc.

Product-octorpki debian_linux octorpki

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-252

Unchecked Return Value

CVE-2021-38114

Matching Score-6

Assigner-MITRE Corporation

View Details

Matching Score-6

Assigner-MITRE Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.11% / 30.76%

7 Day CHG~0.00%

Published-04 Aug, 2021 | 20:15

Updated-04 Aug, 2024 | 01:30

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

Vendor-n/a Debian GNU/Linux FFmpeg

Product-ffmpeg debian_linux n/a

CWE ID-CWE-252

Unchecked Return Value

CVE-2021-0107

Matching Score-6

Assigner-Intel Corporation

View Details

Matching Score-6

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.16% / 36.92%

7 Day CHG~0.00%

Published-09 Feb, 2022 | 22:04

Updated-05 May, 2025 | 17:16

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-n/a NetApp, Inc.Intel Corporation

Product-core_i7-6870hq xeon_e-2286g atom_c3950 core_i3-9100e core_i3-10100 xeon_silver_4109t core_i3-7300 core_i5-1038ng7 core_i5-11400 core_i9-7900x core_i7-10510y xeon_d-1548 xeon_bronze_3106 xeon_platinum_8260y xeon_d-1633n xeon_d-1653n xeon_platinum_8153 xeon_e-2246g core_i5-6350hq core_i9-9960x core_i3-6300t xeon_e-2374g xeon_gold_5218t xeon_w-2123 core_i5-11260h xeon_e-2236 xeon_gold_5218n xeon_w-1270e xeon_d-1531 core_i5-6500t core_i5-7500 core_i5-6260u xeon_e-2278ge core_i5-7440hq xeon_platinum_8156 core_i7-8709g atom_c3758 xeon_d-2177nt xeon_gold_6142f xeon_silver_4214y core_i9-11900kf xeon_w-10855m xeon_gold_6230t xeon_silver_4210r xeon_w-1270 xeon_w-3235 core_i9-10900t xeon_e-2126g core_i5-8200y core_i7-10700te core_i9-10900k xeon_gold_5220r core_i5-8260u core_i5-11400f xeon_w-11955m core_i5-10400t xeon_w-1290e core_i7-1185g7 core_i7-9700kf core_i9-10900x xeon_platinum_9221 xeon_d-2142it core_m7-6y75 xeon_w-3335 core_i9-11900k core_i5-10500h xeon_w-11555mre core_i5-10600kf xeon_e-2146g core_i3-1005g1 core_i7-1068ng7 xeon_silver_4112 xeon_gold_6140 xeon_d-1637 core_i5-9400f core_i3-10100e core_i7-6800k core_i7-7560u atom_c3538 core_i7-9700t xeon_gold_5120 xeon_gold_6238 core_i5-11600kf core_i5-7600t core_i7-4820k xeon_d-1602 core_i5-8365u atom_c3508 xeon_w-2245 core_i5-9600kf xeon_d-2145nt xeon_platinum_8256 xeon_gold_6130f xeon_e-2276m xeon_e-2224g core_i5-8269u xeon_d-2163it core_i3-1120g4 core_i7-3930k core_i5-11400h core_i9-11900h xeon_d-1623n core_i7-1185g7e core_i7-10810u core_i3-10300t xeon_d-1521 core_i3-8100 core_i3-8145ue core_i5-1130g7 core_i9-11900 core_i5-6585r core_i5-9600k xeon_gold_6144 core_i5-8265u core_i7-10700t core_i9-9900kf core_i3-7100 core_m5-6y54 core_i5-6300hq xeon_gold_5118 core_i5-1145g7 core_i5-9300h core_i5-10500e core_i7-10750h core_i9-10850k xeon_silver_4114t core_i5-8500b xeon_d-2143it xeon_silver_4209t xeon_e-2226ge xeon_gold_6212u core_i5-6600 core_i3-8100h core_i7-8706g core_i3-6300 core_i9-11900f xeon_silver_4215 xeon_gold_6230n core_i9-10920x core_i9-11950h atom_c3750 xeon_gold_6138p core_i7-1195g7 core_i5-10310u core_i9-10885h core_i7-8557u core_i5-7440eq core_i3-6320 xeon_e-2386g core_i7-1165g7 core_m3-7y32 core_i7-11850he xeon_e-2134 xeon_w-1290te core_i5-1145g7e core_i5-6440eq core_i5-1030g7 core_i9-10980hk xeon_e-2176m xeon_w-11155mle xeon_gold_6130 xeon_silver_4210t xeon_e-2274g xeon_gold_6136 core_i5-6287u core_i7-8500y xeon_w-3323 core_i5-9600t atom_c3558r core_i9-7960x xeon_w-1370 atom_c3808 core_i5-9600 xeon_d-1559 xeon_gold_6134 xeon_w-3375 xeon_e-2174g core_i5-8600t xeon_d-1537 xeon_gold_5218b xeon_gold_6128 core_i7-1180g7 xeon_e-2176g xeon_e-2288g core_i3-6100h core_i7-7500u xeon_gold_6146 xeon_w-1370p xeon_gold_6254 core_i3-10320 xeon_gold_5218r core_i3-10105f xeon_w-2235 core_i3-6098p core_i5-6400 xeon_d-1649n xeon_w-3175x core_i7-10875h xeon_w-3225 core_i3-7101te core_i7-7700 xeon_d-1540 core_i3-11100he core_i5-10400h xeon_gold_6246r core_i5-7300hq xeon_d-1513n xeon_w-10885m xeon_gold_6126 xeon_d-1527 core_i9-9940x core_i9-9900x core_i5-6600k core_i9-7940x core_i7-9700e xeon_e-2254me core_i7-9700te core_i7-6700t xeon_gold_6248r xeon_silver_4214 xeon_w-2125 xeon_platinum_9222 core_i3-10105t core_i5-11300h core_i5-6500te xeon_gold_5220s xeon_platinum_8260 core_i5-6500 core_i3-1000g4 core_i3-9100hl core_i9-10900kf core_i3-10100t atom_c3858 xeon_d-2146nt xeon_e-2144g core_i9-9980hk xeon_w-11555mle core_i5-11500he xeon_e-2244g core_i3-7100t core_i3-6102e xeon_w-1390t xeon_silver_4216 core_i5-1140g7 core_i7-11700kf core_i7-10610u core_i7-6770hq xeon_platinum_8180 xeon_platinum_8276l xeon_gold_6138t core_i7-7740x core_i7-11375h core_i7-7y75 core_i7-8559u core_i5-9500e atom_c3850 core_i5-11500t xeon_e-2124g core_i7-4930k core_i5-9400 core_i7-4960x core_i7-5960x core_i7-6600u xeon_gold_6138 core_i7-1185gre core_i3-10325 xeon_gold_6138f xeon_e-2356g core_i7-8700 xeon_d-1557 core_i3-7130u core_i5-8400 atom_c3436l xeon_w-3245m xeon_e-2334 core_i7\+8700 core_i7-9850h atom_c3708 xeon_w-1350 core_i5-7600 core_i9-10980xe core_i7-6500u core_i5-1035g1 xeon_w-11865mle core_i7-11850h xeon_w-1290 xeon_e-2186g xeon_silver_4210 core_i3-10110u xeon_gold_6234 atom_c3336 core_i7-4930mx xeon_w-1350p core_i9-10900 xeon_w-1250 core_i5-9400t core_i5-7360u core_i5-7300u core_i7-11800h core_i3-10300 core_i5-6600t core_i7-8565u xeon_gold_6154 xeon_silver_4110 core_i7-7700k atom_c3830 xeon_platinum_8176 core_i7-10870h core_i3-10100f core_i7-10510u xeon_bronze_3104 xeon_w-1290p core_i5-8310y xeon_gold_5217 core_i5-6440hq core_i7-6850k xeon_gold_5120t xeon_e-2324g xeon_w-3245 core_i7-6660u core_i9-7980xe core_i3-6100e xeon_gold_6210u core_i5-7200u xeon_gold_5115 core_i7-9700f xeon_w-3345 core_i5-10210u core_i7-6820hq xeon_d-1528 xeon_w-2295 xeon_e-2234 core_i3-9100t core_i5-10500 core_i5-8400b core_i3-7100h core_i7-8850h xeon_gold_5215 core_i3-6100u core_i9-9900ks core_i9-7920x xeon_w-11865mre core_i5-11600k core_i9-10900te core_i9-8950hk core_i5-6360u core_i3-6157u core_i5-9500f core_i3-10100y xeon_e-2378 core_i7-7820x core_i3-1115g4e core_i5-10600t core_i5-7640x core_i7-7800x xeon_w-3275m xeon_gold_6250l core_i5-9400h xeon_gold_6209u core_i9-9920x xeon_platinum_8253 xeon_gold_6252n core_i7-7660u core_i3-9320 xeon_platinum_8158 core_i7-7700hq atom_c3308 xeon_platinum_8280 core_i5-6402p core_m3-7y30 xeon_w-11155mre xeon_gold_6252 xeon_w-2135 core_i3-10105 core_i5-11400t core_i7-11700k core_i7-4940mx core_i7-8550u xeon_e-2276ml xeon_gold_6246 xeon_silver_4214r core_i9-10940x core_i7-9700 core_i7-6700hq core_i3-8300 core_i7-9850he xeon_gold_6230r core_i7-10700kf core_i5-8400t core_i5-7500t xeon_d-2187nt xeon_silver_4116t core_i7-1065g7 xeon_d-1518 core_i7-9800x xeon_silver_4208 core_i5-6267u core_i3-1000g1 xeon_gold_6126t xeon_w-2225 xeon_silver_4116 xeon_e-2276me core_i5-7y54 xeon_w-1250e core_i5-7400 core_i7-6950x fas\/aff_bios xeon_platinum_8160f xeon_platinum_8164 core_i7-6567u xeon_platinum_8176f xeon_gold_5215l core_i5-7287u xeon_platinum_8168 core_i7-3970x core_i7-3960x core_i7-11600h core_i7-7920hq core_i7-10700 core_i5-1145gre core_i3-7020u xeon_d-1533n xeon_gold_6240l xeon_w-3265m xeon_gold_6248 core_i5-1135g7 xeon_w-2195 xeon_e-2136 core_i5-9300hf xeon_w-1270p core_i3-1115g4 xeon_gold_6258r xeon_platinum_9282 core_i3-8145u core_i3-9300 core_i5-10400 xeon_d-2173it xeon_d-2161i core_i7-7567u xeon_w-1250p core_i7-8700k core_i5-1155g7 core_i3-9300t core_i7-7820hq core_i7-7820eq core_i7-9700k xeon_d-2123it xeon_platinum_8160t core_i3-8109u core_i5-8365ue xeon_gold_6142 core_i3-1110g4 xeon_bronze_3206r xeon_gold_6148 core_i7-3820 xeon_w-3275 xeon_gold_6240 core_i3-7320 core_i7-10700e core_i5-8350u core_i7-3940xm xeon_gold_5220 xeon_gold_6126f core_i3-10100te core_m5-6y57 xeon_e-2388g core_i7-11390h xeon_platinum_8268 xeon_e-2226g core_i5-7y57 core_i7-6700te xeon_gold_6240r core_i7-3920xm core_i5-7260u xeon_e-2278g xeon_silver_4215r core_i9-10900e core_i3-9100 core_i7-9750h xeon_e-2124 core_i5-8250u core_i5-8600 core_i9-11980hk xeon_w-3265 core_i5-10500te core_i5-11500 core_i3-6100te core_i7-11700 xeon_platinum_8160 xeon_gold_5119t core_i7-8700b core_i5-10500t xeon_gold_6148f core_i5-10600 core_i5-10310y xeon_w-1250te xeon_gold_6208u core_i3-9100te atom_c3338 core_i5-8259u xeon_gold_6242 core_i7-10700k xeon_e-2336 xeon_d-1627 xeon_e-2186m xeon_e-2286m core_i9-9880h core_i7-6650u core_i7-11370h core_i5-7442eq core_i7-8665ue core_i3-8130u core_i3-7167u core_i3-8300t core_i5-11500h core_i5-1035g4 core_i5-11600t core_i7-8650u core_i5-10200h core_i9-9900k core_i7-8705g xeon_platinum_8276 xeon_d-1529 xeon_gold_5220t core_i7-5930k core_i5-10400f core_i7-1160g7 core_i7-7600u xeon_gold_6244 xeon_gold_6242r core_i3-7100e xeon_w-2275 xeon_w-2265 core_i5-9500 xeon_gold_6226r core_i3-7101e core_i9-9900 xeon_bronze_3204 core_i9-9820x xeon_d-1567 xeon_w-3365 core_i7-9850hl core_i5-8400h core_i5-6300u core_m3-6y30 core_i7-9750hf xeon_d-2141i xeon_w-2175 xeon_silver_4108 core_i3-10110y core_i5-1035g7 core_i7-7820hk xeon_e-2254ml xeon_w-11855m core_i5-8305g core_i3-6100 xeon_gold_6240y core_i3-9350k xeon_gold_6238l xeon_w-1390 cloud_backup core_i3-1115gre core_i5-11600 core_i5-7400t core_i7-11700f core_i3-6100t core_i7-8750h core_i7-8665u core_i3-10305t xeon_d-2183it core_i5-8300h core_i3-8140u core_i3-8350k core_i5-10600k core_i7-8086k xeon_gold_5222 core_i7-10850h xeon_d-1523n xeon_gold_6256 core_i5-9500te atom_c3958 xeon_gold_6130t atom_c3338r xeon_d-1520 core_i3-8100b core_i3-6167u core_i5-8279u xeon_platinum_8280l core_m3-8100y core_i5-7267u core_i5-8600k core_i3-7100u xeon_d-1543n core_i5-6442eq core_i7-8700t xeon_silver_4114 xeon_d-1541 core_i7-11700t xeon_d-1622 xeon_platinum_9242 core_i7-6700k core_i7-6970hq xeon_w-2223 core_i7-6822eq core_i3-7300t xeon_gold_6238t atom_c3955 core_i5-8500 core_i9-11900t core_i5-8210y core_i7-6785r core_i7-6560u core_i7-1060g7 core_i5-8257u core_i7-8569u core_i7-5820k core_i9-9900t core_i7-6900k core_i7-7700t core_i9-9980xe atom_c3558 core_i5-6685r xeon_w-2133 xeon_gold_6250 core_i3-9350kf xeon_platinum_8260l xeon_platinum_8270 xeon_w-1290t core_i5-8500t core_i7-8809g xeon_gold_6226 core_i5-11320h xeon_d-1577 xeon_gold_6132 xeon_e-2314 core_i5-6400t core_i3-10305 xeon_d-2166nt core_i3-7350k xeon_w-1390p core_i5-10505 xeon_d-1539 core_i7-6700 core_i7-6820eq core_i7-6920hq core_i5-7600k core_i7-6820hk xeon_w-2255 xeon_gold_6262v core_i3-6006u core_i7-10710u core_i5-10210y core_i5-10300h xeon_w-1270te xeon_e-2224 xeon_gold_5218 xeon_w-2145 xeon_gold_6238r core_i3-9100f xeon_platinum_8170 core_i9-10900f core_i3-1125g4 xeon_e-2278gel xeon_d-1553n core_i5-1030g4 xeon_e-2378g core_i3-8100t core_i5-9500t xeon_w-3223 xeon_w-2155 xeon_gold_6152 core_i3-7102e xeon_gold_6150 xeon_e-2276g core_i5-6200u xeon_gold_6222v core_i7-10700f xeon_d-1571 xeon_gold_5122 atom_c3758r xeon_gold_6230 Intel(R) Processors

CWE ID-CWE-252

Unchecked Return Value

CVE-2020-6078

Matching Score-6

Assigner-Talos

View Details

Matching Score-6

Assigner-Talos

CVSS Score-7.5||HIGH

EPSS-1.41% / 79.69%

7 Day CHG~0.00%

Published-24 Mar, 2020 | 20:39

Updated-04 Aug, 2024 | 08:47

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdns_recv, the return value of the mdns_read_header function is not checked, leading to an uninitialized variable usage that eventually results in a null pointer dereference, leading to service crash. An attacker can send a series of mDNS messages to trigger this vulnerability.

Vendor-videolabs n/a Debian GNU/Linux

Product-libmicrodns debian_linux Videolabs

CWE ID-CWE-252

Unchecked Return Value

CVE-2024-50306

Matching Score-4

Assigner-Apache Software Foundation

View Details

Matching Score-4

Assigner-Apache Software Foundation

CVSS Score-9.1||CRITICAL

EPSS-1.40% / 79.67%

7 Day CHG~0.00%

Published-14 Nov, 2024 | 09:55

Updated-04 Jun, 2025 | 16:15

Apache Traffic Server: Server process can fail to drop privilege

Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.

Vendor-apache_software_foundation The Apache Software Foundation

Product-traffic_server Apache Traffic Server apache_traffic_server

CWE ID-CWE-252

Unchecked Return Value

CVE-2022-23806

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs