Export limit exceeded: 23526 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23526 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-39258 3 Debian, Redhat, Tuxera 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22.
CVE-2021-39256 3 Debian, Redhat, Tuxera 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.
CVE-2021-39255 3 Debian, Redhat, Tuxera 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22.
CVE-2021-39254 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.
CVE-2021-39253 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22.
CVE-2021-39252 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
CVE-2021-39251 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.
CVE-2023-3341 4 Debian, Fedoraproject, Isc and 1 more 9 Debian Linux, Fedora, Bind and 6 more 2025-12-02 7.5 High
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
CVE-2023-2603 4 Debian, Fedoraproject, Libcap Project and 1 more 5 Debian Linux, Fedora, Libcap and 2 more 2025-12-02 7.8 High
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
CVE-2022-4904 3 C-ares Project, Fedoraproject, Redhat 6 C-ares, Fedora, Enterprise Linux and 3 more 2025-12-02 8.6 High
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
CVE-2022-30789 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
CVE-2022-30788 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.
CVE-2022-30786 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
CVE-2022-30784 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.
CVE-2022-2509 4 Debian, Fedoraproject, Gnu and 1 more 4 Debian Linux, Fedora, Gnutls and 1 more 2025-12-02 7.5 High
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
CVE-2021-3999 4 Debian, Gnu, Netapp and 1 more 16 Debian Linux, Glibc, E-series Performance Analyzer and 13 more 2025-12-02 7.8 High
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
CVE-2021-39263 3 Debian, Redhat, Tuxera 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22.
CVE-2021-39262 3 Debian, Redhat, Tuxera 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more 2025-12-02 6.7 Medium
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.
CVE-2023-38039 4 Fedoraproject, Haxx, Microsoft and 1 more 11 Fedora, Curl, Windows 10 1809 and 8 more 2025-12-02 7.5 High
When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.
CVE-2020-13956 5 Apache, Netapp, Oracle and 2 more 27 Httpclient, Active Iq Unified Manager, Snapcenter and 24 more 2025-12-01 5.3 Medium
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.