Total
93 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-35235 | 2024-06-14 | N/A | 4.4 MEDIUM | ||
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Given that cupsd is often running as root, this can result in the change of permission of any user or system files to be world writable. Given the aforementioned Ubuntu AppArmor context, on such systems this vulnerability is limited to those files modifiable by the cupsd process. In that specific case it was found to be possible to turn the configuration of the Listen argument into full control over the cupsd.conf and cups-files.conf configuration files. By later setting the User and Group arguments in cups-files.conf, and printing with a printer configured by PPD with a `FoomaticRIPCommandLine` argument, arbitrary user and group (not root) command execution could be achieved, which can further be used on Ubuntu systems to achieve full root command execution. Commit ff1f8a623e090dee8a8aadf12a6a4b25efac143d contains a patch for the issue. | |||||
CVE-2024-37039 | 2024-06-13 | N/A | 5.9 MEDIUM | ||
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request. | |||||
CVE-2023-6918 | 3 Libssh, Libssh2, Redhat | 3 Libssh, Libssh2, Enterprise Linux | 2024-05-22 | N/A | 5.3 MEDIUM |
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection. | |||||
CVE-2023-41092 | 2024-05-17 | N/A | 7.6 HIGH | ||
Unchecked return value in SDM firmware for Intel(R) Stratix 10 and Intel(R) Agilex 7 FPGAs before version 23.3 may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2023-5215 | 1 Redhat | 2 Enterprise Linux, Libnbd | 2024-04-30 | N/A | 6.5 MEDIUM |
A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly. | |||||
CVE-2024-0743 | 1 Mozilla | 1 Firefox | 2024-03-25 | N/A | 7.5 HIGH |
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
CVE-2019-15900 | 1 Doas Project | 1 Doas | 2024-02-16 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On platforms without strtonum(3), sscanf was used without checking for error cases. Instead, the uninitialized variable errstr was checked and in some cases returned success even if sscanf failed. The result was that, instead of reporting that the supplied username or group name did not exist, it would execute the command as root. | |||||
CVE-2023-26591 | 2024-02-14 | N/A | 2.0 LOW | ||
Unchecked return value in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an unauthenticated user to potentially enable denial of service via physical access. | |||||
CVE-2009-0265 | 1 Isc | 1 Bind | 2024-02-13 | 5.0 MEDIUM | 7.5 HIGH |
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025. | |||||
CVE-2023-44322 | 1 Siemens | 142 6ag1206-2bb00-7ac2, 6ag1206-2bb00-7ac2 Firmware, 6ag1206-2bs00-7ac2 and 139 more | 2024-02-13 | N/A | 5.9 MEDIUM |
Affected devices can be configured to send emails when certain events occur on the device. When presented with an invalid response from the SMTP server, the device triggers an error that disrupts email sending. An attacker with access to the network can use this to do disable notification of users when certain events occur. | |||||
CVE-2023-50359 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2024-02-06 | N/A | 6.7 MEDIUM |
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later | |||||
CVE-2023-37902 | 2024-02-05 | N/A | 5.3 MEDIUM | ||
Vyper is a Pythonic programming language that targets the Ethereum Virtual Machine (EVM). Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that the if the compiler has been convinced to write to the 0 memory location with specially crafted data (generally, this can happen with a hashmap access or immutable read) just before the ecrecover, a signature check might pass on an invalid signature. Version 0.3.10 contains a patch for this issue. | |||||
CVE-2023-29243 | 1 Intel | 2 Realsense 450 Fa, Realsense 450 Fa Firmware | 2024-02-05 | N/A | 4.4 MEDIUM |
Unchecked return value in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow a priviledged user to potentially enable denial of service via local access. | |||||
CVE-2023-40303 | 1 Gnu | 1 Inetutils | 2024-02-05 | N/A | 7.8 HIGH |
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process. | |||||
CVE-2023-24825 | 1 Riot-os | 1 Riot | 2024-02-04 | N/A | 7.5 HIGH |
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixed in version 2023.04. There are no known workarounds. | |||||
CVE-2023-25733 | 1 Mozilla | 1 Firefox | 2024-02-04 | N/A | 7.5 HIGH |
The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110. | |||||
CVE-2023-3013 | 1 Gpac | 1 Gpac | 2024-02-04 | N/A | 7.1 HIGH |
Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | |||||
CVE-2020-8934 | 1 Google | 1 Site Kit | 2024-02-04 | N/A | 4.3 MEDIUM |
The Site Kit by Google plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 1.8.0 This is due to the lack of capability checks on the admin_enqueue_scripts action which displays the connection key. This makes it possible for authenticated attackers with any level of access obtaining owner access to a site in the Google Search Console. We recommend upgrading to V1.8.1 or above. | |||||
CVE-2022-43763 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-02-04 | N/A | 7.5 HIGH |
Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07. | |||||
CVE-2022-3108 | 1 Linux | 1 Linux Kernel | 2024-02-04 | N/A | 5.5 MEDIUM |
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). |