Total
339 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-32785 | 4 Apache, Debian, Netapp and 1 more | 4 Http Server, Debian Linux, Cloud Backup and 1 more | 2024-01-30 | 4.3 MEDIUM | 7.5 HIGH |
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (`OIDCCacheEncrypt off`, `OIDCSessionType server-cache`, `OIDCCacheType redis`), `mod_auth_openidc` wrongly performed argument interpolation before passing Redis requests to `hiredis`, which would perform it again and lead to an uncontrolled format string bug. Initial assessment shows that this bug does not appear to allow gaining arbitrary code execution, but can reliably provoke a denial of service by repeatedly crashing the Apache workers. This bug has been corrected in version 2.4.9 by performing argument interpolation only once, using the `hiredis` API. As a workaround, this vulnerability can be mitigated by setting `OIDCCacheEncrypt` to `on`, as cache keys are cryptographically hashed before use when this option is enabled. | |||||
CVE-2020-10757 | 7 Canonical, Debian, Fedoraproject and 4 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-01-19 | 6.9 MEDIUM | 7.8 HIGH |
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | |||||
CVE-2021-3634 | 6 Debian, Fedoraproject, Libssh and 3 more | 7 Debian Linux, Fedora, Libssh and 4 more | 2023-12-22 | 4.0 MEDIUM | 6.5 MEDIUM |
A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange. | |||||
CVE-2021-0060 | 2 Intel, Netapp | 190 11th Generation Core Series Firmware, Atom C3000 Series Firmware, Atom C3308 and 187 more | 2023-12-10 | 7.2 HIGH | 6.6 MEDIUM |
Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309.0, SPS_02.04.00.101.0, SPS_SoC-A_05.00.03.114.0, SPS_SoC-X_04.00.04.326.0, SPS_SoC-X_03.00.03.117.0, IGN_E5_91.00.00.167.0, SPS_PHI_03.01.03.078.0 may allow an authenticated user to potentially enable escalation of privilege via physical access. | |||||
CVE-2021-0119 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 6.2 MEDIUM |
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | |||||
CVE-2021-0118 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0093 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access. | |||||
CVE-2021-0124 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 6.6 MEDIUM |
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | |||||
CVE-2021-0092 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access. | |||||
CVE-2021-0099 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-33068 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. | |||||
CVE-2021-0117 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0125 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 6.6 MEDIUM |
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access. | |||||
CVE-2021-0103 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0115 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2021-0111 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0156 | 2 Intel, Netapp | 1358 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1355 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0091 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0116 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
CVE-2021-0107 | 2 Intel, Netapp | 681 Atom C3308, Atom C3336, Atom C3338 and 678 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |