📦 Solidfire \& Hci Management Node

This vulnerability in libxml2 allows attackers to bypass custom SAX handler protections against external entity processing, enabling classic XML External Entity (XXE) attacks. Any application using af...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to read memory beyond allocated buffers when processing SMB2 create context requests. It affects Linux systems running kernel...

This vulnerability in the Linux kernel's ksmbd SMB server allows attackers to read memory beyond intended boundaries by exploiting improper validation of UserName values. Systems running Linux kernels...

This vulnerability allows remote code execution on systems running vulnerable versions of the Element Plug-in for vCenter Server. Attackers can exploit a flaw in the SpringBoot Framework to execute ar...

This CVE describes a stack-based buffer overflow vulnerability in libxml2's xmlSnprintfElements function. Attackers can exploit this by providing malicious XML documents with DTD validation enabled, p...

This CVE describes a use-after-free vulnerability in the NVMe/TCP subsystem of the Linux kernel that could allow attackers to execute arbitrary code or escalate privileges. It affects Linux systems wi...

The curl URL parser incorrectly accepts percent-encoded URL separators like '/' in hostnames, allowing attackers to bypass filters and checks by making malicious URLs appear legitimate. This affects a...

This curl vulnerability allows information disclosure when an attacker can force curl to reuse an existing IPv6 connection from the pool with a different zone identifier, potentially exposing sensitiv...

This vulnerability in curl versions before 7.83.1 could cause the wrong file to be deleted when using the --no-clobber option with --remove-on-error. It affects systems using curl with these specific ...

CVE-2022-1292 is a command injection vulnerability in the c_rehash script distributed with OpenSSL. It allows attackers to execute arbitrary commands with script privileges when the script processes u...

A memory leak vulnerability in OpenSSL's OPENSSL_LH_flush() function causes unbounded memory growth when processing certificates or keys. This affects long-lived processes like TLS clients/servers usi...

This vulnerability in Oracle Java SE and GraalVM Enterprise Edition allows unauthenticated attackers with network access to modify critical data without authorization. It affects Java deployments runn...

This vulnerability in the Linux kernel's SUNRPC subsystem allows a use-after-free condition when freeing transport structures before sockets are properly closed. Attackers could potentially exploit th...

CVE-2022-28796 is a use-after-free vulnerability in the Linux kernel's jbd2 journaling subsystem caused by a transaction_t race condition. This allows local attackers to potentially escalate privilege...

CVE-2022-0492 is a Linux kernel vulnerability in the cgroups v1 release_agent feature that allows local attackers to escalate privileges and escape container namespaces. This affects Linux systems usi...

CVE-2022-23308 is a use-after-free vulnerability in libxml2's validation component that allows attackers to potentially execute arbitrary code or cause denial of service. It affects applications that ...

This Linux kernel vulnerability allows remote attackers to bypass UDP source port randomization by exploiting flaws in ICMP error processing. Attackers can scan open UDP ports more effectively, compro...

CVE-2021-46143 is an integer overflow vulnerability in Expat's XML parser that can lead to heap memory corruption. Attackers can exploit this by providing specially crafted XML input, potentially caus...

CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the client. This affects curl clients using OpenSSL wit...

This vulnerability in the Linux kernel's BPF verifier allows incorrect pointer arithmetic limits, enabling out-of-bounds memory access. Attackers can exploit this to read/write kernel memory and escal...

A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse malicious lease files. The vulnerability affects DHCP ...

This CVE describes a use-after-free vulnerability in the Linux kernel's Sun keyboard driver (sunkbd). An attacker with local access can potentially exploit this to cause a kernel crash (denial of serv...