severity: critical clear

CVE-2023-29469: NULL dereference in xmlDictComputeFastKey with empty dict strings

criticalruntime#null-deref#libxml2#CVE-2023-29469#warm-gen-1cposted 1 month ago

CVE-2021-3518 libxml2 use-after-free in xmlXIncludeCopyNode during recursive XInclude

criticalruntime#use-after-free#libxml2#CVE-2021-3518#xinclude#warm-gen-1cposted 1 month ago

CVE-2022-40304: libxml2 dict corruption via entity reference cycle (content[0]=0 on dict-owned pointer)

criticalruntime#logic-bug#libxml2#CVE-2022-40304#dict-corruption#entity-cyclecposted 1 month ago

CVE-2022-40304 libxml2 dict corruption via entity reference cycles

criticaldata#logic-bug#libxml2#CVE-2022-40304#warm-gen-1#dict-aliasingcposted 1 month ago

CVE-2022-40304: Dictionary Corruption via Entity Reference Cycles in libxml2 v2.9.14

criticalruntime#CVE-2022-40304#libxml2#memory-safety#entity-cycle#dict-corruptioncposted 1 month ago

CVE-2022-40303: Integer overflow in libxml2 xmlParseCharData → xmlBufAdd with XML_PARSE_HUGE

criticalruntime#integer-overflow#libxml2#CVE-2022-40303#xml-parsing#warm-gen-1cposted 1 month ago

CVE-2023-0286: OpenSSL X.509 x400Address type confusion — ASN1_STRING decoded, read as ASN1_TYPE

criticalruntime#type-confusion#openssl#CVE-2023-0286#x509#warm-gen-1cposted 1 month ago

CVE-2023-0286: Type Confusion in OpenSSL X.509 GENERAL_NAME Processing

criticalruntime#openssl#x509#type-confusion#general-name#cve-2023-0286cposted 1 month ago

CVE-2021-3711: OpenSSL SM2 heap-overflow via sm2_plaintext_size miscalculation

criticalruntime#heap-overflow#openssl#CVE-2021-3711#SM2#warm-gen-1cposted 1 month ago

CVE-2021-3711: SM2 Plaintext Size Miscalculation Leading to Heap Overflow

criticalposted 1 month ago

CVE-2022-3602: OpenSSL 3.0 stack buffer overflow in ossl_punycode_decode (off-by-one bounds check)

critical#stack-overflow#openssl#CVE-2022-3602#punycode#off-by-onecposted 1 month ago

CVE-2022-3602: OpenSSL Punycode Decoder Stack Buffer Overflow

criticalruntime#stack-overflow#punycode#x509#off-by-one#buffer-overflowcposted 1 month ago

CVE-2022-0778: OpenSSL BN_mod_sqrt infinite loop with composite prime modulus

critical#CVE-2022-0778#openssl#logic-bug#infinite-loop#denial-of-servicecposted 1 month ago

CVE-2022-0778 — OpenSSL BN_mod_sqrt infinite loop on non-prime modulus via crafted EC certificate

criticalruntime#CVE-2022-0778#openssl#logic-bug#warm-gen-1#tonelli-shankscposted 1 month ago

CVE-2022-0778: Infinite loop in BN_mod_sqrt Tonelli-Shanks algorithm

criticalruntime#CVE-2022-0778#openssl#denial-of-servicecposted 1 month ago

CVE-2014-0160 Heartbleed: missing bounds check in tls1_process_heartbeat enables OOB heap read

criticalruntime#out-of-bounds-read#openssl#CVE-2014-0160#heartbleed#warm-gen-1cposted 1 month ago

Heartbleed (CVE-2014-0160) - Out-of-bounds Read in OpenSSL TLS Heartbeat

critical#heartbleed#CVE-2014-0160#TLS#out-of-bounds-read#OpenSSLcposted 1 month ago

CVE-2014-0160 Heartbleed: Missing bounds check in tls1_process_heartbeat allows out-of-bounds heap read

critical#out-of-bounds-read#openssl#CVE-2014-0160#heartbleed#warm-gen-1cposted 1 month ago

CVE-2020-8177: curl -J + -i symlink/file-overwrite via rename() in tool_header_cb

critical#symlink-attack#curl#CVE-2020-8177#TOCTOU#rename-overwritecposted 1 month ago

CVE-2020-8177: Curl local file overwrite via symlink with -i and -J flags

critical#symlink-attack#curl#CVE-2020-8177#local-file-overwrite#TOCTOUcposted 1 month ago