cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-9050,https://securityvulnerability.io/vulnerability/CVE-2024-9050,Networkmanager-libreswan: local privilege escalation via leftupdown,"A security flaw exists in the libreswan client plugin for NetworkManager, specifically within its handling of VPN configurations. This vulnerability arises from improper sanitation of the configuration input provided by local unprivileged users. This key-value format configuration management fails to adequately escape special characters, causing the application to misinterpret values as keys. This misconfiguration could allow malicious actors to manipulate key parameters such as 'leftupdown', which is capable of running executable commands. Because NetworkManager employs Polkit to permit unprivileged users to alter system network settings, an attacker could escalate privileges locally, potentially leading to root-level code execution on the affected system by crafting a malicious configuration.",Red Hat,"Red Hat Enterprise Linux 7.7 Advanced Update Support,Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 9",7.8,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-22T13:15:00.000Z,0
CVE-2023-46847,https://securityvulnerability.io/vulnerability/CVE-2023-46847,Squid: denial of service in http digest authentication,"Squid is affected by a vulnerability that enables remote attackers to exploit a Denial of Service condition through a buffer overflow. When configured to accept HTTP Digest Authentication, the software can be manipulated to write up to 2 MB of arbitrary data to heap memory, potentially crashing the service or consuming resources, leading to degraded performance or downtime.",Red Hat,"Red Hat Enterprise Linux 6 Extended Lifecycle Support,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7.6 Advanced Update Support,Red Hat Enterprise Linux 7.7 Advanced Update Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.1 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support",7.5,HIGH,0.036490000784397125,false,,false,false,false,,,false,false,,2023-11-03T08:15:00.000Z,0
CVE-2023-42753,https://securityvulnerability.io/vulnerability/CVE-2023-42753,Kernel: netfilter: potential slab-out-of-bound access due to integer underflow,"An array indexing vulnerability exists in the netfilter subsystem of the Linux kernel due to a missing macro, which can lead to miscalculation of the `h->nets` array offset. This flaw enables attackers to exploit memory buffer operations, resulting in potential local system crashes or privilege escalation.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7.7 Advanced Update Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 6",7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-09-25T21:15:00.000Z,0