OpenSSL -- Denial of Service vulnerability
The OpenSSL project reports: Excessive time spent checking DSA keys and parameters (Low) Checking excessively long DSA keys or parameters may be very ...
6.4AI Score
0.0004EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
CVE-2021-4034 One day for the polkit privilege escalation...
8.8AI Score
0.0005EPSS
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...
6.8AI Score
8.4AI Score
0.0005EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation...
8.5AI Score
0.0005EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
PwnKit-Exploit CVE-2021-4034 ...
8.1AI Score
Exploit for Out-of-bounds Read in Polkit Project Polkit
██████╗ ██╗ ██╗██╗ ██╗███╗ ██╗███████╗██████╗ ██╔══██...
8AI Score
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Wordpress
CVE-2022-3590 WordPress Vulnerability Scanner This Python...
7.5AI Score
0.001EPSS
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...
6.8AI Score
Insufficient Verification Of Data Authenticity
sshpiper is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the proxy protocol listener which does specify a specific listener, allowing an attacker forage the proxy source...
6.9AI Score
0.0004EPSS
putty is vulnerable to Denial Of Service (DoS). The vulnerability is due to remote SSH-1 servers accessing freed memory locations via an SSH1_MSG_DISCONNECT message in PuTTY, allows remote SSH-1 servers to trigger a denial of service...
6.6AI Score
0.007EPSS
github.com/golang/go is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper corruption checks which causes the lookup function to get stuck in an infinite loop, which allows an attacker to cause Denial of Service (DoS) by submitting a malformed DNS...
6.8AI Score
0.0004EPSS
pdns-recursor is vulnerable to a Denial of Service(DoS). The vulnerability is due to the Recursor's improper handling of crafted responses received from upstream servers during recursive forwarding, allows attackers to trigger a Denial of...
7.4AI Score
0.0004EPSS
github.com/vitessio/vitess is vulnerable to Denial Of Service (DoS). The vulnerability is caused by an endless loop triggered by a specific query in the vtgate component. This loop leads to continuous memory consumption, eventually resulting in Denial of Service...
6.7AI Score
0.0004EPSS
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...
6.8AI Score
Exploit for Insecure Default Initialization of Resource in Apache Superset
CVE-2023-27524: Apache Superset Auth Bypass Script to check...
9.2AI Score
0.971EPSS
Deserialization Of Untrusted Data
org.apache.inlong: manager-pojo is vulnerable to Deserialization of Untrusted Data. The vulnerability is caused by improper query parameters sanitization within the filterSensitive method, which allows an attackers to bypass JDBC security...
6.9AI Score
0.0004EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
pkexec-exploit Local Privilege Escalation in polkit's pkexec...
8.2AI Score
Exploit for Improper Handling of Exceptional Conditions in Google Android
CVE-2021-0928, writeToParcel/createFromParcel serialization...
8.2AI Score
8.2AI Score
Exploit for Out-of-bounds Write in Linux Linux Kernel
io_uring_LPE-CVE-2023-2598 LPE exploit for CVE-2023-2598....
7.2AI Score
0.0004EPSS
Exploit for Out-of-bounds Read in Linux Linux Kernel
Linux_LPE_eBPF_CVE-2021-3490 LPE exploit for CVE-2021-3490....
7.8AI Score
0.002EPSS
Exploit for Out-of-bounds Write in Microsoft
CVE-2022-21882 Win32k Elevation Of Privileges...
8.2AI Score
0.001EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
PwnKit Self-contained exploit for CVE-2021-4034 - Pkexec...
8.2AI Score
Exploit for Out-of-bounds Write in Fortinet Fortiproxy
CVE-2024-21762 Check Safely detect whether a FortiGate SSL...
7.1AI Score
0.018EPSS
Deserialization Of Untrusted Data
spatie/image-optimizer is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to a lack of file protocol checks before it's passed to the file_exists() function. This allows attackers to use the phar:// protocol to deserialize a malicious script, which results in Remote Code.....
7.4AI Score
0.0004EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
ActiveMQ-RCE ActiveMQ RCE (CVE-2023-46604) exploit, written...
9.9AI Score
Exploit for Out-of-bounds Read in Polkit Project Polkit
CVE-2021-4034 Precompiled builds for CVE-2021-4034. Of...
8.5AI Score
0.0005EPSS
OpenStack Glance Denial of service by creating a large number of images
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different...
6.8AI Score
0.007EPSS
A visit to install.php can cause cached data to become corrupted. This could cause a site to be impaired until caches are...
6.8AI Score
Bouncy Castle Denial of Service (DoS)
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has...
7.1AI Score
0.0004EPSS
ibm.mq is vulnerable to a Denial of service. The vulnerability is due to insufficient handling of HTTP requests, which allows an attacker to craft requests that cause excessive resource consumption. This can potentially leads to Denial of...
6.9AI Score
0.0004EPSS
Chrome is vulnerable to Out Of Bounds Read. The vulnerability due to improper handling of out-of-bounds reads, allows a remote attacker to leak cross-site data via a crafted HTML...
6AI Score
0.0004EPSS
Exploit for Out-of-bounds Write in Fortinet Fortios-6K7K
Usage: python3 cve-2022-42475.py rhost rport lhost 'command'...
7.4AI Score
0.127EPSS
Exploit for Out-of-bounds Write in Linux Linux Kernel
CVE-2022-1015 This repository contains a PoC for local...
0.7AI Score
0.0004EPSS
github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to improper validation of HTTP requests before processing them in server.go, allowing untrusted requests to crash the Minder control plane, denying service to other...
7AI Score
0.0004EPSS
OpenStack Identity (Keystone) Denial of Service
OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long...
6.8AI Score
0.012EPSS
A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with...
6.7CVSS
7.9AI Score
0.0004EPSS
Bouncy Castle Denial of Service (DoS)
Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has...
7.1AI Score
0.0004EPSS
Bind9 is vulnerable to denial of service. The vulnerability is due to asynchronous processes of named running as a recursive resolver component of BIND, when attempting to clean up its cache database which enables the list of queued cleanup events to grow infinitely large over time, allowing the...
6.5AI Score
0.001EPSS
7.3AI Score
0.971EPSS
OpenStack Glance Denial of service by creating a large number of images
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the...
6.8AI Score
0.007EPSS
XNIO API is vulnerable to Denial of Service (DoS). The vulnerability is caused due to the problematic accumulation of notifier states within the chain. When this chain grows to be excessively large, it can lead to a StackOverflowException, overwhelming the stack and potentially causing Denial of...
7AI Score
0.0004EPSS
ryu is vulnerable to Denial Of Service (DoS). The vulnerability is due to inadequate input validation within the OFPFlowStats function in parser.py, which allows an attackers to trigger an infinite loop by setting the length of the inst parameter to...
6.7AI Score
0.0004EPSS
ryu is vulnerable to Denial Of Service (DoS). The vulnerability is due to inadequate input validation when the OFPQueueProp length is 0 within the OFPPacketQueue function in parser.py, which allows an attacker to trigger an infinite loop by setting the length parameter to...
6.7AI Score
0.0004EPSS
ryu is vulnerable to Denial of service. The vulnerability is due to inadequate input validation when the length=0 within the OFPHello function in parser.py, which results in an infinite...
6.7AI Score
0.0004EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
CVE-2021-4034-PwnKit PwnKit PoC for Polkit pkexec...
8.6AI Score
0.0005EPSS
ryu is vulnerable to Denial of Service (DoS). The vulnerability is due to the OFPBucket function in parser.py when processing an OpenFlow action with a length of zero, which results an infinite...
6.7AI Score
0.0004EPSS
ryu is vulnerable to Denial of Service (DoS). The vulnerability is due to improper handling of OFPGroupDescStats in ofproto_v1_3_parser.py, where setting the length of OFPBucket to 0 causes the offset and length to remain unchanged, leading to an infinite loop during...
6.8AI Score
0.0004EPSS
INSTALL_DONT_KILL_APP can be used to force a mismatch between running code and a parsed APK
In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
7.8CVSS
7AI Score
0.0004EPSS