An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds...
8.1CVSS
8.2AI Score
0.003EPSS
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory...
7.5CVSS
8.1AI Score
0.003EPSS
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds...
9.1CVSS
8.7AI Score
0.003EPSS
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory...
7.5CVSS
8.1AI Score
0.003EPSS
In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version...
5.5CVSS
5.1AI Score
0.001EPSS
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after...
7.5CVSS
7.5AI Score
0.004EPSS
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
7.8CVSS
7.2AI Score
0.0004EPSS
A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. This flaw allows a local attacker to crash the system and leads to a kernel information leak...
7.1CVSS
6.2AI Score
0.0004EPSS
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
9.8CVSS
9.8AI Score
0.003EPSS
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify...
7.5CVSS
7.5AI Score
0.002EPSS
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop"...
6.5CVSS
6.3AI Score
0.003EPSS
sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all...
10CVSS
9.3AI Score
0.005EPSS
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the...
6.5CVSS
6.2AI Score
0.002EPSS
In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic...
7.5CVSS
7.4AI Score
0.001EPSS
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in...
9.8CVSS
9.5AI Score
0.03EPSS
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this.....
6.1CVSS
6.3AI Score
0.002EPSS
A stored XSS and blind SSRF vulnerability was found in Moodle, occurs due to insufficient sanitization of user-supplied data in the SCORM track details. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context....
6.1CVSS
6.4AI Score
0.003EPSS
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's...
6.1CVSS
6.6AI Score
0.011EPSS
The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature.....
7.5CVSS
7.3AI Score
0.003EPSS
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of.....
9.1CVSS
8.9AI Score
0.001EPSS
This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any...
9.8CVSS
9.2AI Score
0.002EPSS
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit...
7.8CVSS
7.8AI Score
0.001EPSS
A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp...
5.5CVSS
5.1AI Score
0.001EPSS
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at...
7.3CVSS
7AI Score
0.001EPSS
6.5CVSS
7AI Score
0.006EPSS
6.5CVSS
7AI Score
0.004EPSS
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding...
8.1CVSS
8.2AI Score
0.001EPSS
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the...
5.9CVSS
7.3AI Score
0.003EPSS
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving t...
9.8CVSS
8.8AI Score
0.003EPSS
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually....
6.5CVSS
7.9AI Score
0.002EPSS
A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larg...
4.3CVSS
6.3AI Score
0.003EPSS
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...
4.5CVSS
7.3AI Score
0.0005EPSS
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is...
6.1CVSS
6AI Score
0.003EPSS
An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be...
6.1CVSS
6.2AI Score
0.001EPSS
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at...
6.5CVSS
6.4AI Score
0.001EPSS
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status...
6.5CVSS
6.7AI Score
0.004EPSS
MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component...
7.5CVSS
7.2AI Score
0.003EPSS
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at...
7.5CVSS
7.3AI Score
0.002EPSS
MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in...
7.5CVSS
7.2AI Score
0.003EPSS
MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at...
7.5CVSS
7.2AI Score
0.003EPSS
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component...
7.5CVSS
7.3AI Score
0.002EPSS
An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error...
7.5CVSS
7.4AI Score
0.004EPSS
Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible...
6.1CVSS
6AI Score
0.001EPSS
An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified...
5.5CVSS
5.3AI Score
0.001EPSS
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified...
5.5CVSS
5.4AI Score
0.001EPSS
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is...
5.3CVSS
7.6AI Score
0.002EPSS
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined...
7.8CVSS
7.3AI Score
0.001EPSS
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...
7.8CVSS
7.5AI Score
0.001EPSS
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per...
5.5CVSS
5.5AI Score
0.001EPSS