Lucene search
+L

45 matches found

OSV
OSV
added 2022/01/10 2:12 p.m.3 views

ALPINE-CVE-2022-22815

pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...

6.5CVSS7AI score0.02556EPSS
Exploits0References1
OSV
OSV
added 2022/01/06 5:15 p.m.1 views

ALPINE-CVE-2022-0128

vim is vulnerable to Out-of-bounds Read...

7.8CVSS7AI score0.01739EPSS
Exploits1References1
OSV
OSV
added 2021/12/20 12:15 p.m.2 views

ALPINE-CVE-2021-44790

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

9.8CVSS7.4AI score0.97108EPSS
Exploits4References1
OSV
OSV
added 2021/12/01 11:15 a.m.3 views

ALPINE-CVE-2021-3984

vim is vulnerable to Heap-based Buffer Overflow...

7.8CVSS7AI score0.01461EPSS
Exploits1References1
OSV
OSV
added 2021/11/05 3:15 p.m.2 views

ALPINE-CVE-2021-3928

vim is vulnerable to Use of Uninitialized Variable...

7.8CVSS7AI score0.00591EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.8 views

Alpine 命令注入漏洞

Alpine is an email program. A command injection vulnerability exists in Alpine 2.24 that arises from the affected product accepting an untagged response from an IMAP server before STARTTLS...

5.9CVSS5.9AI score0.01565EPSS
Exploits1References7
OSV
OSV
added 2021/04/29 3:15 p.m.3 views

ALPINE-CVE-2021-30218

samurai 1.2 has a NULL pointer dereference in writefile in util.c via a crafted build file...

5.5CVSS6.9AI score0.00747EPSS
Exploits1References1
OSV
OSV
added 2021/01/26 6:15 p.m.3 views

ALPINE-CVE-2018-10340

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none...

7AI score
Exploits0References1
OSV
OSV
added 2020/11/17 1:15 p.m.4 views

ALPINE-CVE-2020-7774

The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution...

9.8CVSS7AI score0.69062EPSS
Exploits1References1
OSV
OSV
added 2020/03/10 8:15 p.m.3 views

ALPINE-CVE-2020-0034

In vp8decodeframe of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

7.5CVSS6.1AI score0.01897EPSS
Exploits0References1
OSV
OSV
added 2020/01/27 5:15 a.m.3 views

ALPINE-CVE-2019-20421

In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...

7.5CVSS6.6AI score0.04296EPSS
Exploits1References1
OSV
OSV
added 2020/01/24 9:15 p.m.3 views

ALPINE-CVE-2019-1350

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387...

8.8CVSS7.8AI score0.25666EPSS
Exploits0References1
OSV
OSV
added 2019/10/03 5:15 p.m.3 views

ALPINE-CVE-2019-15166

lmpprintdatalinksubobjs in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks...

7.5CVSS7.1AI score0.04986EPSS
Exploits0References1
OSV
OSV
added 2019/09/16 7:15 p.m.4 views

ALPINE-CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3...

9.8CVSS7.5AI score0.17939EPSS
Exploits0References1
OSV
OSV
added 2019/08/13 9:15 p.m.3 views

ALPINE-CVE-2019-9516

Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory fo...

6.5CVSS8.9AI score0.56262EPSS
Exploits0References1
OSV
OSV
added 2019/03/27 6:29 p.m.2 views

ALPINE-CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

7.5CVSS7AI score0.58969EPSS
Exploits1References1
OSV
OSV
added 2019/02/18 5:29 p.m.3 views

ALPINE-CVE-2019-8905

docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...

4.4CVSS7.3AI score0.00475EPSS
Exploits1References1
OSV
OSV
added 2019/02/06 7:29 p.m.2 views

ALPINE-CVE-2019-3463

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...

9.8CVSS7.2AI score0.04869EPSS
Exploits3References1
OSV
OSV
added 2018/10/03 8:29 p.m.3 views

ALPINE-CVE-2018-17540

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate...

7.5CVSS7AI score0.03511EPSS
Exploits0References1
OSV
OSV
added 2018/08/08 12:29 a.m.5 views

ALPINE-CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

7.5CVSS6.7AI score0.06081EPSS
Exploits1References1
Rows per page
Query Builder