45 matches found
ALPINE-CVE-2022-22815
pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path...
ALPINE-CVE-2022-0128
vim is vulnerable to Out-of-bounds Read...
ALPINE-CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...
ALPINE-CVE-2021-3984
vim is vulnerable to Heap-based Buffer Overflow...
ALPINE-CVE-2021-3928
vim is vulnerable to Use of Uninitialized Variable...
Alpine 命令注入漏洞
Alpine is an email program. A command injection vulnerability exists in Alpine 2.24 that arises from the affected product accepting an untagged response from an IMAP server before STARTTLS...
ALPINE-CVE-2021-30218
samurai 1.2 has a NULL pointer dereference in writefile in util.c via a crafted build file...
ALPINE-CVE-2018-10340
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none...
ALPINE-CVE-2020-7774
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution...
ALPINE-CVE-2020-0034
In vp8decodeframe of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
ALPINE-CVE-2019-20421
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
ALPINE-CVE-2019-1350
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387...
ALPINE-CVE-2019-15166
lmpprintdatalinksubobjs in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks...
ALPINE-CVE-2019-5482
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3...
ALPINE-CVE-2019-9516
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory fo...
ALPINE-CVE-2019-3829
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...
ALPINE-CVE-2019-8905
docorenote in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...
ALPINE-CVE-2019-3463
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands...
ALPINE-CVE-2018-17540
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate...
ALPINE-CVE-2018-15173
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...