126 matches found
snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...
Denial Of Service (DoS)
tcpreplay is vulnerable to denial of service. The vulnerability exists in packet2tree function of tree.c due to a reachable assertion which allows an attacker to crash the application via malicious input...
Remote Code Execution
thunderbird is vulnerable to denial of service. The vulnerability exists due to the lack of memory safety checks in the library, allowing an attacker to crash the application by providing malicious input...
UBUNTU-CVE-2021-23172
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash...
Denial Of Service (DoS)
mujs is vulnerable to denial of service. The vulnerability exists due to a NULL pointer dereference in jsdump.c which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
chromium is vulnerable to denial of service. The vulnerability exists due to the use after free in cast UI/TOOLBAR which allows an attacker to crash the application via malicious input...
H3C Magic R100 缓冲区错误漏洞
H3C Magic R100 is a router from H3C. H3C Magic R100 is vulnerable to a buffer overflow vulnerability, which can be exploited by remote attackers to submit special requests that can crash an application or execute arbitrary code in the application context...
Denial Of Service (DoS)
mariadb is vulnerable to denial of service. An attacker can crash the application through the use-after-free in the component mywildcmp8bitimpl at ctype-simple.c...
Denial Of Service (DoS)
exempi is vulnerable to denial of service. An attacker can crash the application through the buffer overflow by providing a specially-crafted .cpp file, resulting in arbitrary code execution in the context of the current user...
Denial Of Service (DoS)
mutt is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
github.com/ethereum/go-ethereum is vulnerable to denial of service. The vulnerability exists in loop function of txpool.go causing a buffer overflow which leads to an application crash...
Denial Of Service (DoS)
kicad is vulnerable to denial of service. The vulnerability exists due to the stack-based buffer overflow in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality, allowing attacker to crash the application by providing a specially-crafted gerber or excellon file...
fastify-multipart 资源管理错误漏洞
fastify-multipart is a software package that supports parsing multiple content types. A resource management error vulnerability exists in fastify-multipart before 5.3.1, which stems from the possibility of crashing the application by providing the name=constructor attribute...
Oracle MySQL 缓冲区错误漏洞
Oracle MySQL Cluster is the United States Oracle Oracle company developed a write scalable, real-time, ACID-compatible transactional database. An information disclosure vulnerability exists in Oracle MySQL Cluster, which can be exploited by an attacker to read the contents of memory or crash an...
Oracle MySQL 缓冲区错误漏洞
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version of Oracle MySQL Cluster for distributed computing environments. The vulnerability can be exploited to read the contents of memory or crash an...
Denial Of Service (DoS)
libxml2.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the book3shvrmhandlers.s because of containing a bug when handling SRR1 that allows a malicious guest to crash the application,...
Information Disclosure
shelljs is vulnerable to information disclosure. The vulnerability exists in ShellJS exec function of exec.js because the file permissions have not been locked down which allows an attacker to gain access to sensitive information of file system of the running scripts and crash application...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2249)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Pillow 缓冲区错误漏洞
Pillow is a Python-based image processing library. Pillow is vulnerable to an out-of-bounds read vulnerability, which can be exploited to submit special file requests and trick users into parsing them, which can crash the application...
QEMU <= 5.2.0 DoS Vulnerability
QEMU is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...