Lucene search
+L

266 matches found

RedhatCVE
RedhatCVE
added 2023/12/06 7:59 a.m.18 views

CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource allows attackers to cause a Denial of Service DoS after running a SELECT statement...

7.5CVSS7.3AI score0.00958EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/11/29 8:15 p.m.4 views

CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

7.5CVSS7.1AI score0.00958EPSS
Exploits1References2
OSV
OSV
added 2023/11/29 8:15 p.m.3 views

DEBIAN-CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

7.5CVSS7.3AI score0.00958EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/11/29 8:15 p.m.41 views

CVE-2023-48952

An issue in the boxdeserializereusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

7.5CVSS7.1AI score0.00958EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/11/29 12:0 a.m.4 views

PT-2023-31017 · Openlink +1 · Openlink Virtuoso-Opensource +1

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: An issue in the box deserialize reusing function allows attackers to cause a Denial of Service DoS after running a SELECT statement. Recommendations: For openlink virtuoso-opensource...

7.5CVSS6.6AI score0.00958EPSS
Exploits1References12
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.6 views

Virtuoso Open-Source Edition Security Vulnerabilities

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.11, which ste...

7.5CVSS7.2AI score0.00958EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.35 views

Ubuntu 16.04 ESM : Puppet vulnerabilities (USN-4804-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4804-1 advisory. It was discovered that Puppet installed modules with world writable permissions. An attacker could use this vulnerability to execute arbitrary code or...

8.2CVSS7.8AI score0.02375EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/10/20 12:0 a.m.19 views

CVE-2023-39680

Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing attackers to execute arbitrary code...

7.5CVSS10AI score0.00576EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/03 2:5 p.m.7 views

jackson-databind: use of deeply nested arrays

A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...

7.5CVSS6.8AI score0.02706EPSS
Exploits1References4
Prion
Prion
added 2023/04/19 8:15 p.m.14 views

Out-of-bounds

In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

1.7CVSS5AI score0.00087EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/04/19 12:0 a.m.23 views

CVE-2023-20935

In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

5.3AI score0.00087EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.4 views

PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...

7.8CVSS7.8AI score0.00909EPSS
Exploits16References79
Github Security Blog
Github Security Blog
added 2023/03/24 10:0 p.m.23 views

Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses

Impact An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmmsysutil::fam::FamStructWrapper, which can lead to out of bounds memory accesses. Patches The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserti...

7.5CVSS7.3AI score0.00556EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2023/03/24 12:0 p.m.26 views

RUSTSEC-2023-0030 `Versionize::deserialize` implementation for `FamStructWrapper<T>` is lacking bound checks, potentially leading to out of bounds memory accesses

An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmmsysutil::fam::FamStructWrapper, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that...

5.7CVSS6.2AI score0.00556EPSS
Exploits0References3
RustSec
RustSec
added 2023/03/24 12:0 p.m.50 views

`Versionize::deserialize` implementation for `FamStructWrapper<T>` is lacking bound checks, potentially leading to out of bounds memory accesses

An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmmsysutil::fam::FamStructWrapper, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that...

7.5CVSS6.7AI score0.00556EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.6 views

SUSE CVE-2016-3141

Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact by triggering a wddxdeserialize call on XML data...

9.8CVSS9.2AI score0.35438EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.6 views

SUSE CVE-2016-7418

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

7.5CVSS7.8AI score0.11402EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-15686

A vulnerability in unitdeserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and...

3.6CVSS7.3AI score0.02279EPSS
Exploits4References51
Positive Technologies
Positive Technologies
added 2022/08/22 12:0 a.m.5 views

PT-2022-7536 · Hdf5 +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 versions 1.13.3 and earlier HDF5 versions 1.14.2 and earlier Description: The issue is related to a buffer overflow in the H5HG cache heap deserialize function of the HDF5 library, which can lead to a denial of service or potential code...

7.4CVSS7.9AI score0.00223EPSS
Exploits0References13
OSV
OSV
added 2022/06/28 12:0 a.m.16 views

GHSA-M43H-HFRQ-X8WX SystemDS CPU exhaustion vulnerability

The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a...

8.7CVSS7.4AI score0.02091EPSS
Exploits0References6
Rows per page
Query Builder