Lucene search
+L

28 matches found

OSV
OSV
added 2023/06/01 1:15 p.m.6 views

UBUNTU-CVE-2023-33546

DISPUTED Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disput...

5.5CVSS5.9AI score0.0033EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/01 12:0 a.m.19 views

CVE-2023-33546

Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...

6.7AI score0.0033EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/06/01 12:0 a.m.40 views

CVE-2023-33546

Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...

5.5CVSS5.5AI score0.0033EPSS
Exploits1
OSV
OSV
added 2020/07/28 12:0 a.m.5 views

OSV-2020-1399 Segv on unknown address in clang::StmtVisitorBase<llvm::make_const_ptr, RecordExprEvaluator, bool>::Visit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19152 Crash type: Segv on unknown address Crash state: clang::StmtVisitorBase::Visit clang::StmtVisitorBase::Visit EvaluateInPlace...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.23 views

CVE-1999-0477

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly...

6.6AI score0.05332EPSS
Exploits0References1
CVE
CVE
added 2000/02/04 5:0 a.m.66 views

CVE-1999-0477

The CVE-1999-0477 issue affects the ColdFusion Application Server’s Expression Evaluator. A remote attacker can upload files via openfile.cfm due to insufficient access restriction, enabling arbitrary file upload on the server. This is documented across multiple sources (e.g., Red Hat, NVD) with ...

7.5CVSS6.6AI score0.05332EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.29 views

CVE-1999-0455

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly...

6.6AI score0.05845EPSS
Exploits0References1
NVD
NVD
added 1999/12/25 5:0 a.m.20 views

CVE-1999-0477

The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly...

7.5CVSS6.6AI score0.05332EPSS
Exploits0References1
Rows per page
Query Builder