Lucene search
K

53 matches found

OSV
OSV
added 2024/10/27 5:15 a.m.7 views

AZL-51684 CVE-2024-50602 affecting package expat for versions less than 2.6.3-2

An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser...

5.9CVSS6.9AI score0.0104EPSS
Exploits0References1
OSV
OSV
added 2024/09/15 12:6 a.m.6 views

OSV-2024-1071 Use-of-uninitialized-value in Poco::Dynamic::Var::~Var

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538385 Crash type: Use-of-uninitialized-value Crash state: Poco::Dynamic::Var::Var void Poco::JSON::Object::doStringifystd::1::mapstd::1::basicstringchar, Poco::JWT::Serializer::serialize...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/05/07 7:15 a.m.4 views

CVE-2024-31078

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2024/05/01 7:0 a.m.10 views

cJSON v1.7.17 was discovered to contain a segmentation violation which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c.

...

7.6CVSS7.2AI score0.00648EPSS
Exploits1
OSV
OSV
added 2024/02/23 3:15 p.m.5 views

AZL-34687 CVE-2024-25629 affecting package fluent-bit for versions less than 3.0.6-1

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

5.5CVSS6.8AI score0.00349EPSS
Exploits0References1
OSV
OSV
added 2023/09/14 3:3 p.m.5 views

USN-6371-1 libssh2 vulnerability

It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash...

7.5CVSS6.7AI score0.00914EPSS
Exploits0References2
Prion
Prion
added 2023/09/12 2:15 a.m.14 views

Memory corruption

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information...

5CVSS7.7AI score0.00622EPSS
Exploits0References2Affected Software9
OSV
OSV
added 2023/07/25 7:15 p.m.13 views

AZL-27630 CVE-2023-39129 affecting package crash for versions less than 8.0.1-3

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2023/04/28 10:1 a.m.5 views

USN-6048-1 ZenLib vulnerability

It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library...

7.5CVSS5.8AI score0.01177EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11638

An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function recfieldnameequalp at rec-field-name.c in librec.a, leading to a crash...

6.5CVSS7.3AI score0.01411EPSS
Exploits1References3
Prion
Prion
added 2022/08/19 8:15 p.m.18 views

Design/Logic Flaw

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized ASAN build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the...

5CVSS7.5AI score0.00625EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/06/11 12:0 a.m.3 views

GHSA-27MX-GCHC-6XJP Unhandled crash in npm posix

This affects all versions of package posix. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check...

7.5CVSS5.9AI score0.00966EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/02/24 3:15 p.m.37 views

CVE-2022-24615

zip4j up to v2.10.0 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

5.5CVSS6.4AI score0.00698EPSS
Exploits0References2
OSV
OSV
added 2022/01/11 12:45 p.m.3 views

USN-5043-2 exiv2 regression

USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Exiv2 incorrectly handled certain image...

5.5CVSS6.6AI score0.01051EPSS
Exploits0References3
OSV
OSV
added 2021/07/05 1:12 p.m.3 views

USN-5005-1 djvulibre vulnerability

It was discovered that DjVuLibre incorrectly handled certain djvu files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

5.5CVSS6.4AI score0.01055EPSS
Exploits0References2
OSV
OSV
added 2021/03/15 8:10 p.m.19 views

USN-4768-1 musl vulnerabilities

It was discovered that musl did not properly handle kernel syscalls. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. CVE-2018-1000001 It was discovered that musl did not properly handle the parsing of DNS response codes. A remote...

9.8CVSS7.4AI score0.13614EPSS
Exploits9References6
OSV
OSV
added 2020/01/08 1:39 p.m.2 views

USN-4230-1 clamav vulnerability

It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...

7.5CVSS6.9AI score0.03135EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/08/06 12:30 p.m.8 views

opensc: Out of bounds reads handling responses from smartcards

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs...

4.3CVSS5.8AI score0.00493EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.18 views

Fedora 30 : mosquitto (2019-cc896df591)

1.6.2 ===== Broker : - Fix memory access after free, leading to possible crash, when v5 client with Will message disconnects, where the Will message has as its first property one of content-type, correlation-data, payload-format-indicator, or response-topic. - Fix build for WITHTLS=no. - Fix Will...

5.4AI score
Exploits0References1
OSV
OSV
added 2018/09/04 12:29 a.m.1 views

DEBIAN-CVE-2018-16427

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs...

4.3CVSS5.8AI score0.00493EPSS
Exploits0References1
Rows per page
Query Builder