Lucene search
+L

39 matches found

OSV
OSV
added 2024/07/11 4:15 p.m.19 views

PYSEC-2024-86

Wagtail is an open source content management system built on Django. A bug in Wagtail's parsequerystring would result in it taking a long time to process suitably crafted inputs. When used to parse sufficiently long strings of characters without a space, parsequerystring would take an unexpectedl...

4.9CVSS5.7AI score0.0061EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/09/15 6:15 a.m.7 views

CVE-2023-36659

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service loss of communication...

9.8CVSS7.4AI score0.00731EPSS
Exploits0References3
OSV
OSV
added 2023/09/15 6:15 a.m.3 views

CVE-2023-36659

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service loss of communication...

9.8CVSS5.8AI score0.00731EPSS
Exploits0References2
NVD
NVD
added 2023/09/15 6:15 a.m.26 views

CVE-2023-36659

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service loss of communication...

9.8CVSS9.2AI score0.00731EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.4 views

SUSE CVE-2012-5667

Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow...

4.4CVSS9.8AI score0.01022EPSS
Exploits6References4
Positive Technologies
Positive Technologies
added 2022/07/06 12:0 a.m.13 views

PT-2022-20550

Name of the Vulnerable Software and Affected Versions moment versions prior to 2.29.4 Description The issue is related to an inefficient parsing algorithm used in the moment JavaScript date library, specifically in the string-to-date parsing and rfc2822 parsing. This results in quadratic complexi...

7.8CVSS7.2AI score0.04923EPSS
Exploits1References210
Microsoft CVE
Microsoft CVE
added 2021/12/16 12:0 a.m.6 views

Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR (3) WNHOME or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges this issue only crosses privilege boundaries when WordNet is invoked as a third party component.

...

10CVSS6.7AI score0.04429EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/02/16 2:28 p.m.6 views

nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters...

7.5CVSS7.4AI score0.0344EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/01/15 12:0 a.m.2 views

PT-2021-11240 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 12.4 and later Description: An issue has been discovered in GitLab where the regex used for package names is written in a way that makes execution time have quadratic growth based on the length of the malicious input string...

6.5CVSS6.1AI score0.01529EPSS
Exploits0References11
OSV
OSV
added 2020/08/07 10:15 p.m.6 views

CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.6AI score0.00459EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/08/07 10:15 p.m.3 views

CVE-2020-15057

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2020/08/07 10:15 p.m.4 views

CVE-2020-15061

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values...

6.5CVSS6.5AI score0.00459EPSS
Exploits0References3
curl security advisories
curl security advisories
added 2019/05/22 8:0 a.m.9 views

Integer overflows in URL parser

libcurl contains two integer overflows in the curlurlset function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. The flaws only exist on 32-bit architectures and require excessive string input lengths...

4.3CVSS5.6AI score0.04897EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2018/09/04 1:29 p.m.4 views

UBUNTU-CVE-2018-10907

It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca3'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffe...

8.8CVSS7.2AI score0.03364EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2012/08/27 1:2 p.m.9 views

glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines

Multiple integer overflows in the 1 strtod, 2 strtof, 3 strtold, 4 strtodl, and other unspecified "related functions" in stdlib in GNU C Library aka glibc or libc6 2.16 allow local users to cause a denial of service application crash and possibly execute arbitrary code via a long string, which...

4.6CVSS6.6AI score0.00993EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/06/15 9:4 p.m.3 views

cscope: multiple buffer overflows

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...

9.3CVSS6.3AI score0.06765EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/10/14 8:0 p.m.20 views

CVE-2002-2253

Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via 1 a long header name, 2 a long IMAP flag, or 3 a script that generates a large number of errors that overflow the resulting error string...

8AI score0.06569EPSS
Exploits1References7
Prion
Prion
added 2007/03/19 10:19 p.m.21 views

Buffer overflow

Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a 1 long command, 2 long server argument to the a connect or b server commands, 3 long nick argument to the c nick command, or a long 4 nick or 5 message argument to the d ctcp, e chat, f notice, ...

6.8CVSS8.1AI score0.02904EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/07/21 9:0 p.m.21 views

CVE-2006-3788

Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via 1 a long unit name in Net::recvaddunit,; 2 large values to Net::recvrules, Net::recvselectunit, Net::recvoptions, and Net::recvunitdata; and 3 a large mapdata GEODATA structure in...

7.7AI score0.04741EPSS
Exploits0References11
Rows per page
Query Builder