341 matches found
Denial Of Service (DoS)
github.com/ethereum/go-ethereum is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of incoming messages, which allows a specially crafted message to trigger a crash or shutdown of the node...
CVE-2024-10001 Code Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message Handling
A Code Injection vulnerability was identified in GitHub Enterprise Server that allowed attackers to inject malicious code into the query selector via the identity property in the message handling function. This enabled the exfiltration of sensitive data by manipulating the DOM, including...
PT-2025-1574 · Github · Github Enterprise Server
Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.11.16 GitHub Enterprise Server versions prior to 3.12.10 GitHub Enterprise Server versions prior to 3.13.5 GitHub Enterprise Server versions prior to 3.14.2 GitHub Enterprise Server versions prior ...
Reflected Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of error messages, which allows execution of a malicious payload included in a URL when the website is set to the "dev" environment mode...
PT-2025-2885 · Sungrow · Sungrow Winet-Sv200
Name of the Vulnerable Software and Affected Versions: SunGrow WiNet-SV200 versions 0.001.00.P027 and earlier Description: The issue arises when copying the timestamp read from an MQTT message, as the underlying code does not check the bounds of the buffer used to store the message. This may lead...
CVE-2024-57876
In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...
SUSE CVE-2024-57876
In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix resetting msg rx state after topology removal If the MST topology is removed during the reception of an MST down reply or MST up request sideband message, the drmdpmsttopologymgr::upreqrecv/downreprecv states could...
Information Disclosure
apachesuperset is vulnerable to Information Disclosure. The vulnerability is due to improper handling of error messages, exposing sensitive analytics metadata, which allows an attacker to gain access to this information, potentially aiding in further attacks or revealing system details...
Oracle Linux 9 : krb5 (ELSA-2024-9331)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9331 advisory. 1.21.1-3.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-3 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message tok...
PostgreSQL 安全漏洞
PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL that stems from...
FreeBSD : libqb -- Buffer overflow (ecf9a798-9aa9-11ef-a8f0-a8a15998b5cb)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ecf9a798-9aa9-11ef-a8f0-a8a15998b5cb advisory. [email protected] reports: logblackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messag...
HTML Injection
org.openrefine, openrefine is vulnerable to HTML injection. The vulnerability is due to improper handling of error messages, which fails to escape HTML tags in exception messages and tracebacks, allowing an attacker to inject malicious HTML when a specific error is triggered...
CVE-2024-35202
Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...
CVE-2024-35202
Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...
CVE-2024-35202
CVE-2024-35202 affects Bitcoin Core prior to 25.0. The vulnerability allows remote attackers to cause a denial of service by including transactions in a blocktxn message that are not committed to in a block’s merkle root, triggering a blocktxn-handling assertion and node exit. The issue is associ...
CVE-2024-35202
Bitcoin Core before 25.0 allows remote attackers to cause a denial of service blocktxn message-handling assertion and node exit by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instan...
PT-2024-26378
Name of the Vulnerable Software and Affected Versions Bitcoin Core versions prior to 25.0 Description A high-severity software bug in Bitcoin Core allows remote attackers to cause a denial of service by including transactions in a blocktxn message that are not committed to in a block's merkle roo...
USN-7017-1: Quagga vulnerability
Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...
CVE-2024-39808
Incorrect Calculation of Buffer Size CWE-131 in the Controller 6000 and Controller 7000 OSDP message handling, allows an attacker with physical access to Controller wiring to instigate a reboot leading to a denial of service. This issue affects: Controller 6000 and Controller 7000 9.10 prior to...
UBUNTU-CVE-2022-48865
In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is observed: 4.498085 RIP: 0010:tipcmonprep+0x4e/0x130 tipc ... 4.520030 Call Trace: 4.520689 4.521236 tipclinkbuildprotomsg+0x375/0x750...