4210 matches found
Design/Logic Flaw
An issue was discovered in fs/iouring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d...
Linux kernel 路径遍历漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A path traversal vulnerability exists in versions of Linux kernel prior to 5.6, which stems from its failure to safely handle the root directory during path lookups, so that...
AZL-45321 CVE-2017-18926 affecting package raptor2 2.0.15-29
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
DEBIAN-CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
UBUNTU-CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
Denial Of Service (DoS)
github.com/hashicorp/consul is vulnerable to denial of service DoS. Incorrect use of namespaces in comparisons allow an attacker to send infinite Raft writes to cause a namespace replication bug, leading to a resource exhaustion and an application crash...
PT-2020-6185
Name of the Vulnerable Software and Affected Versions Raptor RDF Syntax Library version 2.0.15 Description The issue is related to the raptor xml writer start element common function in the Raptor RDF Syntax Library, which miscalculates the maximum number of nspace declarations for the XML writer...
Namespace Collision
sqlite is vulnerable to namespace collision vulnerability. The vulnerability is possible because sqlite allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c...
CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
DEBIAN-CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
UBUNTU-CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
Design/Logic Flaw
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
CVE-2020-25201
HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5...
CVE-2020-25201
Summary: CVE-2020-25201 affects HashiCorp Consul Enterprise versions 1.7.0 through 1.8.4. A namespace replication bug can be triggered to cause a denial of service via infinite Raft writes. The issue is fixed in 1.7.9 and 1.8.5. Affected software: HashiCorp Consul Enterprise (v1.7.x up to 1.8.4)....
expat: large number of colons in input makes parser consume high amount of resources, leading to DoS
It was discovered that the "setElementTypePrefix" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service...
CVE-2020-16120
A flaw was found in the User namespace on an overlay filesystem in the Linux Kernel, Where a file with no access privilege was able to copy the file to a user defined mount point. An attacker with a special user privilege locally may lead to a kernel information leak problem. Mitigation Red Hat...
CVE-2020-16120
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a...