Lucene search
K

124 matches found

Tenable Nessus
Tenable Nessus
added 2021/04/21 12:0 a.m.52 views

RHEL 7 : perl (RHSA-2021:1032)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1032 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: per...

8.6CVSS7AI score0.11334EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2021/03/23 1:54 a.m.82 views

Denial of Service in Page Error Handling

Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C 5.5 CWE-405, CWE-674 Status: DRAFT Problem Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a...

7.5CVSS1.1AI score0.01731EPSS
Exploits0References7Affected Software2
Positive Technologies
Positive Technologies
added 2021/03/23 12:0 a.m.2 views

PT-2021-14442 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue arises when requesting invalid or non-existing resources via HTTP, triggering the page error handler. This handler can retrie...

7.5CVSS7.3AI score0.01731EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2021/03/16 3:18 p.m.80 views

Moderate: Red Hat Security Advisory: perl security update

An update for perl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.6CVSS7AI score0.11334EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/12/16 12:0 a.m.71 views

AIX 7.2 TL 3 : perl (IJ26986)

https://vulners.com/cve/CVE-2020-10543 https://vulners.com/cve/CVE-2020-10543 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl before 5.30.3 has an integer overflow related to mishandling of a...

8.6CVSS7.2AI score0.11334EPSS
Exploits0References4
curl security advisories
curl security advisories
added 2020/12/09 8:0 a.m.17 views

FTP wildcard stack overflow

libcurl offers a wildcard matching functionality, which allows a callback set with CURLOPTCHUNKBGNFUNCTION to return information back to libcurl on how to handle a specific entry in a directory when libcurl iterates over a list of all available entries. When this callback returns...

7.5CVSS6.9AI score0.09917EPSS
Exploits1References1Affected Software2
Veracode
Veracode
added 2020/09/21 6:31 a.m.24 views

Heap Buffer Over-read

binutils:bionic is vulnerable to heap buffer over-read in dexpression1 in cp-demangle.c after many recursive calls...

7.8CVSS2.3AI score0.01802EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2020/09/21 6:18 a.m.25 views

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after many recursive calls...

5.5CVSS4.4AI score0.01813EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.34 views

EulerOS Virtualization 3.0.6.0 : perl-Data-Dumper (EulerOS-SA-2020-1782)

According to the version of the perl-Data-Dumper package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to...

2.1CVSS7.2AI score0.00554EPSS
Exploits3References2
OSV
OSV
added 2020/06/01 12:0 a.m.4 views

UBUNTU-CVE-2020-12723

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular expressions in th...

7.5CVSS7.1AI score0.05971EPSS
Exploits0References6
Veracode
Veracode
added 2020/04/10 12:29 a.m.46 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists when fput was called to close a socket, the scmdestroy function in the Linux kernel could make indirect recursive calls to itself...

4.9CVSS3.7AI score0.00504EPSS
Exploits2References39Affected Software2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2019-2419)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.03045EPSS
Exploits3References2
OSV
OSV
added 2019/12/27 2:15 a.m.1 views

DEBIAN-CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

6.5CVSS6.7AI score0.01691EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/12/27 2:15 a.m.18 views

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

6.5CVSS6.7AI score0.01691EPSS
Exploits1References4
OSV
OSV
added 2019/12/27 2:15 a.m.2 views

UBUNTU-CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

6.5CVSS6.5AI score0.01691EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/09/06 9:25 p.m.39 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5AI score0.009EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2019/09/06 9:25 p.m.19 views

CVE-2019-16088

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...

5.5CVSS2.8AI score0.009EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/09/06 12:0 a.m.7 views

PT-2019-14499 · Foxtan +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: Xpdf version 3.04 Description: The issue occurs due to a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. Recommendations: For Xpdf version 3.04, at the moment, there is no information abou...

9.1CVSS5.6AI score0.01618EPSS
Exploits22References64
RedhatCVE
RedhatCVE
added 2019/05/14 12:9 p.m.24 views

CVE-2018-19838

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone, cloneChildren, and copy...

6.5CVSS5.6AI score0.01937EPSS
Exploits1References1
Prion
Prion
added 2019/03/21 6:29 p.m.19 views

Stack overflow

An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c...

4.3CVSS6.4AI score0.027EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder