Lucene search
+L

41 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-16239

In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circumvent the Filter Scheduler bypassing imposed filters for example, the ImagePropertiesFilter or the IsolatedHostsFilter. All setups using Nova Filter...

4.2CVSS6.8AI score0.0141EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/10 5:14 p.m.5 views

httpd: Unexpected URL matching with 'MergeSlashes OFF'

A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity...

5.3CVSS7.1AI score0.52331EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.3 views

httpd: Unexpected URL matching with 'MergeSlashes OFF'

A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity...

5.3CVSS7.1AI score0.52331EPSS
Exploits0References5
OSV
OSV
added 2021/02/25 6:54 p.m.4 views

USN-4754-2 python2.7 regression

USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Python incorrectly handled certain...

6AI score
Exploits0References2
ossfuzz
ossfuzz
added 2020/09/21 8:24 p.m.21 views

binutils:fuzz_readelf: Heap-buffer-overflow in read_leb128

Detailed Report: https://oss-fuzz.com/testcase?key=6294642243665920 Project: binutils Fuzzing Engine: libFuzzer Fuzz Target: fuzzreadelf Job Type: libfuzzerasanbinutils Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6210000064fc Crash State: readleb128...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/08/13 8:51 a.m.16 views

dlplibs:key6fuzzer: Segv on unknown address in std::__1::deque<std::__1::deque<boost::variant<libetonyek::MoveTo, libetonyek::L

Detailed Report: https://oss-fuzz.com/testcase?key=5068676089511936 Project: dlplibs Fuzzing Engine: afl Fuzz Target: key6fuzzer Job Type: aflasandlplibs Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: std::1::dequestd::1::dequeboost::variantlibetonyek::MoveTo,...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/07/03 12:8 p.m.26 views

binutils:fuzz_readelf: Stack-buffer-overflow in print_dynamic_symbol

Detailed Report: https://oss-fuzz.com/testcase?key=5953247323095040 Project: binutils Fuzzing Engine: honggfuzz Fuzz Target: fuzzreadelf Job Type: honggfuzzasanbinutils Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f67ff9a3340 Crash State: printdynamicsymbol...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/06/05 11:2 a.m.19 views

poppler:pdf_fuzzer: Use-of-uninitialized-value in Splash::pipeRunSimpleXBGR8

Detailed Report: https://oss-fuzz.com/testcase?key=5659855921872896 Project: poppler Fuzzing Engine: libFuzzer Fuzz Target: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: Splash::pipeRunSimpleXBGR8 Splash::blitImage...

6.4AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/06/01 6:14 p.m.13 views

oniguruma:fuzzer: Index-out-of-bounds in parse_exp

Project: https://github.com/kkos/oniguruma.git Detailed Report: https://oss-fuzz.com/testcase?key=5203948213633024 Project: oniguruma Fuzzing Engine: libFuzzer Fuzz Target: fuzzer Job Type: libfuzzerubsanoniguruma Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/12/26 9:40 p.m.15 views

envoy:symbol_table_fuzz_test: Stack-buffer-overflow in Envoy::Stats::Fuzz::EnvoyTestOneInput

Project: https://github.com/envoyproxy/envoy.git Detailed Report: https://oss-fuzz.com/testcase?key=5645970620809216 Project: envoy Fuzzing Engine: libFuzzer Fuzz Target: symboltablefuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/12/19 6:14 a.m.20 views

binutils:fuzz_bfd: Heap-buffer-overflow in xcoff64_slurp_armap

Detailed Report: https://oss-fuzz.com/testcase?key=5127251264012288 Project: binutils Fuzzing Engine: afl Fuzz Target: fuzzbfd Job Type: aflasanbinutils Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 8 Crash Address: 0x6210002f7ce0 Crash State: xcoff64slurparmap xcoff64archivep...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/10/15 12:32 a.m.15 views

binutils:fuzz_disassemble: Global-buffer-overflow in exg_sex_discrim

Detailed Report: https://oss-fuzz.com/testcase?key=5752218594050048 Project: binutils Fuzzing Engine: afl Fuzz Target: fuzzdisassemble Job Type: aflasanbinutils Platform Id: linux Crash Type: Global-buffer-overflow READ 4 Crash Address: 0x000001977e78 Crash State: exgsexdiscrim decodeoperation...

6.8AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2018/07/10 6:0 p.m.8 views

kernel: error in exception handling leads to DoS (CVE-2018-8897 regression)

A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch...

7.8CVSS7AI score0.18696EPSS
Exploits9References4
ossfuzz
ossfuzz
added 2018/06/05 3:39 p.m.16 views

chakra: Crash in libgcc_s.so.1

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5713014413066240 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x7f863863e000 Crash State: libgccs.so.1...

6.8AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2018/04/30 12:51 p.m.8 views

glusterfs: auth.allow allows unauthenticated clients to mount gluster volumes (CVE-2018-1088 regression)

It was found that fix for CVE-2018-1088 introduced a new vulnerability in the way 'auth.allow' is implemented in glusterfs server. An unauthenticated gluster client could mount gluster storage volumes...

8.8CVSS7.3AI score0.02384EPSS
Exploits1References5
OSV
OSV
added 2017/02/13 10:40 a.m.4 views

SUSE-SU-2017:0453-1 Security update for tiff

This update for tiff fixes the following issues: - A crafted TIFF image could cause a crash and potential code execution when processed by the 'tiffcp' utility CVE-2017-5225, bsc1019611. Also a regression from the version update to 4.0.7 was fixed in handling TIFFTAGFAXRECVPARAMS. bsc1022103...

9.8CVSS8.1AI score0.04427EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.45 views

CentOS Update for nspr CESA-2013:1791 centos5

Check for the Version of nspr OpenVAS Vulnerability Test CentOS Update for nspr CESA-2013:1791 centos5 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.5CVSS0.04399EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.26 views

CentOS Update for libtiff CESA-2011:0392 centos5 x86_64

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2011:0392 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

9.3CVSS7AI score0.07474EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/04/01 12:0 a.m.27 views

RedHat Update for libtiff RHSA-2011:0392-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2011:0392-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

9.3CVSS0.07474EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/11/09 3:4 p.m.7 views

REGRESSION: have problem to run JNLP app and applets with signed Jar files (6870531)

The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP 1 application or 2 applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531...

7.5CVSS5.8AI score0.01701EPSS
Exploits0References4
Rows per page
Query Builder