Lucene search
K

100 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.6 views

SUSE CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

7.8CVSS6.8AI score0.81834EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.2 views

SUSE CVE-2019-13103

A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data...

4.7CVSS8.4AI score0.00401EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

5.1CVSS7AI score0.00566EPSS
Exploits0References80
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-20395

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash...

6.5CVSS6.4AI score0.01839EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.8 views

SUSE CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

7.5CVSS7.4AI score0.99999EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/31 1:18 p.m.4 views

jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service...

7.5CVSS7.4AI score0.01395EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2022/02/22 12:0 a.m.1 views

VulnCheck KEV: CVE-2019-10098

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL...

6.1CVSS6.7AI score0.73981EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2021/12/30 12:0 a.m.48 views

Debian DLA-2852-1 : apache-log4j2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2852 advisory. Several security vulnerabilities were found in Apache Log4j2, a Logging Framework for Java, which could lead to a denial of service or information disclosure...

5.9CVSS7.6AI score0.99999EPSS
Exploits20References8
OSV
OSV
added 2021/12/19 12:0 a.m.1 views

UBUNTU-CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

5.9CVSS6.7AI score0.99999EPSS
Exploits20References6
OSV
OSV
added 2021/12/18 6:0 p.m.2 views

GHSA-P6XC-XR62-6R2G Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in...

8.6CVSS7AI score0.99999EPSS
Exploits20References18
OSV
OSV
added 2021/12/18 12:15 p.m.7 views

DEBIAN-CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

5.9CVSS7.2AI score0.99999EPSS
Exploits20References1
Vulnrichment
Vulnrichment
added 2021/12/18 11:55 a.m.5 views

CVE-2021-45105 Apache Log4j2 does not always protect from infinite recursion in lookup evaluation

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

7AI score0.99999EPSS
Exploits20References13
RedHat Linux
RedHat Linux
added 2021/05/18 3:4 p.m.3 views

libyang: stack-overflow when parsing yang files with self-referential union types

A stack-overflow flaw was found in libyang due to a self-referential union type containing leafrefs. Applications that use libyang to process untrusted input YANG files may crash while processing malformed files...

6.5CVSS6.5AI score0.01839EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/11/04 1:44 a.m.2 views

httpd: mod_rewrite potential open redirect

A vulnerability was discovered in Apache httpd, in modrewrite. Certain self-referential modrewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers...

6.1CVSS7.1AI score0.73981EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/09/29 7:26 p.m.4 views

httpd: mod_rewrite configurations vulnerable to open redirect

A flaw was found in Apache HTTP Server httpd versions 2.4.0 to 2.4.41. Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL...

6.1CVSS6.6AI score0.56691EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/07 1:33 p.m.31 views

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19925, CVE-2019-19645, CVE-2019-19924, CVE-2019-19923, CVE-2019-19880, CVE-2019-19646, CVE-2019-19926)

Summary SQLite is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2019-19925 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of a NULL pathname in the zipfileUpdate function in ext/misc/zipfile.c. By sending a specially-crafted request, a...

9.8CVSS0.9AI score0.0825EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/04/06 7:28 p.m.1 views

httpd: mod_rewrite configurations vulnerable to open redirect

A flaw was found in Apache HTTP Server httpd versions 2.4.0 to 2.4.41. Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL...

6.1CVSS6.6AI score0.56691EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/04/06 7:9 p.m.4 views

httpd: mod_rewrite configurations vulnerable to open redirect

A flaw was found in Apache HTTP Server httpd versions 2.4.0 to 2.4.41. Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL...

6.1CVSS6.6AI score0.56691EPSS
Exploits0References5
NVD
NVD
added 2020/04/02 12:15 a.m.29 views

CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

6.1CVSS6.5AI score0.56691EPSS
Exploits0References27
AlpineLinux
AlpineLinux
added 2020/04/01 11:8 p.m.54 views

CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

6.1CVSS8.1AI score0.56691EPSS
Exploits0
Rows per page
Query Builder