41 matches found
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is a relational database management system developed by Oracle Corporation. There are security vulnerabilities in versions 8.0.0 to 8.0.45 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: DML component, which may allow attackers with high...
Oracle Java SE和Oracle GraalVM Enterprise Edition 安全漏洞
Oracle Java SE and Oracle GraalVM Enterprise Edition are both products of Oracle Corporation. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM Enterprise Edition is an enterprise-level...
salvo 安全漏洞
Salvo is a web framework developed by Salvo OpenSource. Versions of Salvo prior to 0.89.3 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcement of payload size limits in the form data parsing mechanism, which could lead to memory exhaustion and service...
CoreDNS 安全漏洞
CoreDNS is a DNS server for the CoreDNS community. A security vulnerability exists in versions of CoreDNS prior to 1.14.0, which stems from a lack of resource limiting controls and could lead to memory exhaustion and service crashes...
CVE-2025-59462
An attacker who tampers with the C++ CLI client may crash the UpdateService during file transfers, disrupting updates and availability...
EUVD-2016-1458
Malware in sbrugna...
EUVD-2022-33322
Malicious code in bioql PyPI...
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service
Summary A Denial of Service DoS vulnerability exists in Kyverno due to improper handling of JMESPath variable substitutions. Attackers with permissions to create or update Kyverno policies can craft expressions using the @ variable combined with a pipe and an invalid JMESPath function e.g., @ |...
The vulnerability of the authentication protocol implementation of the MongoDB database management system’s OIDC server allows a perpetrator to induce a service failure.
The vulnerability of the OIDC authentication protocol implementation in MongoDB database management systems is related to deficiencies in the mechanism for verifying input data. Exploiting this vulnerability allows a malicious actor to cause service failures by sending a specially crafted JSON fi...
The vulnerability of the cachefiles_set_volume_xattr() function in the fs/cachefiles/xattr.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the cachefilessetvolumexattr function in the fs/cachefiles/xattr.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2022-28885
A Denial-of-Service DoS vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request...
CVE-2018-17017
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for dhcpd udhcpd enable...
The vulnerability of the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays. This vulnerability is related to the occurrence of operations outside the buffer boundaries in memory, allowing an attacker to cause a service failure.
The vulnerability of the orcparse.c file in the library for compiling and executing programs that work with GStreamer ORC data arrays is related to buffer overflows based on a stack-based mechanism. Exploiting this vulnerability could allow an attacker to cause service failures...
samba: smbd allows client access to unix domain sockets on the file system as root
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
CVE-2023-3961
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
CVE-2023-3961 Samba: smbd allows client access to unix domain sockets on the file system as root
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call RPC services like SAMR LSA or SPOOLSS, which Samba initiates o...
The vulnerability of the gf_odf_vvc_cfg_read_bs() function on the GPAC multimedia platform allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the gfodfvvccfgreadbs function on the GPAC multimedia platform is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS by sending an invalid request to an exposed endpoint. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...
Oracle WebLogic Server 输入验证错误漏洞
Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...
The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code or trigger service interruptions.
The vulnerability of WebRTC implementations in Google Chrome and Microsoft Edge stems from the execution of operations outside of the buffer in memory when processing HTML content. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures through a...