Lucene search
K

73 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.6 views

SUSE CVE-2016-4003

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

6.1CVSS6AI score0.11562EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.4 views

SUSE CVE-2022-0934

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

6.5CVSS8.8AI score0.01487EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2022/09/21 12:0 a.m.6 views

The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit application development tools allows attackers to perform cross-site scripting attacks.

The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit for application development is related to the use of single-byte encoding for pages. Exploiting this vulnerability allows a remote attacker to perform cross-page scripting attacks...

6.4CVSS6.6AI score0.11562EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2022/08/29 3:15 p.m.3 views

ALPINE-CVE-2022-0934

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5CVSS6.5AI score0.01487EPSS
Exploits0References1
OSV
OSV
added 2022/08/29 3:15 p.m.1 views

DEBIAN-CVE-2022-0934

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

7.5CVSS7.5AI score0.01487EPSS
Exploits0References1
Prion
Prion
added 2022/08/29 3:15 p.m.212 views

Design/Logic Flaw

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...

5CVSS7AI score0.01487EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/29 12:0 a.m.10 views

The vulnerability of the nfnetlink_queue module in Linux operating systems, related to incorrect handling of verdicts with a single-byte attribute nfta_payload, allows a perpetrator to trigger a service failure.

The vulnerability of the nfnetlinkqueue module in Linux operating systems is related to incorrect handling of verdicts with a single-byte attribute named nftapayload. Exploiting this vulnerability allows an attacker to cause service failures remotely...

9CVSS6.5AI score0.05542EPSS
Exploits1References51Affected Software5
OpenVAS
OpenVAS
added 2022/07/08 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2022-1962)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01487EPSS
Exploits0References2
OSV
OSV
added 2022/05/14 1:57 a.m.43 views

GHSA-M3X6-9V6H-4G28 Cross-site Scripting in Apache Struts

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

6.1CVSS6AI score0.11562EPSS
Exploits0References11
OSV
OSV
added 2022/03/24 7:16 p.m.6 views

CLSA-2022-1648149396 Fix CVE(s): CVE-2021-3999

SECURITY UPDATE: single byte buffer underflow and overflow - debian/patches/any/CVE-2021-3999.patch: reject buffer of size 1 and return NULL with errno set to ERANGE - CVE-2021-3999...

7.8CVSS7.2AI score0.0072EPSS
Exploits1References1
OSV
OSV
added 2022/03/24 7:13 p.m.7 views

CLSA-2022-1648149189 Fix of CVE: CVE-2021-3999

CVE-2021-3999: single byte buffer overflow and overflow in getcwd...

7.8CVSS7.2AI score0.0072EPSS
Exploits1References1
OSV
OSV
added 2022/03/24 4:8 p.m.6 views

CLSA-2022-1648138117 Fix of CVE: CVE-2021-3999

CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...

7.8CVSS7.1AI score0.0072EPSS
Exploits1References1
OSV
OSV
added 2022/03/24 4:7 p.m.6 views

CLSA-2022-1648138064 Fixed CVE-2021-3999 in glibc

CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...

7.8CVSS7.2AI score0.0072EPSS
Exploits1References1
NVD
NVD
added 2017/08/18 8:29 p.m.21 views

CVE-2007-5199

A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...

9.8CVSS9.9AI score0.02211EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/08/18 8:29 p.m.34 views

CVE-2007-5199

A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...

9.8CVSS7.2AI score0.02211EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2017/08/18 8:0 p.m.25 views

CVE-2007-5199

A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...

9.8CVSS9.9AI score0.02211EPSS
Exploits1
CNVD
CNVD
added 2016/10/31 12:0 a.m.14 views

OpenJPEG Single Byte Overflow Vulnerability

OpenJPEG library is written in C language open source JPEG 2000 codec . OpenJPEG 2.1.2 suffers from a single-byte overflow vulnerability in the openjp2/pi.c:523 opjpinextcprl function, which can lead to a denial of service...

7.5CVSS9.2AI score0.03168EPSS
Exploits1References1
CNVD
CNVD
added 2015/12/18 12:0 a.m.4 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08319)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the HTTP/2 implementation of Mozilla Firefox prior to version 43.0. A remote attacker can exploit this vulnerability to cause a denial of service integer...

5CVSS8.7AI score0.02888EPSS
Exploits0References1
OSV
OSV
added 2015/12/15 12:0 a.m.6 views

UBUNTU-CVE-2015-7218

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...

5CVSS6.9AI score0.02888EPSS
Exploits0References4
CNVD
CNVD
added 2015/03/12 12:0 a.m.4 views

Wireshark 'pcapng.c' Denial of Service Vulnerability

Wireshark is an open source network protocol analysis tool. The pcapngread function in Wireshark wiretap/pcapng.c handles malicious messages with a single-byte overflow error, allowing an attacker to exploit a vulnerability by submitting a special message to crash the application...

5CVSS7.1AI score0.046EPSS
Exploits0References1
Rows per page
Query Builder