Lucene search
K

49 matches found

Amazon
Amazon
added 2024/04/01 12:0 a.m.41 views

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw...

7.5CVSS8AI score0.01038EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.29 views

GLSA-202312-06 : Exiv2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-06 Exiv2: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...

8.8CVSS6.4AI score0.02555EPSS
Exploits7References29
BDU FSTEC
BDU FSTEC
added 2023/06/26 12:0 a.m.11 views

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS operating system in devices of the EX4300-MP, EX4600, and QFX5000 series allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS on EX4300-MP, EX4600, and QFX5000 devices is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS6.6AI score0.00305EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.3 views

SUSE CVE-2018-5783

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function base/PdfVecObjects.h. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file...

6.2CVSS9AI score0.01065EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6869

In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the zzipparserootdirectory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

6.5CVSS6.6AI score0.02854EPSS
Exploits1References4
NVD
NVD
added 2022/12/25 8:15 p.m.19 views

CVE-2022-4741

A vulnerability was found in docconv up to 1.2.0 and classified as problematic. This issue affects the function ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText. The manipulation leads to uncontrolled memory allocation. The attack may be initiated remotely. Upgrading to version 1.2.1 is...

6.5CVSS0.00763EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/12/25 12:0 a.m.3 views

docconv 安全漏洞

docconv is Search.io open source a library . PDF, DOC, DOCX, XML, HTML, RTF , etc. will be converted to plain text . docconv 1.2.0 and previous versions of a security vulnerability , the vulnerability stems from its ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText function of the operatio...

6.5CVSS5.3AI score0.00763EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/10/12 12:0 a.m.22 views

Juniper Junos OS Vulnerability (JSA69876)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69876 advisory. - In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Jun...

6.5CVSS6.6AI score0.00305EPSS
Exploits0References3
NVD
NVD
added 2022/04/14 4:15 p.m.19 views

CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

7.5CVSS0.0148EPSS
Exploits1References1
CVE
CVE
added 2022/04/14 3:50 p.m.103 views

CVE-2022-22188

The CVE-2022-22188 entry concerns a heap-based buffer overflow in Juniper Networks Junos OS PFE (packet forwarding engine). A network-based, unauthenticated attacker can flood the target device with traffic, causing a Denial of Service, with impact dependent on device configuration. Affected plat...

7.5CVSS7.5AI score0.0148EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/13 4:0 p.m.5 views

CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

7.5CVSS7.1AI score0.0148EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2022/01/25 4:15 p.m.18 views

CVE-2021-34869

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

8.8CVSS0.00418EPSS
Exploits0References2
NVD
NVD
added 2022/01/25 4:15 p.m.46 views

CVE-2021-34868

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

8.8CVSS0.00423EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/25 3:30 p.m.23 views

CVE-2021-34869

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS8.9AI score0.00418EPSS
Exploits0References2
CVE
CVE
added 2022/01/25 3:30 p.m.53 views

CVE-2021-34868

Parallels Desktop 16.1.3-49160 contains a local privilege-escalation flaw in the Toolgate component. The issue stems from improper validation of user-supplied data, causing uncontrolled memory allocation, and enabling an attacker with low-privilege, local code execution on the guest to escalate p...

8.8CVSS8.8AI score0.00423EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/08/19 10:15 p.m.19 views

CVE-2020-18899

An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...

6.5CVSS0.01664EPSS
Exploits1References3
OSV
OSV
added 2021/08/19 10:15 p.m.9 views

PYSEC-2021-879

An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...

6.5CVSS6.3AI score0.01664EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/08/19 12:0 a.m.28 views

CVE-2020-18899

An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...

6.3AI score0.01664EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2021/08/03 12:0 a.m.46 views

(Pwn2Own) Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...

7.8CVSS4.1AI score0.00246EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.6 views

The vulnerability of the Cisco AnyConnect Secure Mobility Client’s cryptographic protection mechanism, related to uncontrolled memory allocation, allows a perpetrator to cause a service failure.

The vulnerability of the Cisco AnyConnect Secure Mobility Client encryption method is related to uncontrolled memory allocation. Exploiting this vulnerability could allow a hacker to cause a service failure...

5.5CVSS6.4AI score0.00208EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder