Lucene search
K

1149 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2019/07/24 12:0 a.m.191 views

Security update for libsass (moderate)

openSUSE Security Update: Security update for libsass Announcement ID: openSUSE-SU-2019:1800-1 Rating: moderate References: 1096894 1118301 1118346 1118348 1118349 1118351 1119789 1121943 1121944 1121945 1133200 1133201 Cross-References: CVE-2018-11499 CVE-2018-19797 CVE-2018-19827 CVE-2018-19837...

9.8CVSS8AI score0.04006EPSS
Exploits9References12
OSV
OSV
added 2019/07/23 11:22 a.m.6 views

OPENSUSE-SU-2019:1791-1 Security update for libsass

This update for libsass to version 3.6.1 fixes the following issues: Security issues fixed: - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...

9.8CVSS7.1AI score0.04006EPSS
Exploits9References25
RedhatCVE
RedhatCVE
added 2019/05/14 12:23 p.m.33 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

7.5CVSS4.9AI score0.02218EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2019/05/14 12:22 p.m.35 views

CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

7.5CVSS4.8AI score0.02107EPSS
Exploits1References2
RustSec
RustSec
added 2019/04/27 12:0 p.m.19 views

Uncontrolled recursion leads to abort in HTML serialization

Affected versions of this crate did use recursion for serialization of HTML DOM trees. This allows an attacker to cause abort due to stack overflow by providing a pathologically nested input. The flaw was corrected by serializing the DOM tree iteratively instead...

7.5CVSS3.8AI score0.01411EPSS
Exploits0Affected Software1
Prion
Prion
added 2019/04/23 2:29 p.m.21 views

Code injection

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

4.3CVSS7.4AI score0.02218EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2019/04/23 2:29 p.m.17 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS6.8AI score0.02218EPSS
Exploits1References4
OSV
OSV
added 2019/04/23 2:29 p.m.25 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS6.5AI score
Exploits0References4
OSV
OSV
added 2019/04/23 2:29 p.m.2 views

UBUNTU-CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

6.5CVSS7.3AI score0.02107EPSS
Exploits1References2
OSV
OSV
added 2019/04/23 2:29 p.m.2 views

DEBIAN-CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS8.4AI score0.02218EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/04/23 2:29 p.m.22 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS6.9AI score0.02218EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/23 1:54 p.m.30 views

CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

6.4AI score0.02107EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/04/23 1:54 p.m.25 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

7.6AI score0.02218EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/04/23 1:54 p.m.22 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS7.8AI score0.02218EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/04/23 12:0 a.m.2 views

PT-2019-10261 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.4 Description: The issue allows attackers to cause a denial-of-service due to uncontrolled recursion. This occurs in the Sass::Complex Selector::perform function in ast.hpp and the Sass::Inspect::operator in inspect.cpp...

9.8CVSS6.3AI score0.04006EPSS
Exploits17References90
Positive Technologies
Positive Technologies
added 2019/04/23 12:0 a.m.5 views

PT-2019-10260 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass versions 3.5.5 and earlier Description: The parsing component in LibSass allows attackers to cause a denial-of-service due to uncontrolled recursion in Sass::Parser::parse css variable value in parser.cpp. Recommendations: For LibSass...

9.8CVSS6.2AI score0.04006EPSS
Exploits17References90
Talos
Talos
added 2019/03/19 12:0 a.m.95 views

CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the...

7.8CVSS6.2AI score0.01569EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2019/03/01 6:49 a.m.65 views

CVE-2019-9192

In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\\1\\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...

7.5CVSS7.3AI score0.05804EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2019/02/26 6:29 p.m.39 views

CVE-2019-9192

In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...

7.5CVSS7AI score0.02447EPSS
Exploits1References1
OSV
OSV
added 2019/02/26 6:29 p.m.14 views

CVE-2019-9192

In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...

7.5CVSS7.8AI score
Exploits0References2
Rows per page
Query Builder