664 matches found
SUSE CVE-2019-18420
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall. hypercallcreatecontinuation is a variadic function which uses a printf-like format string to interpret its parameters. Error handling for a bad format...
SUSE CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
Incorrect usage of try/catch block
Lines of code Vulnerability details Vulnerability details Description There is a function getBridgeOutRequestPayload in HolographBridge contract. It has the following: / @dev the revertedBridgeOutRequest function is wrapped into a try/catch function / try this.revertedBridgeOutRequestmsg.sender,...
CVE-2022-39823
An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error...
CVE-2022-39823
An issue was discovered in Softing OPC UA C++ SDK 5.66 through 6.x before 6.10. An OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error...
PT-2022-25016 · Softing · Softing Opc Ua C++ Sdk
Name of the Vulnerable Software and Affected Versions: Softing OPC UA C++ SDK versions 5.66 through 6.x before 6.10 Description: An issue was discovered where an OPC/UA browse request exceeding the server limit on continuation points may cause a use-after-free error. Recommendations: For versions...
mediawiki -- multiple vulnerabilities
Mediawiki reports: T285515, CVE-2021-41798 SECURITY: XSS vulnerability in Special:Search. T290379, CVE-2021-41799 SECURITY: ApiQueryBacklinks can cause a full table scan. T284419, CVE-2021-41800 SECURITY: fix PoolCounter protection of Special:Contributions. T279090, CVE-2021-41801 SECURITY:...
CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
DEBIAN-CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
UBUNTU-CVE-2020-28020
Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in which an unauthenticated remote attacker can execute arbitrary code by leveraging the mishandling of continuation lines during header-length restriction...
SUSE: Security Advisory (SUSE-SU-2019:0900-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-22187
Removed by vendor...
Fedora 31 : xen (2020-295ed0b1e0)
multiple xenoprof issues XSA-313, CVE-2020-11740, CVE-2020-11741 1823912, 1823914 Missing memory barriers in read-write unlock paths XSA-314, CVE-2020-11739 1823784 Bad error path in GNTTABOPmapgrant XSA-316, CVE-2020-11743 1823926 Bad continuation handling in GNTTABOPcopy XSA-318, CVE-2020-11742...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1472)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2019-4882 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions 4.6 through 4.12.x Description: The issue is related to incorrect error handling for a malformed format character in the hypercall initialise function of the Xen hypervisor. This can be exploited by a remote attacker to cause a...
The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, nginx servers, network programming tools like netty, Envoy, SwiftNIO, and Node.js software platforms. This allows attackers to induce service failures.
The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, nginx servers, network programming tools like Netty, Envoy, SwiftNIO, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a maliciou...
ALPINE-CVE-2019-9518
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...