Lucene search
K

453 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:13 a.m.6 views

SUSE CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

8.4CVSS8.7AI score0.005EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.3 views

SUSE CVE-2015-8629

The xdrnullstring function in lib/kadm5/kadmrpcxdr.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service...

5.3CVSS7.3AI score0.03657EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.2 views

SUSE CVE-2016-5826

The parsergetnextchar function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service out-of-bounds heap read by crafting a string to the icalparserparsestring function...

7.5CVSS6.9AI score0.03043EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.2 views

SUSE CVE-2016-7567

Buffer overflow in the SLPFoldWhiteSpace function in common/slpcompare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string...

9.8CVSS7.6AI score0.12463EPSS
Exploits4References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.4 views

SUSE CVE-2017-14033

The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service interpreter crash via a crafted string...

5.3CVSS8.8AI score0.07734EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17484

The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles ucnvconvertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly hav...

7.3CVSS9.6AI score0.04605EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.3 views

SUSE CVE-2018-1517

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681...

5.9CVSS8.5AI score0.03981EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

4.3CVSS7.5AI score0.02458EPSS
Exploits1References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.4 views

SUSE CVE-2018-20657

The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service memory consumption, as demonstrated by cxxfilt, a related issue to CVE-2018-12698...

4CVSS6.7AI score0.04037EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.6 views

SUSE CVE-2019-11389

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with next at the beginning and nested repetition operators. NOTE: the...

5.3CVSS5.6AI score0.01671EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.5 views

SUSE CVE-2019-11391

An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with $a at the beginning and nested repetition operators. NOTE: the softwa...

5.3CVSS5.6AI score0.01625EPSS
Exploits1References3
Veracode
Veracode
added 2023/01/25 3:43 a.m.55 views

Regular Expression Denial Of Service (ReDoS)

ua-parser-js is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to an insecure Regex pattern used for the str attribute in the trim function of ua-parser.js, which allows an attacker to crash the application by providing a maliciously crafted string...

7.5CVSS7.3AI score0.01725EPSS
Exploits2References2Affected Software2
Veracode
Veracode
added 2023/01/19 2:4 a.m.23 views

Regular Expression Denial Of Service (ReDoS)

activesupport is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to the insecure Regex pattern used in the underscore function of methods.rb, allowing an attacker to crash the application by providing a maliciously crafted string...

7.5CVSS7.3AI score0.01712EPSS
Exploits0References8Affected Software3
NVD
NVD
added 2023/01/09 9:15 p.m.31 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6.1CVSS6AI score0.0054EPSS
Exploits1References1
Veracode
Veracode
added 2022/12/14 8:43 a.m.31 views

Denial Of Service (DoS)

org.codehaus.jettison:jettison is vulnerable to Denial Of Service DoS. A remote attacker is able to cause a stack overflow via injecting a crafted string through the map parameter, resulting in denial of service...

7.5CVSS8.2AI score0.01395EPSS
Exploits1References5Affected Software5
OSV
OSV
added 2022/12/13 3:30 p.m.7 views

GHSA-GRR4-WV38-F68W Jettison Out-of-bounds Write vulnerability

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS6.7AI score0.01395EPSS
Exploits1References5
NVD
NVD
added 2022/12/13 3:15 p.m.21 views

CVE-2022-45693

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS0.01395EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.35 views

CVE-2022-45693

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.6AI score0.01395EPSS
Exploits1References3
OSV
OSV
added 2022/10/27 6:15 p.m.3 views

CVE-2022-43365

IP-COM EW9 V15.11.0.149732 was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

7.5CVSS6.1AI score0.00815EPSS
Exploits1References1
Prion
Prion
added 2022/10/27 6:15 p.m.15 views

Buffer overflow

IP-COM EW9 V15.11.0.149732 was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

5CVSS7.6AI score0.00815EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder