Lucene search
K

168 matches found

vulnrichment
vulnrichment
added 2023/06/01 12:0 a.m.19 views

CVE-2023-33546

Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...

6.7AI score0.0033EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/06/01 12:0 a.m.1 views

PT-2023-24378 · Janino +2 · Janino +2

Name of the Vulnerable Software and Affected Versions: Janino versions 3.1.9 and earlier Description: The issue allows for denial of service DOS attacks when using the evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes th...

5.5CVSS6.7AI score0.0033EPSS
Exploits1References23
debiancve
debiancve
added 2023/06/01 12:0 a.m.17 views

CVE-2023-33546

Janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by...

5.5CVSS5.5AI score0.0033EPSS
Exploits1
osv
osv
added 2020/07/28 12:0 a.m.4 views

OSV-2020-1399 Segv on unknown address in clang::StmtVisitorBase<llvm::make_const_ptr, RecordExprEvaluator, bool>::Visit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19152 Crash type: Segv on unknown address Crash state: clang::StmtVisitorBase::Visit clang::StmtVisitorBase::Visit EvaluateInPlace...

7.2AI score
Exploits0
nodejs
nodejs
added 2019/10/02 1:41 p.m.15 views

Sandbox Breakout

Overview Versions of realms-shim prior to 1.2.0 are vulnerable to a Sandbox Breakout. The package's confined evaluator depended upon correct behavior of the spread operator a = ...b, ...c, which could be modified by the confined code. This may allow an attacker to escape the sandbox and run...

6.9AI score
Exploits0Affected Software1
cnvd
cnvd
added 2019/08/02 12:0 a.m.36 views

OpenCV Out-of-Bounds Read/Write Vulnerability

OpenCV is a cross-platform computer vision library. An out-of-bounds read/write vulnerability exists in the HaarEvaluator::OptFeature::calc function in modules/objdetect/src/cascadedetect.hpp in OpenCV. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS6.8AI score0.0276EPSS
Exploits1References1
cnvd
cnvd
added 2019/08/02 12:0 a.m.33 views

OpenCV Out-of-Bounds Read Vulnerability

OpenCV is a cross-platform computer vision library. An out-of-bounds read vulnerability exists in the cv::predictOrdered function in modules/objdetect/src/cascadedetect.hpp in OpenCV. An attacker could exploit this vulnerability to cause a denial of service...

8.2CVSS6.7AI score0.02647EPSS
Exploits1References1
osv
osv
added 2019/08/01 5:15 p.m.2 views

DEBIAN-CVE-2019-14492

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...

7.5CVSS6.5AI score0.0276EPSS
Exploits1References1
osv
osv
added 2019/08/01 5:15 p.m.2 views

UBUNTU-CVE-2019-14491

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...

8.2CVSS6.7AI score0.02647EPSS
Exploits1References6
cnvd
cnvd
added 2017/08/19 12:0 a.m.4 views

LibSass Denial of Service Vulnerability (CNVD-2017-27708)

LibSass is an open source written in C using Sass CSS extension language parser . A denial of service vulnerability exists in the 'Sass::Eval::operator' function in the eval.cpp file in LibSass version 3.4.5. A remote attacker can exploit this vulnerability to cause a denial of service...

7.5CVSS7.4AI score0.01225EPSS
Exploits0References1
cnvd
cnvd
added 2016/12/08 12:0 a.m.7 views

PwC ACE-ABAP Remote Code Execution Vulnerability

ACE Automated Controls Evaluator is a tool developed by PwC PricewaterhouseCoopers that can be used to analyze SAP security settings to discern privileged access and potential segregation of duties.ABAP Advanced Business Application Programming. A remote code execution vulnerability exists in PwC...

9.9CVSS8.3AI score0.04026EPSS
Exploits1References1
threatpost
threatpost
added 2016/09/27 11:44 a.m.9 views

New Google Tools Help Devs Improve Content Security Policy Protection

Cross-site scripting is the cockroach of web application security vulnerabilities, enjoying continued longevity despite the abundant availability of scanning tools and programming advice designed to squash it. Google yesterday took another shot at eradicating XSS attacks with the release of two...

6.3AI score
Exploits0References2
osv
osv
added 2013/10/11 10:55 p.m.3 views

DEBIAN-CVE-2013-4255

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a 1 PREEMPT, 2 SUSPEND, 3 CONTINUE, 4 WANTVACATE, or 5 KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of...

3.5CVSS6.6AI score0.0164EPSS
Exploits0References1
nvd
nvd
added 2013/10/11 10:55 p.m.29 views

CVE-2013-4255

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a 1 PREEMPT, 2 SUSPEND, 3 CONTINUE, 4 WANTVACATE, or 5 KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of...

3.5CVSS6.1AI score0.0164EPSS
Exploits0References5
nvd
nvd
added 2013/10/11 10:55 p.m.21 views

CVE-2009-5136

The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANTSUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service condorstartd exit via a crafted job...

4CVSS6.1AI score0.01927EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2013/10/11 10:55 p.m.41 views

CVE-2009-5136

The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANTSUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service condorstartd exit via a crafted job...

4CVSS5.9AI score0.01927EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2013/10/11 10:55 p.m.17 views

CVE-2013-4255

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a 1 PREEMPT, 2 SUSPEND, 3 CONTINUE, 4 WANTVACATE, or 5 KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of...

3.5CVSS5.9AI score0.0164EPSS
Exploits0References4
osv
osv
added 2013/10/11 10:55 p.m.27 views

UBUNTU-CVE-2013-4255

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a 1 PREEMPT, 2 SUSPEND, 3 CONTINUE, 4 WANTVACATE, or 5 KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of...

3.5CVSS5.8AI score0.0164EPSS
Exploits0References5
prion
prion
added 2013/10/11 10:55 p.m.18 views

Code injection

The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANTSUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service condorstartd exit via a crafted job...

4CVSS6.6AI score0.01927EPSS
Exploits0References4Affected Software2
cve
cve
added 2013/10/11 10:0 p.m.65 views

CVE-2013-4255

HTCondor vulnerability CVE-2013-4255 affects policy evaluation in Condor (7.5.4, 8.0.0 and earlier). If a job defines a policy attribute in CONTINUE, KILL, PREEMPT, SUSPEND, or related policies that evaluates to UNDEFINED/ERROR/Unconfigured, a remote authenticated user could cause condor_startd t...

3.5CVSS6.3AI score0.0164EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder