9201 matches found
Denial Of Service (DoS) Via CPU Consumption
RubyGems is vulnerable to a denial of service DoS attack. It is possible due to a flaw in Gem::Version::VERSIONPATTERN in lib/rubygems/version.rb which allows a malicious gem version to cause a large amount of backtracking in a regular expression...
Regular Expression Denial Of Service (ReDoS)
tcl is vulnerable to regular expression denial of service ReDoS attacks. The vulnerability exists as the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause...
Denial Of Service (DoS)
Libdns.so is vulnerable to denial of service attack. The library does not use correct regular expression validation, allowing the attack to inject a malicious DNS query causing an excessive amount of memory, or application crash...
ALPINE-CVE-2018-20712
A heap-based buffer over-read exists in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt...
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...
Fedora 28 : 4:perl (2018-d1ba58394e)
This release provides Perl 5.26.2 that fixes a heap buffer overflow in the pack function and two overflows in regular expression engine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...
perl: Heap-based buffer overflow in S_regatom()
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
perl: Heap-based buffer overflow in S_regatom()
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)
This update for php5 fixes the following security issues : - CVE-2016-6294: The localeacceptfromhttp function in ext/intl/locale/localemethods.c did not properly restrict calls to the ICU ulocacceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service out-of-bound...
XSS vulnerability with unsafe link protocols
An XSS vulnerability CVE-2018-20583 has been identified in the following versions of this library: 0.15.6 0.15.7 0.16.0 0.17.0 0.17.1 0.17.2 0.17.3 0.17.4 0.17.5 0.18.0 It allows unsafe URLs to be added to links. The issue has been fixed in version 0.18.1. All users should upgrade to version 0.18...
CVE-2018-20129: DedeCMS V5. 7 SP2 front Desk file upload getshell vulnerability alerts-a vulnerability alert-the black bar safety net
2018-12-11 in CVE Chinese application station published a DEDECMS 5.7 SP2 is the latest version there is a file upload vulnerability, with administrator privileges can exploit this vulnerability to upload and getshell execute arbitrary PHP code. After analysis and verification. The vulnerability...
Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability
Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...
ALPINE-CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
Buffer overflow
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
Buffer overflow
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
DEBIAN-CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
CVE-2018-18314
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...
CVE-2018-18314
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations...