Lucene search
K

1083 matches found

OSV
OSV
added 2022/04/03 9:15 a.m.7 views

AZL-9302 CVE-2022-1210 affecting package libtiff for versions less than 4.4.0-1

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

6.5CVSS6.3AI score0.01851EPSS
Exploits1References1
OSV
OSV
added 2022/04/03 9:15 a.m.3 views

DEBIAN-CVE-2022-1210

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

6.5CVSS6.2AI score0.01851EPSS
Exploits1References1
OSV
OSV
added 2022/04/03 9:15 a.m.8 views

UBUNTU-CVE-2022-1210

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

6.5CVSS6.1AI score0.01851EPSS
Exploits1References4
Prion
Prion
added 2022/04/03 9:15 a.m.18 views

Design/Logic Flaw

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

4.3CVSS6.4AI score0.01851EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/03 12:0 a.m.7 views

CVE-2022-1210 LibTIFF tiff2ps resource consumption

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

4.3CVSS6.6AI score0.01851EPSS
Exploits1References5
OSV
OSV
added 2022/04/03 12:0 a.m.27 views

CVE-2022-1210 LibTIFF tiff2ps resource consumption

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...

4.3CVSS5.8AI score0.01851EPSS
Exploits1References7
CVE
CVE
added 2022/04/03 12:0 a.m.107 views

CVE-2022-1210

CVE-2022-1210 affects LibTIFF 4.3.0, specifically the TIFF File Handler in tiff2ps. Opening a malicious TIFF can cause a denial of service; the vulnerability is remotely exploitable but requires user interaction. The exploit has been disclosed publicly. The connected documents confirm the affecte...

6.5CVSS5.3AI score0.01851EPSS
Exploits1References5Affected Software1
Microsoft CVE
Microsoft CVE
added 2022/03/31 7:0 a.m.11 views

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

...

7.8CVSS7.2AI score0.00541EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/23 7:46 p.m.25 views

CVE-2021-4197

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

8.1AI score0.00541EPSS
Exploits0References6
OSV
OSV
added 2022/03/10 5:47 p.m.4 views

DEBIAN-CVE-2022-26520

In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat...

9.8CVSS7.9AI score0.02999EPSS
Exploits0References1
Veracode
Veracode
added 2022/01/24 11:14 a.m.14 views

Directory Traversal

convert-svg-core, convert-svg-to-png and convert-svg-to-jpeg are vulnerable to directory traversal. The vulnerability exists because of the code of the component SVG File Handler which allows an attacker to read arbitrary files from the file system and then show the file content using a specially...

7.5CVSS4.5AI score0.01978EPSS
Exploits1References2Affected Software3
Mageia
Mageia
added 2022/01/18 3:43 p.m.156 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.15 and fixes at least the following security issues: A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS...

7.8CVSS1.5AI score0.0193EPSS
Exploits8References7
RedhatCVE
RedhatCVE
added 2022/01/03 4:4 p.m.52 views

CVE-2021-4197

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...

7.8CVSS2.8AI score0.00541EPSS
Exploits0References4
Veracode
Veracode
added 2021/11/05 12:59 p.m.19 views

Denial Of Service (DoS) Through Heap Buffer Overflow

libheif.so is vulnerable to denial of service through heap-based buffer overflow attacks. The vulnerability exists in 'convertcolorspace' in 'heifcolorconversion.cc' of the heif file handler. A malicious attacker is able to send a crafted HEIF to gain sensitive information and cause an applicatio...

8.1CVSS3AI score0.01245EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2021/09/30 3:2 p.m.55 views

CVE-2021-39212

A flaw was found in ImageMagick in the Postscript File Handler component. An attacker could exploit this flaw which would, in some cases, lead to postscript files to be read and written to even when specifically excluded by a module policy in policy.xml. Mitigation Users are advised to use the...

4.4CVSS1AI score0.00353EPSS
Exploits0References3
OSV
OSV
added 2021/04/14 8:4 p.m.24 views

GO-2021-0051 Directory traversal on Windows in github.com/labstack/echo/v4

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

5.3CVSS5AI score0.01335EPSS
Exploits1References2
OSV
OSV
added 2021/04/14 8:4 p.m.27 views

GO-2020-0039 Open redirect in gopkg.in/macaron.v1

Due to improper request sanitization, a specifically crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

6.1CVSS6.1AI score0.01375EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/04/14 12:0 a.m.3 views

PT-2021-12080 · Unknown · Static File Handler

Name of the Vulnerable Software and Affected Versions: Static File Handler affected versions not specified Description: The issue arises from improper sanitization of user input on Windows, allowing the static file handler to permit directory traversal. This enables an attacker to read files...

5.3CVSS4.9AI score0.01335EPSS
Exploits1References12
ATTACKERKB
ATTACKERKB
added 2020/11/19 12:0 a.m.33 views

CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Recent assessments: gwillcox-r7 at January 15, 2021 7:39pm UTC reported: Edit: PoC code for this can be found at along with the original advisory. An interesting vulnerability using the...

7.8CVSS7.7AI score0.47493EPSS
Exploits2References10
BDU FSTEC
BDU FSTEC
added 2020/05/19 12:0 a.m.6 views

The vulnerability of the VNC Server component of the remote desktop management software UltraVNC, which is part of the monitoring, control, and remote maintenance module for the commercial cold production equipment of TelevisGo, allows a perpetrator to execute arbitrary code.

The vulnerability of the VNC Server component of the remote desktop management software UltraVNC, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment TelevisGo, is related to a buffer overflow issue in the file transfer handler...

10CVSS8.5AI score0.08263EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder