Lucene search
K

227 matches found

Cvelist
Cvelist
added 2023/05/05 3:16 p.m.30 views

CVE-2023-26285 IBM MQ denial of service

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418...

5.9CVSS7.3AI score0.00945EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/05 3:16 p.m.11 views

CVE-2023-26285 IBM MQ denial of service

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418...

5.9CVSS5.6AI score0.00945EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2023/03/28 1:38 p.m.45 views

Advisory ROSA-SA-2023-2136

Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: 11.0.18.0.10-1 CVE-ID: CVE-2022-21365 BDU-ID: 2022-02011 CVE-Crit: MEDIUM CVE-DESC: A vulnerability in the ImageIO component of the Oracle Java SE software platform and Oracle GraalVM Enterprise Edition virtual machine i...

5.3CVSS5.9AI score0.08346EPSS
Exploits0
CNNVD
CNNVD
added 2023/03/03 12:0 a.m.3 views

LibTIFF 缓冲区错误漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. LibTIFF version 4.4.0 contains an out-of-bounds read vulnerability, which stems from the lack of proper validation of user-supplied data and is exploited by attackers to cause a denial of service via specially craft...

6.8CVSS6.6AI score0.00425EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2003-1029

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service infinite loop and memory consumption via a packet with invalid data to UDP port 1701, which causes l2tpavpprint to use a bad length value when calling printoctets...

5CVSS6.9AI score0.0992EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.3 views

SUSE CVE-2009-1180

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

6.8CVSS7.8AI score0.05411EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1957

The dissectdcmmain function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service infinite loop via an invalid PDU length...

4.3CVSS7.4AI score0.02626EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.3 views

SUSE CVE-2017-9106

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...

7.5CVSS7.3AI score0.01876EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.3 views

SUSE CVE-2019-13113

Exiv2 through 0.27.1 allows an attacker to cause a denial of service crash due to assertion failure via an invalid data location in a CRW image file...

4.3CVSS7.6AI score0.02127EPSS
Exploits1References4
OSV
OSV
added 2022/11/01 12:0 p.m.9 views

GHSA-FRP9-2V6R-GJ97 muhammara and hummus vulnerable to null pointer dereference on bad response object

The package muhammara before 2.6.0 and the package hummus before 1.0.111 are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data...

7.5CVSS5.9AI score0.01141EPSS
Exploits1References8
Snyk
Snyk
added 2022/10/31 12:11 p.m.3 views

Denial of Service (DoS)

Overview muhammara is a Create, read and modify PDF files and streams. A drop in replacement for hummusjs PDF library Affected versions of this package are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data. PoC js hummus = require'muhammara' writer = new...

7.5CVSS7AI score0.01141EPSS
Exploits1References2
Snyk
Snyk
added 2022/10/31 12:11 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data. PoC js hummus = require'muhammara' writer = new hummus.PDFStreamForResponsenull writer = hummus.createWriterwriter writer.end Details Denial of Service DoS...

7.5CVSS7AI score0.01141EPSS
Exploits1References2
OSV
OSV
added 2022/10/28 4:7 p.m.31 views

GO-2022-1071 Denial of service in flux controllers in github.com/fluxcd modules

Flux controllers are vulnerable to a denial of service attack. Users that have permissions to change Flux's objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured variations of these fields, causing the...

5CVSS4.5AI score0.00606EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/10/22 12:0 a.m.2 views

Flux2 输入验证错误漏洞

Flux2 is a tool from the Cloud Native Computing Foundation that keeps Kubernetes clusters synchronized with their configuration sources. A security vulnerability exists in Flux2 versions prior to 0.35.0, which stems from a denial of service Dos that can be caused by a user authorized to change Fl...

5CVSS5.2AI score0.00606EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/08/02 12:0 a.m.7 views

The vulnerability of the AAD Handler component in the Nimbus JOSE + JWT Java library, due to insufficient data authentication checks, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the AAD Handler component in the Nimbus JOSE + JWT Java library is related to insufficient verification of data authenticity. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information by uploading...

7.8CVSS7.2AI score0.00888EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/02/24 5:15 p.m.2 views

CVE-2022-22349

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144...

4.3CVSS6AI score0.00985EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/02/24 12:0 a.m.6 views

IBM Sterling External Authentication Server 路径遍历漏洞

IBM Sterling External Authentication Server is a client application used to implement extended authentication and validation services for IBM products. IBM Sterling External Authentication Server path traversal vulnerability, which stems from a failure to properly validate RESTAPI configuration...

4.3CVSS5.6AI score0.00985EPSS
Exploits0References3
CNVD
CNVD
added 2022/01/05 12:0 a.m.26 views

ASUS RT-AC52U_B1 Cross-Site Scripting Vulnerability

Asus Rt-Ac52UB1 is a dual-band wireless router from Asus China.A cross-site scripting vulnerability exists in ASUS RT-AC52UB1, which stems from the presence of invalid data filtering in ASUS RT-AC52U B1 version 3.0.0.4.380.10931, which could lead to user session hijacking. No detailed vulnerabili...

6.1CVSS1.5AI score0.00702EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/03 12:0 a.m.8 views

Asus Rt-Ac52U_B1 跨站脚本漏洞

Asus Rt-Ac52UB1 is a dual-band wireless router from Asus China.A cross-site scripting vulnerability exists in ASUS RT-AC52UB1, which stems from the presence of invalid data filtering in ASUS RT-AC52U B1 version 3.0.0.4.380.10931, which could lead to user session hijacking. No detailed vulnerabili...

6.1CVSS5.2AI score0.00702EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/12/23 12:0 a.m.4 views

cordova-plugin-fingerprint-aio 安全漏洞

Cordova-Plugin-Fingerprint-Aio is a Cordova plugin from the German individual developer Niklas Merz. It is used for fingerprint sensors and FaceId. A security vulnerability exists in cordova-plugin-fingerprint-aio, which stems from the plugin's exported activity...

6.2CVSS5.9AI score0.00333EPSS
Exploits0References4
Rows per page
Query Builder