28 matches found
Astra Linux - уязвимость в snakeyaml
The Alias feature in SnakeYAML before version 1.26 allowed entity expansion during a load operation, which is a related issue to CVE-2003-1564...
CVE-2026-5627
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the AgentFlows component. The vulnerability arises from improper handling of user input in the loadFlow and deleteFlow methods in server/utils/agentFlows/index.js. Specifically, the...
MiracleLinux 7 : libvirt-3.9.0-14.5.0.1.el7.AXS7 (AXSA:2018-3138:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3138:01 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Tenable has extracted the...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-395316)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-395316 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix out-of-bound access If an ATU violation was caused by a CPU Load...
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
...
CVE-2024-44988 net: dsa: mv88e6xxx: Fix out-of-bound access
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix out-of-bound access If an ATU violation was caused by a CPU Load operation, the SPID could be larger than DSAMAXPORTS the size of mv88e6xxxchip.ports array...
SUSE CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
Directory Traversal in Docker
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...
Arbitrary Code Execution in Docker
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a 1 symlink or 2 hard link attack in an image archive in a a pull or b load operation...
CVE-2021-29825
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. IBM X-Force ID: 204470...
snakeyaml: Billion laughs attack via alias feature
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
snakeyaml: Billion laughs attack via alias feature
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
Docker before 1.3.3 does not properly validate image IDs which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."
...
SnakeYAML Entity Expansion during load operation
The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
GHSA-RVWF-54QP-4R6V SnakeYAML Entity Expansion during load operation
The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
snakeyaml: Billion laughs attack via alias feature
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
DEBIAN-CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
UBUNTU-CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...
CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...