Lucene search
K

31 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Apache2

A carefully crafted request body can cause a read to a random memory area, which may lead to the process crashing. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS8.2AI score0.69803EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/14 6:19 p.m.4 views

CVE-2026-39956

A flaw was found in jq, a command line JSON processor. In release builds, the strindices builtin function calls the jvstringindexes function without checking that the arguments are actually strings. This missing validation allows an attacker who can supply non-string inputs to cause an applicatio...

6.1CVSS5.7AI score0.00174EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-53742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcsan: Avoid READONCE in readinstrumentedmemory Haibo Li reported: | Unable to handle kernel paging request at virtual address | ffffff802a0d8d7171 | Mem abort...

6AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-14608

Malware in sbrugna...

5.5CVSS6.4AI score0.01609EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2005-1850

Malware in sbrugna...

5CVSS6AI score0.01926EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.10 views

EulerOS 2.0 SP9 : c-ares (EulerOS-SA-2024-2808)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/...

5.5CVSS7.3AI score0.00349EPSS
Exploits0References2
Amazon
Amazon
added 2024/03/18 12:0 a.m.35 views

Medium: c-ares

Issue Overview: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files...

5.5CVSS5.8AI score0.00349EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5504

The jpcundoroi function in libjasper/jpc/jpcdec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted image...

5.5CVSS6.7AI score0.01609EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.7 views

SUSE CVE-2017-5845

The gstavidemuxparsencdt function in gst/avi/gstavidemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a ncdt sub-tag that "goes behind" the surrounding tag...

7.5CVSS6.8AI score0.0382EPSS
Exploits0References5
OSV
OSV
added 2022/03/26 11:3 a.m.8 views

OESA-2022-1596 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52...

9.8CVSS7.3AI score0.69803EPSS
Exploits0References5
OSV
OSV
added 2022/03/14 11:15 a.m.4 views

ALPINE-CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS6.9AI score0.69803EPSS
Exploits0References1
OSV
OSV
added 2022/03/14 11:15 a.m.8 views

AZL-9015 CVE-2022-22719 affecting package httpd for versions less than 2.4.53-1

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS7.3AI score0.69803EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/14 11:15 a.m.6 views

CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS7.3AI score0.69803EPSS
Exploits0References19Affected Software1
OSV
OSV
added 2022/03/14 11:15 a.m.1 views

UBUNTU-CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS7.1AI score0.69803EPSS
Exploits0References5
OSV
OSV
added 2021/03/05 11:2 a.m.5 views

OESA-2021-1048 gstreamer-plugins-good security update

GStreamer is a pipeline-based multimedia framework that links together a wide variety of media processing systems to complete complex workflows, based on graphs of filters which operate on media data. GStreamer supports a wide variety of media-handling components, such as real-time sound processi...

5.5CVSS6.7AI score0.02668EPSS
Exploits0References2
PyPA
PyPA
added 2019/04/24 5:29 p.m.7 views

PYSEC-2019-225

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

8.1CVSS6.8AI score0.0043EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

DEBIAN-CVE-2017-5465

An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and...

9.1CVSS8.9AI score0.18756EPSS
Exploits4References1
OSV
OSV
added 2017/10/31 9:29 p.m.5 views

ALPINE-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7AI score0.06224EPSS
Exploits0References1
OSV
OSV
added 2017/08/28 7:29 p.m.3 views

UBUNTU-CVE-2017-12954

The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted gig file...

6.5CVSS6.6AI score0.04158EPSS
Exploits2References3
CNVD
CNVD
added 2017/08/18 12:0 a.m.3 views

minidjvu denial of service vulnerability (CNVD-2017-25770)

minidjvu is a command-line utility for encoding and decoding single-page black-and-white DjVu files with the ability to compress multiple pages, taking advantage of similarities between pages. A denial of service vulnerability exists in the mdjvubitmapgetboundingbox function in base/4bitmap.c in...

6.5CVSS6.2AI score0.00881EPSS
Exploits0References1
Rows per page
Query Builder