Lucene search
K

1907 matches found

Cvelist
Cvelist
added 2016/11/22 5:0 p.m.22 views

CVE-2015-8978

In Soap Lite aka the SOAP::Lite extension for Perl 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the largest entity, which expands to one billion copie...

7.5AI score0.01555EPSS
Exploits0References2
Citrix
Citrix
added 2016/09/21 12:0 a.m.12 views

CPU/Memory usage of some servers shows blank in XenCenter

CPU/Memory usage of some servers shows blank in XenCenter...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/09/14 12:0 a.m.49 views

On Python vulnerabilities mining those have to mention the thing-vulnerability warning-the black bar safety net

! Foreword Python because of its in the development of larger, more complex application aspects of the unique convenience, so that it in a computer environment becomes more and more indispensable. Although its obvious speech intelligibility and the use friendliness allows the software engineers a...

0.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/08/03 12:0 a.m.3 views

The vulnerability of the Android operating system, which allows a hacker to trigger a service failure

The vulnerability of the Android operating system’s media server relates to the lack of restrictions on memory usage by the process. Exploiting this vulnerability allows a malicious actor to cause service interruptions device freezing and reboots by using a specially crafted media file...

7.8CVSS7.2AI score0.00941EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2016/07/11 1:59 a.m.4 views

CVE-2016-3754

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28615448...

7.5CVSS5.8AI score0.00941EPSS
Exploits0References3
Huawei
Huawei
added 2016/07/06 12:0 a.m.64 views

Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection...

10CVSS8.6AI score0.89058EPSS
Exploits7Affected Software61
Fedora
Fedora
added 2016/06/18 7:48 p.m.47 views

[SECURITY] Fedora 24 Update: nginx-1.10.1-1.fc24

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

7.5CVSS2.2AI score0.16376EPSS
Exploits0
Fedora
Fedora
added 2016/06/07 1:27 a.m.46 views

[SECURITY] Fedora 23 Update: nginx-1.8.1-3.fc23

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

7.5CVSS2.2AI score0.16376EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/04/21 1:46 p.m.7 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
Amazon
Amazon
added 2016/04/21 12:0 a.m.57 views

Critical: java-1.8.0-openjdk

Issue Overview: It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...

10CVSS8.9AI score0.92334EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2016/04/20 7:34 p.m.6 views

OpenJDK: incorrect handling of surrogate pairs in XML attribute values (JAXP, 8143167)

It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed...

5CVSS7.3AI score0.038EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/03/31 12:0 a.m.5 views

The vulnerability of the Ruby on Rails software platform, which allows a hacker to trigger a service failure

The vulnerability in the actionpack/lib/actiondispatch/routing/routeset.rb file of the Action Pack component in the Ruby on Rails software framework is related to resource management errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions e.g., memory...

5CVSS7.1AI score0.06535EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/03/31 12:0 a.m.4 views

The vulnerability of the Network Security Services library allows a perpetrator to trigger a service failure or exert other effects.

The vulnerability of the ssl3HandleECDHServerKeyExchange function in the Network Security Services library is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service failures or other effects when establishing an SSL connection...

6.8CVSS7.3AI score0.02386EPSS
Exploits0References4Affected Software2
exploitpack
exploitpack
added 2016/03/23 12:0 a.m.11 views

Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks

Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=763 The LZMA specification says the following about the memory usage of decompression: "The size of the probability model counter arrays is calculated with the...

1.3AI score
Exploits0
CNVD
CNVD
added 2016/03/16 12:0 a.m.2 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2016-01722)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 45.0 for Linux-based platforms. A remote attacker can exploit this vulnerability to cause a denial of service memory...

7.1CVSS8.8AI score0.02425EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/04 12:0 a.m.1 views

VLC media player handles wma file memory corruption vulnerability

VLC media player is a well-known multimedia player that can play video and audio in many formats and is highly used. A denial of service vulnerability exists in the VLC media player software when processing wma format files, which allows attackers to exploit the vulnerability to construct malform...

6.8AI score
Exploits0
ArchLinux
ArchLinux
added 2016/02/13 12:0 a.m.31 views

nghttp2: denial of service

HTTP/2 uses HPACK to compress header fields. The basic idea is that HTTP header field is stored in the receiver with the numeric index number. The memory used by this storage is tightly constrained, and it is 4KiB by default. When sender sends the same header field, it just sends the correspondin...

5.2AI score0.00886EPSS
Exploits0References2
Fedora
Fedora
added 2016/02/05 9:53 p.m.46 views

[SECURITY] Fedora 22 Update: nginx-1.8.1-1.fc22

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.8CVSS2.2AI score0.81958EPSS
Exploits0
Fedora
Fedora
added 2016/01/30 6:27 p.m.40 views

[SECURITY] Fedora 23 Update: nginx-1.8.1-1.fc23

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.8CVSS2.2AI score0.81958EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/01/21 11:38 a.m.4 views

OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962)

It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory...

5CVSS7.2AI score0.05453EPSS
Exploits0References5
Rows per page
Query Builder