PT-2020-19722

Name of the Vulnerable Software and Affected Versions express-fileupload versions prior to 1.1.8 Description The issue allows for denial of service or arbitrary code execution when a corrupt HTTP request is sent and the parseNested option is enabled. Recommendations For express-fileupload version...

EulerOS 2.0 SP8 : perl (EulerOS-SA-2020-1820)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Perl before 5.30.3 has an integer overflow related to mishandling of a 'PLregkindOPn == NOTHING' situation. A crafted regular expression could lea...

Prototype Pollution

Overview express-fileupload is a file upload middleware for express that wraps around busboy. Affected versions of this package are vulnerable to Prototype Pollution. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution...

Ubuntu 16.04 LTS / 18.04 LTS : librsvg vulnerabilities (USN-4436-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4436-1 advisory. It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsv...

USN-4436-1 librsvg vulnerabilities

It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11464 It was discovered that librsvg incorrectly handled...

CVE-2020-15101

In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk. This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1...

PYSEC-2020-233

In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk. This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1...

PYSEC-2020-233

In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk. This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1...

CVE-2020-15101

CVE-2020-15101 affects freewvs prior to version 0.1.1. A directory structure with more than 1000 nested directories can interrupt a freewvs scan due to Python’s recursion limit and os.walk(), potentially affecting administrators scanning directories of potentially untrusted users. The underlying ...

CVE-2020-15101 Nested directory structure can lead to Uncontrolled Resource Consumption in freewvs

In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk. This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1...

PT-2020-14185 · Python · Freewvs

Name of the Vulnerable Software and Affected Versions: freewvs versions prior to 0.1.1 Description: A directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk. This can be problematic when an administrator scans directories ...

DEBIAN-CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

ALPINE-CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

UBUNTU-CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

Design/Logic Flaw

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

CVE-2020-15567

CVE-2020-15567 is described in connected documents as a Xen hypervisor vulnerability: non-atomic modification of a live EPT PTE during mapping of guest EPT tables could expose partially written PTEs and be race-exploitable. Affected software is the Xen hypervisor (versions up to 4.13.x per descri...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT nested paging tables, Xen would in some circumstances use a series of non-atomic bitfield write...