324 matches found
SUSE CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...
Duplicate Advisory: ecnepsnai/web vulnerable to Uncontrolled Resource Consumption
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gjg-jgh4-gppm. This link is maintained to preserve external references. Original Description Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if t...
CVE-2021-4236
Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not...
CVE-2021-4236
Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not...
CVE-2021-4236 Panic or authentication bypass in github.com/ecnepsnai/web
Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or authentication bypass. This issue only affects WebSockets with an AuthenticateMethod hook. Request handlers that do not...
CVE-2021-4236
CVE-2021-4236 affects github.com/ecnepsnai/web. WebSockets with an AuthenticateMethod hook do not execute any AuthenticateMethod, enabling a nil pointer dereference if UserData is assumed non-nil or allowing authentication bypass. Non-WebSocket request handlers are not vulnerable. No remediation/...
ecnepsnai web 代码问题漏洞
Web is a Golang HTTP server by Ian Spence, a personal developer. It is used for complex web applications. A security vulnerability exists in ecnepsnai web, which stems from Web Sockets not executing any AuthenticateMethod method that may be set to cause the nil pointer to be dereferenced if the...
GHSA-MQQV-CHPX-VQ25 goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signatures
This affects all versions of package github.com/russellhaering/goxmldsig prior to 1.1.1. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. This issue is patched in version 1.1.1...
CVE-2022-31077 Malicious response from KubeEdge can crash CSI Driver controller server
KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a...
CVE-2022-31076 Malicious Message can crash CloudCore in KubeEdge
KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...
CVE-2022-31076 Malicious Message can crash CloudCore in KubeEdge
KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...
Denial Of Service (DoS)
github.com/kubeedge/kubeedge is vulnerable to denial of service. The vulnerability exists in ExtractMessage function because of a message response causing a nil-pointer dereference in CSI Driver controller server which allows an attacker to send malicious messages causing an application crash...
PT-2022-20511 · Kubeedge · Kubeedge
Name of the Vulnerable Software and Affected Versions: KubeEdge versions prior to 1.11.0 KubeEdge versions prior to 1.10.1 KubeEdge versions prior to 1.9.3 Description: A malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. The attack is limited to the...
NULL Pointer Dereference
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...
Redis Labs Redis 代码问题漏洞
Redis Labs Redis is the United States Redis Labs, Inc. of a set of open-source use of ANSI C written to support the network , can be based on the memory can also be a persistent log-type , key-value Key-Value storage database , and provides a variety of languages API. A security vulnerability...
AZL-41766 CVE-2022-0890 affecting package rust for versions less than 1.75.0-1
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2...
Denial of Service in Go-Ethereum
Go-Ethereum 1.10.9 nodes crash denial of service after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal...
CVE-2021-43668
Go-Ethereum 1.10.9 nodes crash denial of service after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal...
UBUNTU-CVE-2021-43668
Go-Ethereum 1.10.9 nodes crash denial of service after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal...
CVE-2021-43668
Go-Ethereum 1.10.9 nodes crash denial of service after receiving a serial of messages and cannot be recovered. They will crash with "runtime error: invalid memory address or nil pointer dereference" and arise a SEGV signal...