Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10009 matches found

Veracode
Veracodeadded 2021/03/18 6:52 a.m.40 views

Denial Of Service (DoS)

etcd is vulnerable to denial of service. A panic occurs in decodeRecord method when a large slice is processed due to a lack of validation on the size of record...

6.5CVSS4.3AI score0.00149EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linuxadded 2021/03/17 3:8 p.m.6 views

etcd: DoS in wal/wal.go

A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when...

6.5CVSS7.4AI score0.00113EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/03/16 2:5 p.m.474 views

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.1CVSS7AI score0.0101EPSS
Exploits6References14
Positive Technologies
Positive Technologiesadded 2021/03/15 12:0 a.m.8 views

PT-2021-2611 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.11 Description: The issue is related to errors in synchronization within the netfilter subsystem of the Linux kernel. Exploitation of this issue can allow an attacker to cause a denial of service, leading t...

9.8CVSS7.4AI score0.85239EPSS
Exploits236References1444
Veracode
Veracodeadded 2021/03/11 3:11 a.m.29 views

Denial Of Service (DoS)

archive/zip in github.com/golang/go is vulnerable to denial of service DoS. The use of Reader.Open API on a Zip file that contains a file prefixed with "../", such as Open... causes a panic in the function toValidName when attempting to strip the prefixed path components...

5.5CVSS2.8AI score0.00139EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVEadded 2021/03/11 12:0 a.m.32 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.00139EPSS
Exploits0
CVE
CVEadded 2021/03/11 12:0 a.m.172 views

CVE-2021-27919

CVE-2021-27919 affects the Go standard library archive/zip: parsing ZIP archives where a filename begins with ../ can trigger a panic/denial of service in Go 1.16.x prior to 1.16.1 due to an unsafe Reader.Open path handling. Affected product: Go (archive/zip). Root cause: insufficient validation ...

5.5CVSS6AI score0.00139EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinuxadded 2021/03/11 12:0 a.m.59 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

5.5CVSS6.3AI score0.00139EPSS
Exploits0
Cvelist
Cvelistadded 2021/03/11 12:0 a.m.23 views

CVE-2021-27919

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service panic upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename...

6.4AI score0.00139EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2021/03/11 12:0 a.m.42 views

FreeBSD : go -- encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader; archive/zip: panic when calling Reader.Open (72709326-81f7-11eb-950a-00155d646401)

The Go project reports : The Decode, DecodeElement, and Skip methods of an xml.Decoder provided by xml.NewTokenDecoder may enter an infinite loop when operating on a custom xml.TokenReader which returns an EOF in the middle of an open XML element. The Reader.Open API, new in Go 1.16, will panic...

7.5CVSS7.2AI score0.00139EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletinsadded 2021/03/09 3:10 p.m.37 views

Security Bulletin: IBM Security Guardium Insights is affected by a Go denial of service vulnerability (CVE-2020-7919)

Summary IBM Security Guardium Insights has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic...

7.8CVSS1.9AI score0.00699EPSS
Exploits0Affected Software1
NVD
NVDadded 2021/03/05 9:15 a.m.9 views

CVE-2021-28034

An issue was discovered in the stackdst crate before 0.6.1 for Rust. Because of the pushinner behavior, a double free can occur upon a val.clone panic...

9.8CVSS0.00433EPSS
Exploits0References1
OSV
OSVadded 2021/03/05 9:15 a.m.11 views

CVE-2021-28031

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The moveelements function can have a double-free upon a panic in a user-provided f function...

9.8CVSS6.8AI score
Exploits0References1
NVD
NVDadded 2021/03/05 9:15 a.m.7 views

CVE-2021-28031

An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The moveelements function can have a double-free upon a panic in a user-provided f function...

9.8CVSS0.00433EPSS
Exploits0References1
OSV
OSVadded 2021/03/05 9:15 a.m.1 views

CVE-2021-28033

An issue was discovered in the bytestruct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics...

9.8CVSS7.3AI score0.00646EPSS
Exploits0References1
NVD
NVDadded 2021/03/05 9:15 a.m.7 views

CVE-2021-28033

An issue was discovered in the bytestruct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics...

9.8CVSS0.00646EPSS
Exploits0References1
OSV
OSVadded 2021/03/05 9:15 a.m.2 views

CVE-2021-28034

An issue was discovered in the stackdst crate before 0.6.1 for Rust. Because of the pushinner behavior, a double free can occur upon a val.clone panic...

9.8CVSS7.3AI score0.00433EPSS
Exploits0References1
OSV
OSVadded 2021/03/05 9:15 a.m.1 views

CVE-2021-28035

An issue was discovered in the stackdst crate before 0.6.1 for Rust. Because of the pushinner behavior, a drop of uninitialized memory can occur upon a val.clone panic...

9.8CVSS7.3AI score0.00433EPSS
Exploits0References1
OSV
OSVadded 2021/03/05 9:15 a.m.1 views

CVE-2021-28028

An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic...

9.8CVSS7.2AI score0.00433EPSS
Exploits0References1
NVD
NVDadded 2021/03/05 9:15 a.m.8 views

CVE-2021-28028

An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic...

9.8CVSS0.00433EPSS
Exploits0References1
Rows per page
Query Builder