6935 matches found
LibRaw: DoS in parse_rollei function in internal/dcraw_common.cpp
An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...
kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP
A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission can create a...
parse-server denial of service vulnerability
parse-server is an open source Backend-as-a-Service BaaS framework that is primarily used for application backend processing. A security vulnerability exists in parse-server versions prior to 3.4.1. An attacker can exploit this vulnerability to cause a denial of service...
Usbrip - Simple Command Line Forensics Tool For Tracking USB Device Artifacts (History Of USB Events) On GNU/Linux
usbrip derived from "USB Ripper", not "USB R.I.P." is an open source forensics tool with CLI interface that lets you keep track of USB device artifacts aka USB event history, "Connected" and "Disconnected" events on Linux machines. Description usbrip is a small piece of software written in pure...
OpenCV Null Pointer Dereference Vulnerability
OpenCV is a cross-platform computer vision library. A null pointer dereference vulnerability exists in the cv::XMLParser::parse function in modules/core/src/persistence.cpp in versions of OpenCV prior to 4.1.1. An attacker could exploit this vulnerability to cause a denial of service...
UBUNTU-CVE-2019-14493
An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
CVE-2019-14493
An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
CVE-2019-14493
An issue was discovered in OpenCV before 4.1.1. There is a NULL pointer dereference in the function cv::XMLParser::parse at modules/core/src/persistence.cpp...
Information Disclosure
parse-server is vulnerable to information disclosure. A remote attacker is able to enumerate existing accounts by analyzing the error messages from server responses...
Denial Of Service (DoS)
parse-server is vulnerable to denial of service DoS. The attack exists when a post request is made against a volatile class such as /parse/classes/Audience, returning 500 an internal server error for subsequent POST requests...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
Design/Logic Flaw
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
Design/Logic Flaw
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020013
parse-server before 3.6.0 allows account enumeration...
CVE-2019-1020013
CVE-2019-1020013 affects parse-server prior to 3.6.0, allowing unauthenticated users to enumerate existing accounts via error messages. The root cause is information disclosure during authentication/account linking flow, where specific errors reveal account existence (ParseError.ACCOUNT_ALREADY_L...
CVE-2019-1020012
parse-server before 3.4.1 allows DoS after any POST to a volatile class...
CVE-2019-1020012
CVE-2019-1020012 affects parse-server prior to 3.4.1 and enables a Denial of Service after POSTing to a volatile class (e.g., /parse/classes/_Audience). Several sources confirm the vulnerability and patch: the public advisory notes that subsequent POST requests can yield a 500 Internal Server Err...