Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7461 matches found

Redos
Redosadded 2021/09/08 12:0 a.m.15 views

ROS-2-1498

2.1498 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.66026EPSS
Exploits9
Redos
Redosadded 2021/09/08 12:0 a.m.4 views

ROS-2-2017

2.2017 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.65912EPSS
Exploits6
Redos
Redosadded 2021/09/08 12:0 a.m.12 views

ROS-2-504

2.504 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS9.1AI score0.65912EPSS
Exploits8
BDU FSTEC
BDU FSTECadded 2021/09/07 12:0 a.m.1 views

Vulnerability of Windows operating systems, due to insufficient checking of input data, allowing attackers to execute arbitrary code.

The vulnerability of the print queue dispatcher service for Windows operating systems exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9.3CVSS0.8352EPSS
Exploits4References3
OSV
OSVadded 2021/09/03 11:3 a.m.2 views

OESA-2021-1328 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

7.5CVSS7AI score0.00102EPSS
Exploits1References2
ThreatPost
ThreatPostadded 2021/08/25 10:48 p.m.56 views

Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity. The most serious of the bugs patched by Cisco rated 9.1 out of 10 could allow a remote and unauthenticated adversary to read or write arbitra...

9.1CVSS7.7AI score0.00537EPSS
Exploits0References12
Github Security Blog
Github Security Blogadded 2021/08/25 9:1 p.m.36 views

crossbeam-deque Data Race before v0.7.4 and v0.8.1

Impact In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, th...

9.8CVSS0.6AI score0.01094EPSS
Exploits0References18Affected Software1
OSV
OSVadded 2021/08/25 9:1 p.m.29 views

GHSA-PQQP-XMHJ-WGCW crossbeam-deque Data Race before v0.7.4 and v0.8.1

Impact In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, th...

9.8CVSS9.7AI score0.01094EPSS
Exploits0References18
OSV
OSVadded 2021/08/25 9:0 p.m.19 views

GHSA-75CQ-G75G-RXFF use-after-free vulnerability in Rust array-queue

An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A popback call may lead to a use-after-free...

5.5CVSS5.3AI score0.00062EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2021/08/25 9:0 p.m.24 views

use-after-free vulnerability in Rust array-queue

An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A popback call may lead to a use-after-free...

5.5CVSS5.5AI score0.00062EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blogadded 2021/08/25 9:0 p.m.16 views

Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...

3.8AI score
Exploits0References3Affected Software1
OSV
OSVadded 2021/08/25 9:0 p.m.1 views

GHSA-V42F-J8FX-99F3 Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...

7.3AI score
Exploits0References3
OSV
OSVadded 2021/08/25 8:59 p.m.0 views

GHSA-JF43-3V8J-QWWR Data races in multiqueue

Affected versions of multiqueue unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior...

8.1CVSS5.9AI score0.00477EPSS
Exploits1References3
OSV
OSVadded 2021/08/25 8:51 p.m.21 views

GHSA-JPHW-P3M6-PJ3C Data races in multiqueue2

Affected versions of this crate unconditionally implemented Send for types used in queue implementations InnerSend, InnerRecv, FutInnerSend, FutInnerRecv. This allows users to send non-Send types to other threads, which can lead to data race bugs or other undefined behavior. The flaw was correcte...

5.9CVSS5.7AI score0.00389EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2021/08/25 8:43 p.m.20 views

Double free in crossbeam

Even if an element is popped from a queue, crossbeam would run its destructor inside the epoch-based garbage collector. This is a source of double frees. The flaw was corrected by wrapping elements inside queues in a ManuallyDrop...

9.8CVSS8.8AI score0.00425EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/08/25 8:43 p.m.12 views

GHSA-C3CW-C387-PJ65 Double free in crossbeam

Even if an element is popped from a queue, crossbeam would run its destructor inside the epoch-based garbage collector. This is a source of double frees. The flaw was corrected by wrapping elements inside queues in a ManuallyDrop...

9.8CVSS9.3AI score0.00425EPSS
Exploits0References4
OSV
OSVadded 2021/08/25 7:15 p.m.1 views

CVE-2021-1523

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...

8.6CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2021/08/25 7:15 p.m.15 views

CVE-2021-1523

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...

8.6CVSS0.00537EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2021/08/25 7:10 p.m.14 views

CVE-2021-1523 Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...

8.6CVSS7.1AI score0.00537EPSS
Exploits0References1
Cisco
Ciscoadded 2021/08/25 4:0 p.m.58 views

Cisco Nexus 9000 Series Fabric Switches ACI Mode Queue Wedge Denial of Service Vulnerability

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in...

8.6CVSS8.5AI score0.00537EPSS
Exploits0References1
Rows per page
Query Builder