CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5150 matches found

RubySec•added 2017/04/03 12:0 a.m.•2 views

DoS caused by infinite recursion (stack overflow) in parse_char_class()

The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...

7.5CVSS5.6AI score0.00696EPSS

Exploits0References1Affected Software1

0day.today•added 2017/03/29 12:0 a.m.•53 views

Ubuntu 11.10/12.04 - binfmt_script Stack Data Disclosure Vulnerability

Exploit for linux platform in category dos / poc Source: http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/ Introduction Problem description: Linux kernel binfmtscript handling in combination with CONFIGMODULES can lead to disclosure of kernel stack data during execv...

2.1CVSS7.7AI score0.00579EPSS

Exploits1

Tenable Nessus•added 2017/03/22 12:0 a.m.•22 views

F5 Networks BIG-IP : BIND vulnerability (K02138183)

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a response containing an inconsistency among the DNSSEC-related RRsets. CVE-2016-9147 Impact When the BIND recursion option is enabled, an...

7.5CVSS7.4AI score0.36423EPSS

Exploits0References2

Node.js•added 2017/03/21 7:17 p.m.•3393 views

Denial of Service

Overview Affected versions of jquery use a lowercasing logic on attribute names. When given a boolean attribute with a name that contains uppercase characters, jquery enters into an infinite recursion loop, exceeding the call stack limit, and resulting in a denial of service condition...

5CVSS4.5AI score0.00533EPSS

Exploits1Affected Software1

Veracode•added 2017/03/09 3:21 a.m.•15 views

Security Bypass

Apache Ranger is vulnerable to a security bypass vulnerability. This is because the ranger policy engine incorrectly matches paths in certain conditions when a policy does not contain wildcards and has recursion flag set to true...

5.9CVSS5.7AI score0.00538EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2017/03/08 12:0 a.m.•78 views

AIX 7.1 TL 3 : bind (IV93362) (deprecated)

https://vulners.com/cve/CVE-2016-9131 https://vulners.com/cve/CVE-2016-9131 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses during recursion. By sending a malformed response to a RTYPE ANY query, a remote attacker could exploit this vulnerability to...

7.6AI score0.6803EPSS

Exploits0References2

Tenable Nessus•added 2017/03/08 12:0 a.m.•40 views

AIX 7.2 TL 0 : bind (IV93403) (deprecated)

7.6AI score0.6803EPSS

Exploits0References2

Positive Technologies•added 2017/03/03 12:0 a.m.•1 views

PT-2017-4234

Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.5 Description The issue is related to infinite recursion in parameter entities, which can be exploited by a remote attacker to cause a denial of service. Recommendations For versions prior to 2.9.5, update to...

10CVSS6.9AI score0.21755EPSS

Exploits18References162

RedHat Linux•added 2017/03/02 5:4 p.m.•3 views

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

7.8CVSS6.9AI score0.04691EPSS

Exploits0References4

Prion•added 2017/02/24 8:59 p.m.•22 views

Buffer overflow

The dprintcomp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once."...

4.3CVSS7.1AI score0.0052EPSS

Exploits0References4