Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

217 matches found

UbuntuCve
UbuntuCveadded 2022/09/16 10:15 a.m.28 views

CVE-2022-40153

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

7.1AI score
Exploits0References3
Debian CVE
Debian CVEadded 2022/09/16 10:0 a.m.84 views

CVE-2022-40152

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

7.5CVSS6AI score0.00803EPSS
Exploits1
CVE
CVEadded 2022/09/16 10:0 a.m.219 views

CVE-2022-40151

CVE-2022-40151 affects XStream: a Denial of Service via stack-based overflow when parsing XML data. IBM bulletin for SPSS Collaboration and Deployment Services notes this CVE among multiple Woodstox/XStream issues and provides remediation via IFix download for SPSS versions 8.5 and 8.6 (IM-SCaDS-...

7.5CVSS6.8AI score0.00258EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2022/09/16 10:0 a.m.61 views

CVE-2022-40151

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

7.5CVSS7.4AI score0.00258EPSS
Exploits1
Debian CVE
Debian CVEadded 2022/09/16 12:0 a.m.39 views

CVE-2022-40149

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

7.5CVSS6.5AI score0.0055EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2022/09/06 12:0 a.m.32 views

snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS6.4AI score0.00693EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blogadded 2022/09/06 12:0 a.m.23 views

snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS7AI score0.003EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blogadded 2022/09/06 12:0 a.m.75 views

snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS7.2AI score0.00533EPSS
Exploits0References8Affected Software7
NVD
NVDadded 2022/09/05 10:15 a.m.11 views

CVE-2022-38750

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS0.00693EPSS
Exploits1References5
NVD
NVDadded 2022/09/05 10:15 a.m.21 views

CVE-2022-38751

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS0.003EPSS
Exploits0References5
Prion
Prionadded 2022/09/05 10:15 a.m.16 views

Input validation

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

4CVSS7.7AI score0.00533EPSS
Exploits0References4Affected Software2
Prion
Prionadded 2022/09/05 10:15 a.m.38 views

Input validation

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

4CVSS7.7AI score0.003EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCveadded 2022/09/05 10:15 a.m.39 views

CVE-2022-38751

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS6.8AI score0.003EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2022/09/05 12:0 a.m.44 views

CVE-2022-38751

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS6.8AI score0.003EPSS
Exploits0
Cvelist
Cvelistadded 2022/09/05 12:0 a.m.19 views

CVE-2022-38749 DoS in SnakeYAML

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS7AI score0.00533EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2022/09/05 12:0 a.m.39 views

CVE-2022-38750

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow...

6.5CVSS6.4AI score0.00693EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletinsadded 2022/08/30 9:23 a.m.134 views

Security Bulletin: IBM Integration Bus and IBM App Connect Enterprise are vulnerable to a denial of service due to jackson-databind (CVE-2020-36518)

Summary IBM Integration Bus and IBM App Connect Enterprise are vulnerable to a denial of service due to jackson-databind, caused by a Java StackOverflow exception. The fix includes jackson-databind 2.13.3 Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is...

7.5CVSS7.4AI score0.00487EPSS
Exploits1Affected Software1
NVD
NVDadded 2022/08/25 2:15 p.m.12 views

CVE-2022-36473

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditBasicSSID5G...

7.8CVSS0.0006EPSS
Exploits1References1
NVD
NVDadded 2022/08/25 2:15 p.m.14 views

CVE-2022-36466

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg...

7.8CVSS0.00055EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/08/25 2:4 p.m.16 views

CVE-2022-37099

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat...

9.9AI score0.00459EPSS
Exploits1References1
Rows per page
Query Builder