41 matches found
CVE-2021-23425
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
CVE-2021-23425
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
Spoofing
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
CVE-2021-23425 Regular Expression Denial of Service (ReDoS)
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
CVE-2021-23425
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service ReDoS via string processing...
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...
Denial Of Service (DoS)
Python is vulnerable to Denial Of Service DoS. Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service Python application crash...
Arbitrary Code Execution
python is vulnerable to arbitrary code execution. Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service Python application crash...
CVE-2019-17137
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings...
CVE-2019-11935
Insufficient boundary checks when processing a string in mberegreplace allows access to out-of-bounds memory. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28...
Puppet Enterprise 2015.x / 2016.x < 2016.4.0 Multiple Vulnerabilities
According to its self-reported version number, the Puppet Enterprise application running on the remote host is version 2015.x or 2016.x prior to 2016.4.0. It is, therefore, affected by the following vulnerabilities : - A cross-site redirection vulnerability exists within the /auth/login script du...
Puppet Enterprise < 2016.2.1 Multiple Vulnerabilities
According to its self-reported version number, the Puppet Enterprise application running on the remote host is version prior to 2016.2.1. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in the mcollective puppet-agent plugin due to an...
Axessh 4.2 - Denial Of Service
Axessh是一款windows下的ssh工具,使用后会开启ssh 22端口,并开启wsshed.exe服务,当wsshed.exe在接收字符串时,会调用BIGNUM相关函数进行处理,但对于BIGNUM的结构体没有进行赋初值,导致空指针引用引发拒绝服务漏洞,下面对此漏洞进行详细分析。 这里要提的一点是,Exploit-db给的PoC可以触发漏洞,但实际上,只要连接22端口,都会引发这个漏洞的发生,哪怕只发送一字节的内容。 附加wsshed.exe,执行PoC,引发中断,这边捕获到漏洞触发位置。 0:000 g f74.a68: Access violation - code c00000...
GNU glibc library security vulnerabilities
Invalid mntent functions string processing, ELF format parsing memory corruption...
Orbit Downloader Long URL Stack Buffer Overflow (CVE-2009-0187)
Orbit Downloader, developed by Orbit Downloader Team, is a graphical download manager for Microsoft Windows operating system. Orbit Downloader works with all major browsers like Opera, Mozilla Firefox, Microsoft Internet Explorer, Maxthon, and Netscape. A buffer overflow vulnerability exists in...
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
Buffer overflow
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service crash or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicoderesize...
Debian DSA-1612-1 : ruby1.8 - several vulnerabilities
Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2662 Drew Yao discovered that multiple...
DSA-1612-1 ruby1.8 - several vulnerabilities
Bulletin has no description...