Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-0028

Malware in sbrugna...

9.8CVSS9.3AI score0.03166EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/17 3:48 a.m.22 views

OpenStack Murano Code Execution

OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...

9.8CVSS7.9AI score0.03166EPSS
Exploits0References9Affected Software3
Github Security Blog
Github Security Blog
added 2020/08/31 10:51 p.m.87 views

Heap Based Buffer Overflow in libyaml

Versions 0.2.2 and earlier depend on native libyaml version 0.1.5 or earlier. As such, they are affected by a heap-based buffer overflow vulnerability that may result in a crash or arbitrary code execution when parsing YAML tags. Recommendation - Update to version 0.2.3 that includes a version of...

6.8CVSS5.1AI score0.09312EPSS
Exploits0References25Affected Software1
Prion
Prion
added 2017/09/13 4:29 p.m.16 views

Default configuration

Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type available on the...

9CVSS7.2AI score0.03825EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2016/09/26 4:59 p.m.2 views

UBUNTU-CVE-2016-4972

OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...

9.8CVSS7.6AI score0.03166EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/09/26 4:0 p.m.26 views

CVE-2016-4972

OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...

9.8AI score0.03166EPSS
Exploits0References3
CNVD
CNVD
added 2016/06/28 12:0 a.m.2 views

Arbitrary Code Execution Vulnerability in Multiple Openstack Products

OpenStack is a cloud platform management project developed by the National Aeronautics and Space Administration and Rackspace.Openstack Murano is an application catalog management project.Murano-muranoclient is a client library for building Murano APIs. Openstack Murano is an application catalog...

9.8CVSS8.3AI score0.03166EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/04/02 7:50 p.m.4 views

libyaml: heap-based buffer overflow when parsing YAML tags

A heap based buffer oveflow exists in the libyaml package such that a remote attacker could provide a specifically crafted YAML document when parsed by the application could result in remote code execution and complete compromise of the system...

6.8CVSS7.1AI score0.09312EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/02/03 12:0 a.m.31 views

FreeBSD : libyaml heap overflow resulting in possible code execution (111f1f84-1d14-4ff2-a9ea-cf07119c0d3b)

libyaml was prone to a heap overflow that could result in arbitrary code execution. Pkg uses libyaml to parse the package manifests in some cases. Pkg also used libyaml to parse the remote repository until 1.2. RedHat Product Security Team reports on libyaml : A heap-based buffer overflow flaw wa...

6.8CVSS6.7AI score0.09312EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2013/11/24 12:0 a.m.30 views

libyaml heap overflow resulting in possible code execution

libyaml was prone to a heap overflow that could result in arbitrary code execution. Pkg uses libyaml to parse the package manifests in some cases. Pkg also used libyaml to parse the remote repository until 1.2. RedHat Product Security Team reports on libyaml: A heap-based buffer overflow flaw was...

6.8CVSS7.5AI score0.09312EPSS
Exploits0References1
Rows per page
Query Builder