Lucene search
K
OsvMost viewed

909148 matches found

OSV
OSV
added 2024/01/09 7:35 p.m.77 views

GHSA-59J7-GHRG-FJ52 Microsoft ASP.NET Core project templates vulnerable to denial of service

A Denial of Service vulnerability exists in ASP.NET Core project templates which utilize JWT-based authentication tokens. This vulnerability allows an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and...

6.8CVSS8AI score0.02868EPSS
Exploits0References4
OSV
OSV
added 2023/11/03 5:15 a.m.77 views

PYSEC-2023-227

An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates o...

7.5CVSS7.1AI score0.01038EPSS
Exploits0References4
OSV
OSV
added 2023/08/04 4:15 p.m.77 views

PYSEC-2023-139

Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the-middle MITM attack. Attackers with...

5.3CVSS6.5AI score0.00229EPSS
Exploits0References7
OSV
OSV
added 2023/02/16 9:56 p.m.77 views

GO-2023-1549 Improper input validation in github.com/openshift/apiserver-library-go

Low-privileged users can set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint SCC is "runtime/default," allowing users to disable seccomp for pods they can create and modify...

6.3CVSS6.3AI score0.00647EPSS
Exploits0References3
OSV
OSV
added 2022/12/26 12:0 a.m.77 views

DLA-3249-1 mbedtls - security update

Bulletin has no description...

9.8CVSS5.8AI score0.02569EPSS
Exploits6
OSV
OSV
added 2022/10/23 12:0 a.m.77 views

DSA-5257-2 linux - regression update

Bulletin has no description...

7.2AI score
Exploits0
OSV
OSV
added 2022/08/29 3:15 p.m.77 views

CVE-2022-0336

The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...

8.8CVSS3.6AI score0.01301EPSS
Exploits0References7
OSV
OSV
added 2022/05/13 1:17 a.m.77 views

GHSA-J7MW-7CRR-658V Richfaces vulnerable to arbitrary code execution

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language EL injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData...

9.8CVSS9.7AI score0.74171EPSS
Exploits6References10
OSV
OSV
added 2022/02/19 12:0 a.m.78 views

DSA-5083-1 webkit2gtk - security update

Bulletin has no description...

8.8CVSS7.8AI score0.16342EPSS
Exploits0
OSV
OSV
added 2022/02/10 8:46 p.m.77 views

GHSA-C7F6-4VX5-4263 Unrestricted Upload of File with Dangerous Type in Liferay Portal and Liferay DXP

Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files...

6.5CVSS6.2AI score0.02164EPSS
Exploits0References5
OSV
OSV
added 2021/09/16 3:15 p.m.77 views

CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

9CVSS1.2AI score0.99999EPSS
Exploits5References20
OSV
OSV
added 2020/09/02 6:25 p.m.77 views

GHSA-C2GP-86P4-5935 Use-After-Free in puppeteer

Versions of puppeteer prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium CVE-2019-5786. The Chromium FileReader API is vulnerable to Use-After-Free which may lead to Remote Code Execution. Recommendation Upgrade to version 1.13.0 or later...

6.5CVSS6.9AI score0.61537EPSS
Exploits10References8
OSV
OSV
added 2011/09/08 12:0 a.m.77 views

DSA-2303-1 linux-2.6 - several issues

Bulletin has no description...

9.1CVSS7.5AI score0.05689EPSS
Exploits13
OSV
OSV
added 2024/08/21 5:15 p.m.76 views

CVE-2024-5762

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.1CVSS8.1AI score
Exploits0References2
OSV
OSV
added 2024/03/06 11:5 a.m.76 views

BIT-PYTHON-2021-4189

A flaw was found in Python, specifically in the FTP File Transfer Protocol client library in PASV passive mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecti...

5.3CVSS6.3AI score0.02511EPSS
Exploits0References11
OSV
OSV
added 2024/03/06 10:56 a.m.76 views

BIT-APACHE-2021-26690 mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

7.5CVSS8.5AI score0.65067EPSS
Exploits0References13
OSV
OSV
added 2024/03/06 10:53 a.m.76 views

BIT-APACHE-2022-22719 mod_lua Use of uninitialized value of in r:parsebody

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

7.5CVSS8.6AI score0.69803EPSS
Exploits0References16
OSV
OSV
added 2024/01/31 6:15 p.m.76 views

PYSEC-2024-29

OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an adm...

4.9CVSS6.8AI score0.00519EPSS
Exploits0References3
OSV
OSV
added 2022/12/22 5:41 p.m.76 views

GO-2022-1175 Exposure of local files in github.com/cortexproject/cortex

A malicious actor could remotely read local files by submitting to the Alertmanager Set Configuration API maliciously crafted inputs. Only users of the Alertmanager service where "-experimental.alertmanager.enable-api" or "enableapi: true" is configured are affected...

6.5CVSS6.2AI score0.00753EPSS
Exploits0References3
OSV
OSV
added 2022/10/30 12:0 a.m.76 views

DSA-5267-1 pysha3 - security update

Bulletin has no description...

9.8CVSS8.9AI score0.05193EPSS
Exploits1
OSV
OSV
added 2022/09/10 12:0 a.m.76 views

GHSA-RHWX-HJX2-X4QR PDFKit vulnerable to Command Injection

The package pdfkit is vulnerable to Command Injection where the URL is not properly sanitized. Note: This issue was patched in 0.8.7.2, but the patch was discovered to be ineffective. The updated patch version is 0.8.7.2...

9.8CVSS9.5AI score0.38924EPSS
Exploits11References14
OSV
OSV
added 2022/07/12 7:39 p.m.76 views

GHSA-3HHC-QP5V-9P2J Active Record RCE bug with Serialized Columns

When serialized columns that use YAML the default are deserialized, Rails uses YAML.unsafeload to convert the YAML data in to Ruby objects. If an attacker can manipulate data in the database via means like SQL injection, then it may be possible for the attacker to escalate to an RCE. There are no...

9.8CVSS9.4AI score0.02386EPSS
Exploits1References8
OSV
OSV
added 2022/05/25 12:0 a.m.76 views

GHSA-RF6Q-VX79-MJXR Undertow Uncontrolled Resource Consumption

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final a...

7.5CVSS6.1AI score0.01175EPSS
Exploits0References4
OSV
OSV
added 2022/02/11 11:27 p.m.76 views

GHSA-742W-89GC-8M9C containerd v1.2.x can be coerced into leaking credentials during image pull

Impact If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign layer”, the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 o...

6.1CVSS6.9AI score0.02209EPSS
Exploits1References9
OSV
OSV
added 2021/11/01 12:0 a.m.76 views

DSA-5000-1 openjdk-11 - security update

Bulletin has no description...

7.1CVSS6.4AI score0.14839EPSS
Exploits0
OSV
OSV
added 2021/08/24 3:15 p.m.76 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS0.3AI score
Exploits0References21
OSV
OSV
added 2021/04/26 4:15 p.m.76 views

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

7.5CVSS6.6AI score
Exploits0References3
OSV
OSV
added 2021/03/02 2:57 a.m.76 views

GHSA-W5HR-JM4J-9JVQ Sandbox escape through template_object in smarty

Sandbox protection could be bypassed through access to an internal Smarty object that should have been blocked. Sites that rely on Smarty Security features should upgrade as soon as possible. Please upgrade to 3.1.39 or higher...

7.5CVSS8.5AI score0.09436EPSS
Exploits1References10
OSV
OSV
added 2020/12/19 12:0 a.m.76 views

DSA-4817-1 php-pear - security update

Bulletin has no description...

7.8CVSS7.9AI score0.84554EPSS
Exploits5
OSV
OSV
added 2020/12/01 12:0 a.m.76 views

ASB-A-150693166

In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS8.3AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2018/09/10 12:0 a.m.76 views

DLA-1500-1 openssh - security update

Bulletin has no description...

9.8CVSS6.7AI score0.58568EPSS
Exploits26
OSV
OSV
added 2017/10/24 6:33 p.m.76 views

GHSA-99CH-8MVP-G7M5 md2pdf allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename

converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename...

10CVSS7.1AI score0.02161EPSS
Exploits3References6
OSV
OSV
added 2017/10/24 6:33 p.m.76 views

GHSA-3M6R-39P3-JQ25 Doorkeeper is vulnerable to replay attacks

The Doorkeeper gem before 4.2.0 for Ruby might allow remote attackers to conduct replay attacks or revoke arbitrary tokens by leveraging failure to implement the OAuth 2.0 Token Revocation specification...

9.1CVSS9.1AI score0.04685EPSS
Exploits0References11
OSV
OSV
added 2026/04/22 12:4 a.m.75 views

OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...

5.8AI score
Exploits0References1
OSV
OSV
added 2025/04/01 8:16 a.m.75 views

BIT-GITLAB-2024-12619 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects...

6.5CVSS5.3AI score0.00261EPSS
Exploits1References3
OSV
OSV
added 2024/06/24 7:4 p.m.75 views

SUSE-SU-2024:2185-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free bsc1225201. - CVE-2021-47496: Fix flipped sign in tlserrabort calls bsc1225354 -...

9.8CVSS8.1AI score0.17563EPSS
Exploits7References400
OSV
OSV
added 2024/05/06 1:7 p.m.75 views

RXSA-2024:1607 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vmwgfx: NULL pointer dereference in vmwcmddxdefinequery CVE-2022-38096 kernel: Out of boundary write in perfreadgroup as result of overflow a perfevent's readsize CVE-2023-6931 kernel: GS...

7.8CVSS7.9AI score0.28058EPSS
Exploits17References8
OSV
OSV
added 2024/03/21 10:58 p.m.75 views

MAL-2024-1139 Malicious code in boukiapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e9af3c6aabc1d88faf00494cf4894995cd20b96fb4b40a1d4bf32c98f3fd782 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/02/14 4:15 p.m.75 views

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS7.4AI score0.99995EPSS
Exploits0References36
OSV
OSV
added 2023/12/27 9:31 p.m.75 views

GHSA-PFH2-HFMQ-PHG5 json-path Out-of-bounds Write vulnerability

json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse method...

5.3CVSS5.6AI score0.0067EPSS
Exploits1References5
OSV
OSV
added 2023/10/05 12:7 a.m.75 views

GHSA-94VC-P8W7-5P49 Bundled libwebp in imagecodecs vulnerable

imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 previously CVE-2023-4863. imagecodecs v2023.9.18 upgrades the bundled libwebp binary to v1.3.2...

8.8CVSS7.1AI score0.99735EPSS
Exploits9References5
OSV
OSV
added 2023/04/11 9:48 p.m.75 views

GHSA-PXVG-2QJ5-37JQ Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs

Summary Nokogiri v1.14.3 upgrades the packaged version of its dependency libxml2 to v2.10.4 from v2.10.3. libxml2 v2.10.4 addresses the following known vulnerabilities: - CVE-2023-29469: Hashing of empty dict strings isn't deterministic - CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexTyp...

6.5CVSS6.6AI score0.01086EPSS
Exploits1References8
OSV
OSV
added 2022/11/23 12:0 a.m.75 views

DLA-3203-1 nginx - security update

Bulletin has no description...

7.8CVSS7.5AI score0.02037EPSS
Exploits2
OSV
OSV
added 2022/07/15 11:30 p.m.75 views

GO-2022-0492 Path traversal in github.com/argoproj/argo-events

GitArtifactReader is vulnerable to directory traversal attacks. The GitArtifactReader.Read function reads and returns the contents of a Git repository file. A maliciously crafted repository can exploit this to cause Read to read from arbitrary files on the filesystem...

7.5CVSS7.3AI score0.01815EPSS
Exploits1References2
OSV
OSV
added 2022/07/12 12:0 p.m.75 views

RUSTSEC-2022-0084 libp2p Lack of resource management DoS

libp2p allows a potential attacker to cause victim p2p node to run out of memory The out of memory failure can cause crashes where libp2p is intended to be used within large scale networks leading to potential Denial of Service DoS vector Users should upgrade or reference the DoS mitigation...

7.5CVSS7.3AI score0.00689EPSS
Exploits0References3
OSV
OSV
added 2022/06/09 11:47 p.m.75 views

GHSA-64QM-HRGP-PGR9 Mechanize before v2.8.5 vulnerable to authorization header leak on port redirect

Summary Mechanize rubygem Cookies do not provide isolation by port. If a cookie is readable by a service running on one port, the cookie is also readable by a service running on another port of the same server. If a cookie is writable by a service on one port, the cookie is also writable by a...

5.9CVSS7AI score0.01392EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 10:0 p.m.75 views

GHSA-XR8F-59PP-RXXH Elevation of privilege in ASP.NET Core

An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of Privilege Vulnerability'...

8.8CVSS8.5AI score0.04846EPSS
Exploits0References4
OSV
OSV
added 2021/07/14 7:10 p.m.75 views

GHSA-9PQ7-RCXV-47VQ Incorrect Regular Expression in RestSharp

RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...

7.5CVSS7.3AI score0.01508EPSS
Exploits1References4
OSV
OSV
added 2020/07/09 12:0 p.m.75 views

RUSTSEC-2020-0024 Improper uniqueness verification of signature threshold

The tough library, prior to 0.7.1, does not properly verify the uniqueness of keys in the signatures provided to meet the threshold of cryptographic signatures. It allows someone with access to a valid signing key to create multiple valid signatures in order to circumvent TUF requiring a minimum...

8.6CVSS9AI score0.01357EPSS
Exploits0References3
OSV
OSV
added 2017/10/24 6:33 p.m.75 views

GHSA-MGX3-27HR-MFGP HTTParty does not restrict casts of string values

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...

7.5CVSS7.7AI score0.0441EPSS
Exploits1References7
Total number of security vulnerabilities5000