Lucene search
K
OsvMost viewed

909089 matches found

OSV
OSV
•added 2023/10/10 4:53 p.m.•56 views

CVE-2023-36478 HTTP/2 HPACK integer overflow and buffer allocation

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size limit. MetaDataBuilder.java determines if a...

7.5CVSS6.7AI score0.03754EPSS
Exploits1References12
OSV
OSV
•added 2023/10/05 8:35 p.m.•56 views

GO-2023-2095 Arbitrary code execution during build via line directives in cmd/go

Line directives "//line" can be used to bypass the restrictions on "//go:cgo" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of...

8.1CVSS8.3AI score0.01762EPSS
Exploits0References3
OSV
OSV
•added 2023/09/26 7:34 a.m.•56 views

CVE-2023-5192 Excessive Data Query Operations in a Large Data Table in pimcore/demo

Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0...

6.1CVSS6.3AI score0.00783EPSS
Exploits1References4
OSV
OSV
•added 2023/09/19 12:0 p.m.•56 views

RUSTSEC-2023-0083 blurhash: panic on parsing crafted blurhash inputs

Impact The blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input. In a typical deployment, this may get triggered by feeding a maliciously crafted blurhashes over the network. These may include: - UTF-8 compliant strings containing multi-byte UTF-...

8.6CVSS8AI score0.00515EPSS
Exploits0References4
OSV
OSV
•added 2023/09/13 4:37 p.m.•56 views

GO-2023-2024 Out-of-memory vulnerability in github.com/libp2p/go-libp2p

A malicious actor can store an arbitrary amount of data in the memory of a remote node by sending the node a message with a signed peer record. Signed peer records from randomly generated peers can be sent by a malicious actor. This memory does not get garbage collected and so the remote node can...

7.5CVSS7.5AI score0.00772EPSS
Exploits0References2
OSV
OSV
•added 2023/07/20 12:0 a.m.•56 views

ALSA-2023:4175 Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper handling o...

7.5CVSS7AI score0.01812EPSS
Exploits0References14
OSV
OSV
•added 2023/06/21 12:0 a.m.•56 views

ALSA-2023:3723 Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilter: use-after-free in nftables when processing batch...

7.8CVSS7.3AI score0.12966EPSS
Exploits10References14
OSV
OSV
•added 2023/06/16 6:30 p.m.•56 views

GHSA-934G-FVCC-4833 jeecg-boot SQL injection vulnerability

jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...

9.8CVSS9.8AI score0.1248EPSS
Exploits1References3
OSV
OSV
•added 2023/03/11 12:0 a.m.•56 views

DLA-3357-1 imagemagick - security update

Bulletin has no description...

7.8CVSS6AI score0.89855EPSS
Exploits56
OSV
OSV
•added 2023/03/06 11:15 p.m.•56 views

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

7.5CVSS3AI score
Exploits0References2
OSV
OSV
•added 2023/03/03 5:17 p.m.•56 views

GO-2023-1602 Denial of service via deflate decompression bomb in github.com/russellhaering/gosaml2

A bug in SAML authentication library can result in Denial of Service attacks. Attackers can craft a "deflate"-compressed request which will consume significantly more memory during processing than the size of the original request. This may eventually lead to memory exhaustion and the process bein...

5.3CVSS5.2AI score0.00964EPSS
Exploits0References3
OSV
OSV
•added 2023/03/01 12:0 a.m.•56 views

ASB-A-234442700

In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.1AI score0.00091EPSS
Exploits0References2
OSV
OSV
•added 2023/02/28 6:15 p.m.•56 views

CVE-2022-41725

A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...

7.5CVSS7.5AI score
Exploits0References5
OSV
OSV
•added 2023/02/21 9:30 p.m.•56 views

GHSA-7J9M-J397-G4WX MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data

Under very specific circumstances, a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C. This affects all MongoDB .NET/C Driver versions prior to and including v2.18.0...

7.2CVSS6.7AI score0.01049EPSS
Exploits0References5
OSV
OSV
•added 2023/01/23 8:27 a.m.•56 views

RLSA-2023:0194 Moderate: java-17-openjdk security and bug fix update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742 CVE-2023-21843 Fo...

5.3CVSS6AI score0.01836EPSS
Exploits0References5
OSV
OSV
•added 2023/01/18 5:15 p.m.•56 views

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...

7.8CVSS5.1AI score0.55367EPSS
Exploits20References14
OSV
OSV
•added 2022/12/19 10:48 p.m.•56 views

GHSA-H4Q8-96P6-JCGR ghinstallation returns app JWT in error responses

Impact In ghinstallation v1, when the request to refresh an installation token failed, the HTTP request and response would be returned for debugging. https://github.com/bradleyfalzon/ghinstallation/blob/24e56b3fb7669f209134a01eff731d7e2ef72a5c/transport.goL172-L174 The request contained the beare...

5CVSS4.7AI score0.00382EPSS
Exploits1References8
OSV
OSV
•added 2022/11/15 12:0 a.m.•56 views

ALSA-2022:8067 Moderate: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...

9.8CVSS9.1AI score0.90407EPSS
Exploits2References22
OSV
OSV
•added 2022/11/08 12:0 a.m.•56 views

ALSA-2022:7647 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of uninitialized value of in r:parsebody CVE-2022-22719 httpd: core: Possible buffer overflow with very...

9.8CVSS8.8AI score0.90407EPSS
Exploits2References22
OSV
OSV
•added 2022/11/01 6:15 p.m.•56 views

CVE-2022-3602

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

7.5CVSS3.6AI score
Exploits0References41
OSV
OSV
•added 2022/05/17 4:17 a.m.•56 views

GHSA-FMMQ-J7PQ-F85C JRuby denial of service via Hash Collision

JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...

5CVSS5.1AI score0.02249EPSS
Exploits0References5
OSV
OSV
•added 2022/05/17 12:34 a.m.•56 views

GHSA-C2V7-J5GQ-WCQ4 Laravel Sensitive Data Exposure

Laravel before 5.5.10 mishandles the rememberme token verification process because DatabaseUserProvider does not have constant-time token comparison...

5.9CVSS5.6AI score0.01193EPSS
Exploits0References6
OSV
OSV
•added 2022/05/14 1:3 a.m.•56 views

GHSA-WXVR-VQFP-9CQW Denial of service in JBoss resteasy

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...

7.5CVSS7.2AI score0.04913EPSS
Exploits0References6
OSV
OSV
•added 2022/05/13 12:0 a.m.•56 views

DLA-3003-1 ruby-nokogiri - security update

Bulletin has no description...

7.5CVSS7.5AI score0.03549EPSS
Exploits0
OSV
OSV
•added 2022/04/12 12:0 a.m.•56 views

GHSA-VPGW-FFH3-648H Prototype Pollution in fullpage.js

fullPage utils are available to developers using window.fputils. They can use these utils for their own use-case other than fullPage as well. However, one of the utils deepExtend is vulnerable to Prototype Pollution vulnerability. Javascript is "prototype" language which means when a new "object"...

7.3CVSS9.4AI score0.01271EPSS
Exploits1References4
OSV
OSV
•added 2022/04/08 6:15 a.m.•56 views

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

9.1CVSS2AI score
Exploits0References7
OSV
OSV
•added 2022/03/17 12:0 a.m.•56 views

DLA-2953-1 openssl1.0 - security update

Bulletin has no description...

7.5CVSS8.2AI score0.70561EPSS
Exploits2
OSV
OSV
•added 2022/03/14 11:15 a.m.•56 views

CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier...

9.1CVSS1.5AI score
Exploits0References16
OSV
OSV
•added 2022/03/03 9:15 p.m.•56 views

PYSEC-2022-160

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

7.5CVSS3.2AI score0.03608EPSS
Exploits1References4
OSV
OSV
•added 2022/02/25 12:1 a.m.•56 views

GHSA-Q62H-JW38-24VH Uncaught Exception in zip4j

zip4j up to 2.9.1 can throw various uncaught exceptions while parsing a specially crafted ZIP file, which could result in an application crash. This could be used to mount a denial of service attack against services that use zip4j library...

5.5CVSS5.4AI score0.00698EPSS
Exploits0References4
OSV
OSV
•added 2022/02/01 12:51 a.m.•56 views

GHSA-9FP7-4FJM-Q3MF Prototype Pollution in keyget

The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a denial of service and may lead to remote code execution. Note: This vulnerability derives from an incomplete fix to CVE-2020-28272...

5.6CVSS9.6AI score0.01678EPSS
Exploits1References4
OSV
OSV
•added 2022/01/12 10:33 p.m.•56 views

GHSA-M7VP-HQWV-7M5X Unbounded memory usage on exposed HTTP/2 (non-gRPC) endpoints

Impact The net/http Go package has a reported vulnerability tracked under CVE-2021-44716 which allows attacker controlled HTTP/2 requests to trigger unbounded memory usage in HTTP/2 endpoints. gRPC endpoints are not vulnerable as they rely on their own HTTP/2 implementation instead of the net/htt...

6.5AI score
Exploits0References1
OSV
OSV
•added 2022/01/07 12:9 a.m.•56 views

GHSA-6P56-WP2H-9HXR NumPy Buffer Overflow (Disputed)

A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArrayNewFromDescrint function of ctors.c when specifying arrays of large dimensions over 32 from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulnerability; In very...

6CVSS5.3AI score0.01074EPSS
Exploits1References5
OSV
OSV
•added 2022/01/06 10:4 p.m.•56 views

GHSA-FG7R-2G4J-5CGR Race Condition in tokio

If a tokio::sync::oneshot channel is closed via the oneshot::Receiver::close method, a data race may occur if the oneshot::Sender::send method is called while the corresponding oneshot::Receiver is awaited or calling tryrecv. When these methods are called concurrently on a closed channel, the two...

8.1CVSS7.9AI score0.01162EPSS
Exploits0References5
OSV
OSV
•added 2021/11/09 9:16 a.m.•56 views

RLSA-2021:4396 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

8.8CVSS7.7AI score0.0825EPSS
Exploits2References6
OSV
OSV
•added 2021/11/05 12:0 a.m.•56 views

DSA-5001-1 redis - security update

Bulletin has no description...

9CVSS6.9AI score0.1578EPSS
Exploits0
OSV
OSV
•added 2021/10/28 4:15 p.m.•56 views

CVE-2021-22097

In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100%...

6.5CVSS6.6AI score0.01037EPSS
Exploits0References1
OSV
OSV
•added 2021/09/01 6:32 p.m.•56 views

GHSA-H97F-5258-5593 Incorrect Authorization in serverless-offline

Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because the actual behavior within the Amazon AWS environment is a 200 HTTP status code i.e., possibly greater than expected...

9.8CVSS9.5AI score0.0146EPSS
Exploits1References3
OSV
OSV
•added 2021/08/03 2:57 a.m.•56 views

UVI-2021-1001492 atm: iphase: fix possible use-after-free in ia_module_exit()

atm: iphase: fix possible use-after-free in iamoduleexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.276 by commit...

7.3AI score
Exploits0
OSV
OSV
•added 2021/06/15 12:0 a.m.•56 views

DLA-2686-1 python-urllib3 - security update

Bulletin has no description...

9.8CVSS6.8AI score0.04488EPSS
Exploits1
OSV
OSV
•added 2021/06/05 12:0 a.m.•56 views

DLA-2677-1 libwebp - security update

Bulletin has no description...

9.8CVSS7.5AI score0.02662EPSS
Exploits0
OSV
OSV
•added 2021/05/30 12:0 a.m.•56 views

DSA-4923-1 webkit2gtk - security update

Bulletin has no description...

9.8CVSS8AI score0.0712EPSS
Exploits0
OSV
OSV
•added 2021/05/18 5:33 a.m.•56 views

ALSA-2021:1578 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c CVE-2019-18811 kernel: use-after-free caused by a...

7.8CVSS8.5AI score0.03292EPSS
Exploits6References26
OSV
OSV
•added 2021/04/25 12:0 a.m.•56 views

DLA-2638-1 jackson-databind - security update

Bulletin has no description...

8.8CVSS7.6AI score0.20929EPSS
Exploits16
OSV
OSV
•added 2021/04/05 12:0 a.m.•56 views

DSA-4885-1 netty - security update

Bulletin has no description...

9.1CVSS7.5AI score0.18891EPSS
Exploits4
OSV
OSV
•added 2021/03/25 12:0 a.m.•56 views

DSA-4875-1 openssl - security update

Bulletin has no description...

5.9CVSS7AI score0.62906EPSS
Exploits3
OSV
OSV
•added 2021/02/16 5:15 p.m.•56 views

CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater th...

3.7CVSS1.9AI score
Exploits0References10
OSV
OSV
•added 2020/12/09 12:0 p.m.•56 views

RUSTSEC-2020-0089 nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers

In versions of nanorand prior to 0.5.1, RandomGen implementations for standard unsigned integers could fail to properly generate numbers, due to using bit-shifting to truncate a 64-bit number, rather than just an as conversion. This often manifested as RNGs returning nothing but 0, including the...

5.1CVSS9.4AI score0.01515EPSS
Exploits0References3
OSV
OSV
•added 2020/11/25 12:0 a.m.•56 views

DSA-4798-1 spip - security update

Bulletin has no description...

9.8CVSS7.4AI score0.02167EPSS
Exploits3
OSV
OSV
•added 2020/11/02 12:0 p.m.•56 views

RUSTSEC-2020-0081 `mio` invalidly assumes the memory layout of std::net::SocketAddr

The mio crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

5.5CVSS5.3AI score0.00389EPSS
Exploits1References3
Total number of security vulnerabilities5000