38468 matches found
Insecure File Lookup
Linux kernel is vulnerable to insecure file lookup . The vulnerability exists because it performs a regular lookup which allows an attacker to access potentially sensitive files, which results in Sensitive Information Disclosure...
Denial Of Service (DoS)
tomcat-websocket is vulnerable to denial of service DoS attacks. An out of memory OOM occurs as the internal upgrade handler doesn't close the associated web connection on destroy causing an application crash...
Prototype Pollution
immer is vulnerable prototype pollution. The vulnerability was introduced by the fix provided for CVE-2020-28477 which allows insecure modification of Object Prototype Attributes...
Denial Of Service
linux is vulnerable to denial of service. The vulnerability exists due to an out-of-bounds write...
Denial Of Service
mariadb is vulnerable to denial of service. The vulnerability exists due to the system allowing high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Denial Of Service (DoS)
linux is vulnerable to denial of service. The vulnerability exists due to a non-blocking socket in llcpsockconnect that leads to leak and eventually hanging-up the system...
Denial Of Service (DoS)
linux kernel is vulnerable to denial of service. The vulnerability exists due to net/netfilter/xtables.c and include/linux/netfilter/xtables.h lacking a full memory barrier upon the assignment of a new table value...
Denial Of Service (DoS)
PHP is vulnerable to deniall of service DoS. The vulnerability exists due to an out of bounds read in phpstriptagsex...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS.Lack of validation in getrawsocket in drivers/vhost/net.c of an skfamily field allows to attacker perform ioctl2 calls on the '/dev/vhost-net' device may use this flaw to crash the kernel...
Improper SSL Certificate Verification
faye is vulnerable to improper SSL certificate validation. The vulnerability exists as it does not implement certificate verification by default, allowing any hostname in the wss: connection made by the Faye::WebSocket::Client to be made unvalidated...
Remote Code Execution (RCE)
php is vulnerable to remote code execution. The FPM module write past allocated buffers and into space reserved for the FCGI protocol data. This can potentailly be exploited to execute arbitrary code on the system...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS. The vulnerability exists as a bug in the PHP Streams component caused the PHP interpreter to crash if an FTP wrapper connection was made through an HTTP proxy. A remote attacker could possibly trigger this issue if a PHP script accepted an untrusted URL...
CRLF Injection
firefox is vulnerable to CRLF injection. A flaw was found in the way Firefox handled Location headers in redirect responses. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Firefox now treats two copies of the Location,...
Denial Of Service (DoS)
Mozilla Firefox is vulnerable to Denial Of Service DoS. Flaws in the processing of malformed web content allows a web page to contain malicious content, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The BodyStream::OnInputStreamReady was missing protections against a state confusion bug and allows an attacker to successfully crash the application...
HTTP Request Smuggling
waitress is vulnerable HTTP request smuggling. The vulnerability exists because the library mishandled HTTP request header by not correctly parsing the Transfer-Encoding header, causing the parser to use Content-Length header instead to determine the HTTP message body size, ignoring the requests...
Information Disclosure
udisks is vulnerable to information disclosure. The vulnerability exists through a format string vulnerability in udiskslog in udiskslogging.c...
Use After Free
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php 7.0.27. BZ1518843 Security Fixes: php: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field CVE-2016-7412 php:...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
Remote Code Execution (RCE)
apache tomcat is vulnerable to remote code execution. This is due to a bug in the way the JRE passes command line arguments to Windows when enableCmdLineArguments is enabled., allowing a remote attacker to inject arbitrary commands that are executed by the host. The CGI Servlet is disabled by...
Remote Code Execution (RCE)
Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, which allows a remote attacker to execute arbitrary code in the context of the user. This CVE ID is different from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836,...
Command Injection
github.com/gotenberg/gotenberg is vulnerable to Command Injection. The vulnerability is due to lack of validation of JSON metadata keys passed to ExifTool, which allows an attacker to inject arbitrary ExifTool arguments and execute operating system commands...
Session Fixation
Jenkins Bitbucket OAuth Plugin is vulnerable to session fixation. The vulnerability is due to the plugin not invalidating the previous session on login, where an attacker can reuse an existing session and gain unauthorized access...
Cross-site Scripting (XSS)
vite is vulnerable to Cross-Site Scripting. This vulnerability exists because it does not properly sanitize inline scripts in the server.transformIndexHtml function, allowing an attacker to inject and execute malicious JavaScript into the browser. This vulnerability is only exploitable if the...
Open Redirect
tornado is vulnerable to Open Redirect. The vulnerability exists in the validateabsolutepath function of web.py because it does not properly validate the requests paths that start with double slashes"\", which allows an attacker to redirect users to malicious websites by providing a maliciously...
Integer Overflow
git is vulnerable to integer overflows. When processing the padding operators, there is a integer overflow in pretty.c::formatandpadcommit where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command whi...
Use-After-Free
linux is vulnerable to Use-After-Free. net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions may allow code execution and leak kernel memory remotely via Bluetooth, which allows a remote attacker to exploit the vulnerability via Bluetooth if they are within the proximity of the...
Remote Code Execution (RCE)
topthink/framework is vulnerable to remote execution. The vulnerability exists because the lang parameter is not properly validated, which allows a remote attacker to inject and execute arbitrary commands...
Denial Of Service (DoS)
hutool-json and json are vulnerable to Denial Of Service DoS. The vulnerability exists due to a stack-based overflow in the library which allows an attacker to cause an application crash via malicious JSON or XML data...
Cross-Site Scripting (XSS)
processwire is vulnerable to cross-site scripting. The vulnerability is due to lack of sanitization in the search users and search pages functions which allows an attacker to inject and execute arbitrary JavaScript...
Information Disclosure
github.com/moby/moby is vulnerable to information disclosure. The vulnerability exists in the getUser function in ocilinux.go due to a lack of input validation, allowing an attacker to read sensitive information in the system...
Use-After-Free
busybox is vulnerable to use-after-free. The vulnerability exists in copyvar which allows an attacker to send crafted awk pattern crashing the application...
Authentication Bypass
linux-aws is vulnerable to Authentication Bypass. The vulnerability exists due to the mishandles of seccomp permissions, allowing an attacker to bypass the intended restrictions on the PTSUSPENDSECCOMP flag through the PTRACESEIZEcode path...
Privilege Escalation
runc is vulnerable to privilege escalation. The vulnerability exists due to a bug in the runc exec --cap created processes with non-empty inheritable Linux process capabilities allowing an attacker to gain unauthorized access permissions...
Improper Input Validation
Java SE is vulnerable to improper input validation. an attacker can gain access to sensitive information through the JSSE component in the oracle GraalVM enterprise edition...
Privilege Escalation
linux-oracle is vulnerable to privilege escalation. The vulnerability exists due to a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities...
Privilege Escalation
kernel is vulnerable to Privilege Escalation. An out-of-bounds read and write in kernel/bpf/verifier.c due to incorrect limits enforcement for pointer arithmetic operations can be abused to escalate privileges to root...
Privilege Escalation
linux-kvm is vulnerable to privilege escalation. The vulnerability exists due to the lack of proper validation of user-supplied eBPF programs prior to executing...
Prototype Pollution
handlebars is vulnerable to Prototype Pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Privilege Escalation
jetty is vulnerable to privilege escalation. The vulnerability exists on Unix like systems where the system's temporary directory is shared between all users on that system, allowing a user to observe the process of creating a temporary sub-directory in the shared temporary directory, and race to...
Remote Code Execution
telerik is vulnerable to remote code execution. A .NET JavaScriptSerializer Deserialization vulnerability through RadAsyncUpload allows an attacker to execute malicious code on the server in the context of the w3wp.exe process...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists as the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to...
Spoofing Attack
firefox is vulnerable to spoofing attack. A flaw was found in the way Firefox displayed information about self-signed certificates. It was possible for a self-signed certificate to contain multiple alternate name entries, which were not all displayed to the user, allowing them to mistakenly exten...
Remote Code Execution
jackson-databind is vulnerable to remote code execution. The vulnerability exists because it does not restrict the data sources for the org.apache.xbean.propertyeditor.JndiConverter object type, leading to deserialisation of arbitrary data from external untrusted sources which would allow an...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists through a use-after-free Read in vhosttransportsendpkt...
Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary File Upload
The httpd packages contain the Apache HTTP Server httpd, which is the namesake project of The Apache Software Foundation. Input sanitization flaws were found in the modnegotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews...
Remote Code Execution (RCE)
log4j is vulnerable to remote code execution RCE. A malicious user can pass a malicious binary to the system that when deserialized, executes arbitrary code. This only affects applications that are using the TCP socket server or the UDP socket server to receive log events from another application...
Arbitrary Code Execution
glibc is vulnerable to arbitrary code execution. A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap,...