Stack-Based Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Cross-site Scripting (XSS)

sinatra is vulnerable to cross-site scripting XSS attacks. The library fails to properly escape the e.message variable in a bad request page, allowing a malicious user to inject and execute arbitrary Javascript...

Information Disclosure

OpenSSL is vulnerable to information disclosure. This is possible because the SSL protocol 3.0 uses a nondeterministic CBC padding allowing attackers to perform man-in-the-middle MitM attacks. This is also known as the POODLE issue...

Cross-site Scripting (XSS)

vite is vulnerable to Cross-Site Scripting. This vulnerability exists because it does not properly sanitize inline scripts in the server.transformIndexHtml function, allowing an attacker to inject and execute malicious JavaScript into the browser. This vulnerability is only exploitable if the...

Inconsistency Between Implementation And Documented Design

nodejs is vulnerable to Inconsistency Between Implementation and Documented Design. The vulnerability is due to generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys.This discrepancy between the documented and actual behavior of the API allows ...

Remote Code Execution (RCE)

mediawiki is vulnerable to Remote Code Execution RCE. The vulnerability allows an attacker to inject arbitrary code into a web page, potentially allowing them to steal user data or take control of the user's computer...

Prototype Pollution

firefox is vulnerable to prototype pollution. The vulnerability exist in Top-Level Await implementation which causes a prototype pollution...

Authorization Bypass

Spring Security is vulnerable to authorization bypass. The vulnerability exists in getRequestMatcherPrivilegeEvaluatorsEntry function in WebSecurity.java due to misconfiguration of privilege evaluation which allows an attacker to gain access to the system and perform unauthorized actions...

Denial Of Service (DoS)

linux is vulnerable to Denial Of Service DoS. The vulnerability exists due to the nftdochain routine in net/netfilter/nftablescore.c which does not initialize the register data that nftables expressions can read from and write to, allowing an attacker to determine the register data and proceed to...

Out-of-bounds Write

apache2 is vulnerable to out-of-bounds write. The vulnerability exists due to the heap memory corruption, which allows an attacker to overwrite heap memory via malicious input...

Remote Code Execution (RCE)

Icinga Web 2 is vulnerable to remote code execution. The vulnerability exists due to the lack of validation of access to the configuration which can create SSH resource files in unintended directories...

Regular Expression Denial Of Service (ReDoS)

prism is vulnerable to regular expression denial of service. An attacker is able to send a malicious input string,leading to an intensive usage of CPU and an application crash...

Denial Of Service (DoS)

linux is vulnerable to denial of service. The vulnerability exists due to a non-blocking socket in llcpsockconnect that leads to leak and eventually hanging-up the system...

Arbitrary Code Execution

glibc is vulnerable to arbitrary code execution. A heap-based buffer over-read in proceednextnode in posix/regexec.c allows an attacker to execute arbitrary code on the host OS via an attempted case-insensitive regular-expression match...

Dependency Confusion

Bundler is vulnerable to dependency confusion. The way of choosing a dependency source based on the highest gem version number by the package installer results in pulling a malicious gem from a public repository instead of its intended private gem even if it is a dependency of another private gem...

Privilege Escalation

jetty is vulnerable to privilege escalation. The vulnerability exists on Unix like systems where the system's temporary directory is shared between all users on that system, allowing a user to observe the process of creating a temporary sub-directory in the shared temporary directory, and race to...

Cross-site Scripting (XSS)

Mozilla Thunderbird is vulnerable to Cross-site Scripting XSS. A malicious web page could cause the execution of Javascript code in such a way that could cause Thunderbird to crash or execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird;...

Denial Of Service (DoS)

OpenJDK is vulnerable to denial of service DoS. It is due to an incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl...

Denial Of Service (DoS)

jboss-remoting is vulnerable to denial of service. A vulnerability was found in the way RemoteMessageChannel reads from an empty buffer. An attacker could abuse the flaw to cause a denial of service via high CPU consumption caused by an infinite loop...

Out-Of-Bounds Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Use-After-Free

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Remote Code Execution (RCE)

BOSH Backup and Restore is vulnerable to remote code execution RCE. A remotely authenticated user is able to request extra backup files in a backup and restore job by modifying the metadata file, resulting in possible execution of arbitrary code...

Denial Of Service (DoS)

tomcat-util is vulnerable to denial of service DoS attacks. The attack exists due to not proper handling of overflow in the decodeHasArray function in UTF-8 decoder...

Remote Code Execution (RCE)

log4j is vulnerable to remote code execution RCE. A malicious user can pass a malicious binary to the system that when deserialized, executes arbitrary code. This only affects applications that are using the TCP socket server or the UDP socket server to receive log events from another application...

Cross-Site Tracing (XST)

spring-web is vulnerable to cross-site tracing XST attacks. The vulnerability exists as HiddenHttpMethodFilter allows web applications to change existing HTTP request method to any HTTP method, causing applications with existing cross-site scripting XSS vulnerability to be vulnerable to XST...

Code Injection

nuxt is vulnerable to Code Injection. The vulnerability exists due to a lack of user input path validation in test-component-wrapper.ts which allows an attacker to inject and execute malicious code. Note that this vulnerability is only applicable if the server is ran on dev mode...

Account Lockout

phpmyfaq is vulnerable to Account Lockout. A remote attacker is able to bypass the security mechanism due to improper input validation in the E-Mail field, which may lead to an account takeover or an account lockout without any possibility of recovery...

Spoofing Attack

kernel is vulnerable to Spoofing Attack. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an...

Use-After-Free

linux is vulnerable to Use-After-Free. net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions may allow code execution and leak kernel memory remotely via Bluetooth, which allows a remote attacker to exploit the vulnerability via Bluetooth if they are within the proximity of the...

Buffer Overflow

OpenSSL is vulnerable to buffer overflow. The vulnerability is due to incomplete X.509 certificate name constraint checking after successful chain signature verification. An attacker can add a malicious email address to the certificate to overflow four attacker-controlled bytes on the stack. This...

Deserialization Of Untrusted Data

Apache Geode is vulnerable to deserialization of untrusted data. The vulnerability exists because the process-wide serialization filter is not properly configured when validate-serializable-objects is enabled which allows an attacker to inject and execute arbitrary code through the untrusted data...

Remote Code Execution (RCE)

openjdk is vulnerable to remote code execution.The vulnerability exists because the sandbox security is not properly handled which allows an attacker to access, create and delete critical data of the system...

Denial Of Service (DoS)

spring-beans is vulnerable to denial of service. . The vulnerability exists in CachedIntrospectionResults.java because applications that handle file not properly validate which allows to attacker crash the application...

Denial Of Service (DoS)

openjdk is vulnerable to denial of service. The vulnerability exists due to a lack of validation of authentication allowing an attacker to crash the system using APIs in the specified Component...

Out-of-bounds Write

Linux kernel is vulnerable to Out-of-bounds Write attack. The vulnerability exist in hwatlutils.c file allows an attacker to trigger an out-of-bounds write via a crafted length value...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to the lack of sanitization of the authenticity of the Message Integrity Check allowing an attacker to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol...

Prototype Pollution

immer is vulnerable prototype pollution. The vulnerability was introduced by the fix provided for CVE-2020-28477 which allows insecure modification of Object Prototype Attributes...

Privilege Escalation

chromium is vulnerable to privilege escalation. The vulnerability exists due to an unknown function of the component V8. The manipulation with an unknown input leads to a privilege escalation vulnerability...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through a pivotroot race condition in fs/namespace.c by corrupting a mountpoint reference counter...

Command Injection

lodash is vulnerable to Command Injection. The vulnerability exists through the unsanitized values of template...

Use-after-free

kernel is vulnerable to use-after-free. It is possible due to a flaw in ext4putsuper...

Privilege Escalation

samba is vulnerable to privilege escalation. The vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC, aka 'Netlogon Elevation of Privilege Vulnerability'...

Denial Of Service (DoS)

mariadb is vulnerable to denial of service. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatabl...

Remote Code Execution

telerik is vulnerable to remote code execution. A .NET JavaScriptSerializer Deserialization vulnerability through RadAsyncUpload allows an attacker to execute malicious code on the server in the context of the w3wp.exe process...

Open Redirects

httpd is vulnerable to open redirects. The vulnerability exists as modrewrite has potential open redirect...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The vulnerability exists in multiple functions of drivers/net/wireless/ath/ath9k/htchst.c due to the memory consumption which allows an attacker to crash the system...

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists as an attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with Firefox...

Arbitrary Code Execution

seamonkey is vulnerable to arbitrary code execution. The vulnerability exists as a webpage containing malicious content could cause SeaMonkey to crash, or potentially execute arbitrary code as the user running SeaMonkey...