Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists in the transparent inter-process communication functionality in net/tipc/crypto.c, allowing an attacker to exploit insufficient validation of user-supplied sizes for the MSGCRYPTO message type...

Prototype Pollution

json-schema is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the checkObj function in validate.js and modify attributes such as proto. and constructor...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. A high privileged attacker with network access via multiple protocols can compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL...

Remote Code Execution (RCE)

ntfs-3g is vulnerable to Remote Code Execution RCE. The vulnerability exists due to a heap buffer overflow...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A race condition getoldroot in fs/btrfs/ctree.c allows attackers to cause a denial of service due to the lack of locking on an extent buffer before a cloning operation...

Server-Side Request Forgery (SSRF)

netmask is vulnerable to server-side request forgery SSRF. The package is not able to differentiate private IP addresses as external IP addresses, and would allow an attacker to trick the application into parsing an IP address incorrectly. Successful exploitation of the vulnerability depends on h...

Sandbox Escape

webkitgtk is vulnerable to sandbox escape. Maliciously crafted web content may violate iframe sandboxing policy...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A heap-based buffer overflow in V8 allows a remote attacker to execute arbitrary code on the host OS via a heap corruption via a malicious HTML page...

Man-in-the-Middle

postgresql is vulnerable to man-in-the-middle attack. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text...

Denial Of Service (DoS)

kernel-rt packages is vulnerable to denial of service DoS. The vulnerability exists because sgwrite lacks an sgremoverequest call in a certain failure case causing a denial of service condition...

Out Of Bound Writes (OOB)

kernel-rt is vulnerable to out of bound writes attacks. A user or process able to access the /dev/kvm device could use this flaw to crash the system, resulting in a denial of service...

Carriage-Return Line-Feed (CRLF) Injection

urllib3 is vulnerable to Carriage-Return Line-Feed CRLF Injection. The vulnerability exists as it does not sufficiently check for non-token characters, allowing characters such as \r, \n to be parsed and interpreted...

Denial Of Service (DoS)

linux is vulnerable to denial of service DoS. The vulnerability exists as a memory leak in the cx23888irprobe function in drivers/media/pci/cx23885/cx23888-ir.c can be triggered through kfifoalloc failures...

Unauthorized Read

Openjdk 7 is vulnerable to unauthorised read. It is difficult to exploit vulnerability but it allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker...

Insecure TLS Configuration

openssl uses an insecure TLS configuration. A ciphersuite downgrade flaw was found in the OpenSSL SSL/TLS server code. A remote attacker could possibly use this flaw to change the ciphersuite associated with a cached session stored on the server, if the server enabled the...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way KVM Kernel-based Virtual Machine handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to "/dev/kvm" could use this flaw to cra...

Information Disclosure

firefox is vulnerable to information disclosure. A flaw was found in the Firefox XMLHttpRequest object. A remote site could use this flaw to gather information about servers on an internal private network...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a divide-by-zero flaw was found in the azxpositionok function in the driver for Intel High Definition Audio, snd-hda-intel. A local, unprivileged user could trigger this flaw to cause a kernel crash...

Information Disclosure

JMX-console is vulnerable to information disclosure. The JMX Console configuration only specified an authentication requirement for requests that used the GET and POST HTTP "verbs". A remote attacker could create an HTTP request that does not specify GET or POST, causing it to be executed by the...

Information Disclosure

xen is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the QEMU block format auto-detection, when running fully-virtualized guests and using Qemu images written on removable media USB storage, 3.5" disks. Privileged users of such fully-virtualized guests DomU...

Information Disclosure

php is vulnerable to information disclosure. The vulnerability exists as a PHP script which used the transparent session ID configuration option, or which used the outputaddrewritevar function, could leak session identifiers to external web sites. If a page included an HTML form with an ACTION...

Denial Of Service (DoS)

snakeyaml is vulnerable to denial of service. The library allows an attacker to crash the application through an entity expansion attack, also known as billion laughs attack, by providing a malicious YAML file to be parsed...

SQL Injection

phpmyadmin/phpmyadmin is vulnerable to SQL injection. An authenticated user is able to inject and execute arbitrary SQL via the username parameter...

Authentication Bypass

cxf-rt-rs-security-oauth2 is vulnerable to authentication bypass. The vulnerability exists as the access token services does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. An attacker with a an authorization code that is issued to...

Arbitrary Code Execution

codehaus is vulnerable to arbitrary code execution. An incomplete fix for unsafe deserialization in jackson-databind allows an attacker to inject malicious objects and execute arbitrary code...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists through insufficient input validation in kernel mode driver in Intel i915 graphics...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary File Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

Denial Of Service (DoS)

V8 is Google's open source JavaScript engine. It was discovered that V8 did not properly check the stack size limit in certain cases. A remote attacker able to send a request that caused a script executed by V8 to use deep recursion could trigger a stack overflow, leading to a crash of an...

Authentication Bypass

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Privilege Escalation

An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...

Insecure Authentication

openssh uses an insecure authentication. It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attac...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. It exists because the CreateLabel function in IRBuilderAsmJs.cpp, does not properly check instrPrevparameter, causing memory corruption which allows attacker to trigger RCE. This CVE ID is different from CVE-2017-11886, CVE-2017-11889,...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious HDR file to the system to cause an infinite loop that can lead to the system running out of resources and crashing...

Remote Code Execution (RCE)

gitlab is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of an authorization mechanism in the library, which allows an attacker to import maliciously crafted projects, injecting and executing malicious code...

OS Command Injection

mlflow is vulnerable to OS Command Injection. The vulnerability exists in the cli due to lack of parameter checks which allows an attacker to inject and execute arbitrary commands...

SQL Injection

moodle/moodle is vulnerable to SQL Injection attacks. The vulnerability exists in getsubwikipages function of external.php due to lack of sanitization of user inputs which allows an attacker to inject and execute arbitrary sql queries...

Integer Overflow

linux is vulnerable to Integer Overflows. A local authenticated attacker is able to cause integer overflows in rndisqueryoid of drivers/net/wireless/rndiswlan.c...

Authentication Bypass

curl is vulnerable to Authentication Bypass. The library would reuse a previously created FTP connection even when one or more options had been changed, leading to wrong credentials. Several FTP settings were left out from configuration match checks, making them easily match...

OS Command Injection

hadoop-common is vulnerable to OS Command Injection. The vulnerability exists due to lack of sanitization of input file name by FileUtil.unTarFile, File API before being passed to the shell, allowing an attacker to pass malicious file name and inject arbitrary commands...

Path Traversal

github.com/minio/minio is vulnerable to path traversal. The vulnerability exists in downloadReleaseURL function in update.go because the admin:ServiceUpdate is not properly handled which allows an attacker to get access to the file system...

Session Fixation

passport is vulnerable to session fixation. A remote unauthenticated attacker is able to gain access to guest sessions because when a user logs in or logs out, the session is regenerated instead of being closed...

SQL Injection

prestashop/blockwishlist is vulnerable to SQL injection. The vulnerability exists in getProductsOrCount function in WishListProductSearchProvider.php because order by and order way statements are not properly validated which allows an attacker to inject SQL queries...

Information Disclosure

intel-microcode, sid is vulnerable to information disclosure. An incomplete cleanup in specific special register write operations for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

Remote Code Execution (RCE)

laravel/framework is vulnerable to remote code execution. The vulnerability exists in the destruct function in PendingBroadcast.php due to insecure deserialization of trusted data which allows an attacker to inject maliciously crafted script into the system...

Remote Code Execution (RCE)

samba is vulnerable to remote code execution. The vulnerability exists due to an Out-of-Bounds OOB Heap Read/Write allowing an attacker to inject maliciously crafted script into the system...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to a flaw was found in the Linux kernels wifi implementation which allows an attacker within wireless broadcast range to inject custom data into the wireless communication circumventing checks on the data...

Remote Code Execution (RCE)

ckeditor is vulnerable to remote code execution. An attacker is able to abuse the undo functionality using malformed widget HTML, which could result in executing JavaScript code...

Remote Procedure Calls

linux kernel is vulnerable to remote procedure calls. The vulnerabilities exists due to fastrpcinternalinvoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages...