Privilege Escalation

kernel is vulnerable to arbitrary code execution. An out-of-bounds memory access via mmio ring buffer allows an attacker to escalate privilege or crash the system...

Privilege Escalation

kernel is vulnerable to privilege escalation. A buffer overflow in the mwifiexcmdappendvsietlv function in drivers/net/wireless/marvell/mwifiex/scan.c allows an attacker to gain higher privileges or cause a denial of service condition...

Information Disclosure

httpd is vulnerable to information disclosure. The vulnerability exists as it was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule...

Arbitrary Code Execution

thunderbird is vulnerable to arbitrary code execution. The vulnerability exists as a double free flaw was found in the way Thunderbird handled "application/http-index-format" documents. A malformed HTTP response could cause Thunderbird to execute arbitrary code with the privileges of the user...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the Linux kernel's garbage collector for AFUNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service out-of-memory condition...

Privilege Escalation

kernel is vulnerable to privilege escalation. A buffer overflow flaw was found in the ecryptfsuidhash function in the Linux kernel eCryptfs implementation. On systems that have the eCryptfs netlink transport Red Hat Enterprise Linux 5 does or where the "/dev/ecryptfs" file has world writable...

Arbitrary Code Execution

thunderbird is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running...

Denial Of Service (DoS)

The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...

Integer Overflows

Mozilla Firefox is vulnerable to Integer Overflows. Flaws in the way of processing of malformed web content allows a web page to contain malicious content, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Remote Code Execution (RCE)

Mozilla Firefox is vulnerable to Remote Code Execution RCE. Due to the flaws found in the processing of malformed web content, a page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Arbitrary Code Execution

seamonkey is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey...

Prototype Pollution

dojo causes prototype pollution. The vulnerability exists as it allows the value proto to be passed through the deepCopy method...

Information Disclosure

jboss-cli is vulnerable to information disclosure. The vulnerability exists as the JBoss EAP Vault system property security attribute value is revealed on CLI 'reload' command...

Denial Of Service (DoS)

libxml2.so is vulnerable to denial of service DoS. When ctxt-schema is NULL, it causes xmlSchemaValidateStream memory leak in xmlSchemaPreRun in xmlschemas.c...

CRLF Injection

waitress is vulnerable to CRLF injection. The vulnerability exists due to the different ways in which carriage returns and line feed characters are parsed in the server and the client. This cab potentially lead to HTTP request smuggling and splitting vulnerabilities...

Remote Code Execution (RCE)

openslp is vulnerable to remote code execution. A heap-based buffer overflow in the ProcessSrvRqst function in slpdprocess.c allows an attacker to execute arbitrary code on the system...

Denial Of Service (DoS)

QEMU is vulnerabel to denial of service. It causes a heap buffer overflow during packet reassembly...

Cross-Site Scripting (XSS)

bootstrap-3-typeahead is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser due to improper special characters escaping...

Information Disclosure

php is vulnerable to denial of service. An attacker is able to read past allocated buffer in the function exifreaddata by passing malicious EXIF data to the PHP EXIF extension. This can also potentially lead to an application crash...

Arbitrary Code Execution

php is vulneable to arbitrary code execution. Invalid memory access in the function xmlrpcdecode allows an attacker to execute arbitrary code on the system via malicious input...

Privilege Escalation

Oracle Java SE is vulnerable to privilege escalation vulnerability. The vulnerability exists in the Java SE, Java SE Embedded component of Oracle Java SE due to an unknown code block of the component Hotspot. An unauthenticated attacker with network access via multiple protocols could compromise...

Denial Of Service (DoS) Through Memory Consumption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

Denial Of Service (DoS)

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Information Disclosure

keycloak-saml-core is vulnerable to sensitive information disclosure. The attack exists because SAML messages are being parsed by replacing the string to obtain the attribute values with the system property in StaxParserUtil class. Therefore, attacker can just parse the chosen system property nam...

Security Manager Bypass

Jasper is vulnerable to Security Manager bypass. A tomcat utility method allows malicious web applications to access and bypass a configured Security Manager...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a buffer over-read vulnerability which would allow a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229,...

Cross-site Scripting (XSS)

rack is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to the lack of sanitization on the data returned by the scheme method in Rack::Request, allowing XSS attacks...

Remote Code Execution (RCE)

jackson-databind is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the availability of an allowed gadget type that could be used to perform remote code execution attacks through deserialization...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a bmp file to the system and cause a memory leak. This can lead to the system running out of memory and crashing...

Directory Traversal

Apache Solr is vulnerable to directory traversal attacks. The vulnerability exists because a replication handler provided by Apache Solr supports an HTTP API which does not validate the user supplied filename parameter. Therefore, attackers can pull index files from a master/leader node using thi...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious Diffie-Hellman ServerKeyExchange message to the system to cause a segmentation fault that can lead to the system crashing...

Denial Of Service (DoS) Through Memory Consumption And Buffer Overflow

OpenSSL is vulnerable to denial of service DoS attacks and possible other attacks. These attacks are possible because the asn1d2ireadbio function doesn't correctly interpret integer data which can be leveraged to do buffer overflow attacks or cause memory consumption...

Denial Of Service (DoS) Through Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks through a null pointer dereference. This can be triggered at remote DTLS servers by a handshake message where the ciphersuite is specified as a 1 anonymous DH or 2 anonymous ECDH ciphersuite...

Denial Of Service (DoS) In SSL Alert Handling

OpenSSL is vulnerable to denial of service in SSL alert handling aka SSL-Death-Alert. The attacks are possible due to a flaw in the way SSL3ALWARNING are handled, consuming 100% CPU on the server...

Denial Of Service (DoS)

es5-ext is vulnerable to a Denial of Service DoS. The vulnerability is due to the handling of functions with very long names or complex default argument names in functioncopy or functiontoStringTokens, which may cause the script to stall. This potentially leads to Denial of Service DoS...

Arbitrary Code Execution

babel is vulnerable to Arbitrary Code Execution . An attacker can trick a user into compiling malicious code which can lead to code injection during compilation, when using specific plugins that rely on internal babel methods. This can lead to bypass of several protection mechanisms posed by the...

Privilege Escalation

go is vulnerable to Privilege Escalation. The vulnerability exists because, on Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits which result in unexpected content being read or written with elevated privileges...

Authorization Bypass

libssh.so is vulnerable to Authorization Bypass. The vulnerability exists in the pkicrypto.c because the pkiverifydatasignature can accept invalid signatures when some memory allocations fail...

Path Traversal

ghost is vulnerable to Path Traversal. The vulnerability exists because the static-theme.js does not properly sanitize file paths, which allows an attacker to access files outside the expected directory and read arbitrary files within the active theme's folder via relative paths such as...

Improper Access Control

nodejs is vulnerable to Improper Access Control. A remote authenticated attacker is able to bypass security restrictions by sending a specially-crafted request using ICUDATA environment variable, An attacker could exploit this vulnerability to search and potentially load ICU data...

Arbitrary Code Execution

dompdf/dompdf is vulnerable to Arbitrary Code Execution. The vulnerability exists in Cache.php due to a lack of validations for SVG files in Dompdf and php-svg-lib, allowing an attacker to parse an arbitrary URL with arbitrary protocols, which can resulting in Arbitrary Code Execution...

Workload Injection

github.com/weaveworks/weave-gitops is vulnerable to workload injection. The library uses an S3 bucket for synchronising files, with no security controls to block unauthorised access in its endpoint, which allows local users on the same machine to see and alter the bucket content...

Cross-site Scripting (XSS)

graphite-web is vulnerable to cross-site scripting. The vulnerability exists because the views.py does not properly escape the template name attribute before being rendered, allowing an attacker to inject and execute malicious JavaScript...

Denial Of Service (DoS)

vim is vulnerable to denial of service. An attacker can crash the application through the heap-based buffer overflow by providing a maliciously crafted input to the skipwhite function of charset.c...

Deserialization Of Untrusted Data

Apache Mina SSHD is vulnerable to Deserialization Of Untrusted Data. The vulnerability exists in SimpleGeneratorHostKeyProvider.java due to using Java deserialization to load a serialized java.security.PrivateKey which allows an attacker to execute arbitrary code...