Denial Of Service (DoS) Via Ping Floods

github.com/grpc/grpc-go is vulnerable to denial of service DoS attacks. The attack can be triggered by sending a flood of pings by a HTTP/2 peer, leading to an excessive data queue and causing high CPU and resource consumption...

Buffer Under-read

PHP is vulnerable to buffer under-read. The attack is possible in phpstreamurlwraphttpex in httpfopenwrapper.c when parsing HTTP response, subsequently copying a large string...

Authorization Bypass

httpd is vulnerable to authorization bypass. The vulnerability exists through URL normalization inconsistency...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference due to an anomalized NFS message sequence allows an attacker to cause a panic in the system and deny access to the NFS server...

Authorization Bypass

openjdk is vulnerable to authorization bypass. An input validation flaw was found in the URL class implementation in the Networking component of OpenJDK which allows a remote attacker to perform unauthorized read, update, insert or delete actions...

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

Denial Of Service (DoS)

PHP is vulnerable to denial of serviceDoS attacks. An attacker could exploit a flaw in the PHAR archive handler by supplying a malicious archive file which may leads to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the pharparsepharfile function in...

Information Disclosure

Oracle Java SE is vulnerable to information disclosure attacks. This is because the JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. A local attacker could possibly use thi...

Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Buffer Overflow

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Cross-Site Scripting (XSS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Privilege Escalation

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Information Disclosure

IBM Java SE is vulnerable to information disclosure. The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the...

Authentication Bypass

openssh is vulnerable to authentication bypass. The OpenSSH client did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X serve...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...

Cross-site Scripting (XSS)

jenkins is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into victim's browser to steal session tokens or perform unwanted actions on behalf of the user...

Denial Of Service (DoS)

CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged...

Denial Of Service (DoS)

squid is vulnerable to denial of service DoS. The vulnerability exists in the HttpHdrRange.cc where range headers with unidentifiable byte-range values could cause DoS...

Authorization Bypass

jenkins is vulnerable to authorization bypass. The vulnerability exists as remotely authenticated users with Job/CONFIGURE permission can bypass intended restrictions to create or destroy arbitrary jobs...

Arbitrary Code Execution

kernel-rt is vulnerable to arbitrary code execution. The vulnerability exists as it uses incorrect uid and gid values during credentials passing in the scmsetcred function...

Carriage Return And Line Feed (CRLF) Injection

Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. Refer to the Red Hat OpenShift Enterprise 1.1 Release Notes for information about the changes in this release. The Release Notes will be available shortly fr...

Denial Of Service (DoS)

Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP Border Gateway Protocol routing protocol. The Quagga ospfd and ospf6d daemons implement the OSPF Open Shortest Path First routing protocol. A heap-based buffer overflow flaw was found in the way the bgpd...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS. It allows remote attackers to affect availability via unknown vectors...

Remote Code Execution Through Deserialization Attack

Apache ActiveMQ Artemis is vulnerable to deserialization attacks. The JMS specification outlines a getObject method on the javax.jms.ObjectMessage class. The Apache Artemis implementation of this method allows the deserialization of objects, from untrusted sources. There are several places where...

Denial Of Service (DoS)

ntp is vulnerable to denial of service. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and...

Denial Of Service (DoS) Memory Consumption, Arbitrary Code Execution And Object-injection Attacks

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

Timing Attack

openssl is vulnerable to Timing Attack. An attacker with access to mount a local timing attack during the ECDSA signature generation is able to exploit the vulnerability in the ECC scalar mmultiplication to recover the private key...

Cross-site Scripting (XSS)

notebook is vulnerable to a cross-site scripting XSS attack. The library does not properly sanitize URLs passed through a directory name, allowing a malicious user to inject and execute arbitrary Javascript...

Cross-site Scripting (XSS)

bootstrap is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the data-container variable in tooltip.js, allowing a malicious user to inject and execute arbitrary Javascript...

Directory Traversal

wildfly-undertow is vulnerable to directory traversal attacks. The application does not handle pathing properly, allowing a malicious user to pass a URL to gain access to sensitive information on the system...

Denial Of Service (DoS)

undertow-core is vulnerable to denial of service DoS attacks. The application does not check if the HTTP header values it receives are null, allowing a malicious user to pass null header values to fill the heap and cause resource exhaustion...

Information Disclosure

tomcat-catalina is vulnerable to information disclosure. When a VirtualDirContext is being used, a malicious user can make a request to the application and view the source code of JSP files that exist in that directory and bypass security constraints...

Remote Code Execution (RCE)

PHPMailer is vulnerable to remote code execution RCE attacks. A malicious user can inject and execute arbitrary code by passing extra parameters to the mail command. This is due to the improper interaction with the library's escapeshellarg function and internal escaping function performed in PHP...

Denial Of Service (DoS) Via Infinite Loop

tomcat-coyote is vulnerable to denial of service DoS attacks. The vulnerability is a result of backporting a fix for CVE-2016-6816 but not backporting the fix for the Tomcat bug 57544 which fails to handle an exceptional condition check for pos while processing HTTPS requests in the Apache Tomcat...

Remote Code Execution (RCE)

ImageMagick is vulnerable to remote code execution RCE. The library does not sanitize certain user inputs, allowing a malicious user to pass a malicious image to the system for file conversion to trigger the execution of arbitrary code. This is also known as the ImageTragick vulnerability...

Unsafe Encryption Scheme

bouncycastle allows for the use of electronic code book ECB mode with Elliptical Curve Integrated Encryption Scheme ECIES. The use of ECB is generally unsafe because it is susceptible to replay attacks...

Information Disclosure

Zabbix is vulnerable to an information disclosure. The vulnerability is due to the reuse of JavaScript Duktape contexts in Zabbix Server/Proxy, which allows a regular non-super administrator to leak sensitive data from hosts they are not authorized to access through shared global JavaScript...

Arbitrary File Upload

pytorch-lightning is vulnerable to Arbitrary File Upload. The vulnerability is due to improper validation of filenames in the /api/v1/uploadfile/ endpoint, which allows an attacker to overwrite arbitrary files and potentially execute malicious code...

SQL Injection

opencart/opencart is vulnerable to SQL Injection. The vulnerability is due to insufficient validation in the Divido payment extension, allowing an anonymous unauthenticated user to exploit SQL injection to gain unauthorized access to the backend database...

Remote Code Execution (RCE)

jenkins-core is vulnerable to Remote Code Execution. The vulnerability is due to unsafe deserialization of Java objects. This flaw allows attackers to execute arbitrary code via a crafted serialized Java object, which could trigger an LDAP query to a third-party server...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression backtracking in the ng-srcset directive. This potentially leads to Regular Expression Denial of Service ReDoS...

Information Exposure

sanitize-html is vulnerable to Information Exposure. The vulnerability is due to the parsing of CSS through the style attribute without disabling source maps, which can allow attackers to infer the file system structure and dependencies of the server...

NULL Pointer Dereference

QEMU built-in VNC server is vulnerable to NULL Pointer Dereference. The vulnerability is caused due to qemuclipboardrequest function can be reached before vncservercuttextcaps function is called and had the chance to initialize the clipboard peer. This can lead to NULL pointer dereference allowin...

Denial Of Service (DoS)

org.eclipse.jetty is vulnerable to Denial Of Service DoS. The vulnerability arises from the library's failure to appropriately limit the size in HPACK header values. This allows an attacker to repeatedly send maliciously crafted HTTP messages, leading to an integer overflow and ultimately causing...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability is due to the usage of the exec python function in PythonAstREPLTool.run which can be exploited to execute arbitrary Python code through prompt injection...

Cross-Site Scripting (XSS)

odoo is vulnerable to Cross-Site Scripting XSS attacks. The vulnerability allows a remote attacker to inject arbitrary web script via the browser of a victim, by posting crafted content...

Access Restriction Bypass

Oracle ManagedDataAccess is vulnerable to Access Restriction Bypass. The vulnerability exists due to the TCPS protocol stack which allows an attacker with network access to takeover the Oracle Data Provider for .NET...

User Impersonation

keycloak-services is vulnerable to User Impersonation. The vulnerability is due to the OpenID Connect user authentication because the session UUID is not properly bound to the user session, allowing an attacker to obtain a certain piece of information from a user request in the same realm and...