Denial Of Service (DoS)

QEMU is vulnerable to denial of service. An out-of-bounds read in ideatapicmdreplyend in hw/ide/atapi.c allows an attacker to crash the application...

Denial Of Service (DoS)

php7 is vulnerable to denial of service. PHP will crash with a SIGSEGV whenever an XML is provided to the SoapClient query function without an existing field...

Arbitrary Code Execution

jackson-databind is vulnerable to remote code execution RCE. The vulnerability exists through the lack of sanitization of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPD class through deserialization...

Denial Of Service (DoS)

Xen is vulnerable to denial of service. A stack overflow due to recursive function calls allows an attacker to crash the application...

Denial Of Service (DoS)

kernel is vulnerable denial of service DoS. It mishandles invalid descriptors in drivers/media/usb/gspca/xirlinkcit.c...

Out-of-bounds Write

kernel is vulnerable to out-of-bounds write. It is possible due to a flaw in ext4xattrsetentry in fs/ext4/xattr.c...

Remote Code Execution (RCE)

kernel is vulnerable to remote code execution RCE. The vulnerability exists through a buffer over-write in vgaconscroll...

Privilege Escalation

libvirt is vulnerable to arbitrary code execution. A double free memory issue affects the polkit access control driver and allows clients connecting to the read-write socket with limited ACL permissions to exploit the vulnerability to crash the libvirt daemon or potentially escalate their...

Arbitrary Code Execution

webkitgtk4 is vulnerable to arbitrary code execution. The vulnerability exists through memory corruption...

Arbitrary Code Execution

webkitgtk4 is vulnerable to arbitrary code execution. The vulnerability exists through parsing web content to memory corruption...

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS due to flaws in managing Privileges...

Unrestricted File Upload

telerik.web.ui allows unrestricted file uploads. A remote attacker is able to upload arbitrary files which can result in arbitrary code execution...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the Linux kernel in the way splitting two extents in ext4extconverttoinitialized worked. A local, unprivileged user with access to mount and unmount ext4 file systems could use this flaw to cause a denial of service...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as an integer signedness error in nextpidmap could allow a local, unprivileged user to cause a denial of service...

Denial Of Service (DoS)

php is vulnerable to denial of service DoS. The vulnerability exists as an insufficient input validation flaw, leading to a buffer over-read, was found in the PHP exif extension. A specially-crafted image file could cause the PHP interpreter to crash when a PHP script tries to extract Exchangeabl...

Arbitrary Code Execution

thunderbird/firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exist as a heap-based buffer overflow flaw was found in the way OpenOffice.org parsed certain Microsoft Office PowerPoint files. An attacker could use this flaw to create a specially-crafted Microsoft Office PowerPoint fi...

Denial Of Service (DoS)

Mozilla Thunderbird is vulnerable to Denial Of Service DoS. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the flaw in sctpprocessunkparam, allowing a remote attacker to send a specially-crafted SCTP packet to an SCTP listening port on a target system, causing a denial of service...

Remote Code Execution (RCE)

Perl is vulnerable to Remote Code Execution RCE. The Safe module did not properly restrict the code of implicitly called methods such as DESTROY and AUTOLOAD on implicitly blessed objects returned as a result of unsafe code evaluation. These methods could have been executed unrestricted by Safe...

Denial Of Service (DoS)

apache http server is vulnerable to denial of service. A flaw was found in the way the moddav module of the Apache HTTP Server handled certain requests. If a remote attacker were to send a carefully crafted request to the server, it could cause the httpd child process to crash...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. A flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial o...

Denial Of Service (DoS)

The kernel is vulnerable to Denial of Service DoS.Due to a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipereadopen, pipewriteopen, and piperdwropen. When the mutex lock is not held, the ipipe pointer could be released by other processes before ...

Man-in-the-Middle (MitM)

openssh is vulnerable to man-in-the-middle attack. A flaw was found in the SSH protocol. An attacker able to perform a man-in-the-middle attack may be able to obtain a portion of plain text from an arbitrary ciphertext block when a CBC mode cipher was used to encrypt SSH communication. This updat...

Privilege Escalation

kernel is vulnerable to privilege escalation. A local attacker with permissions to perform an eCryptfs mount could modify the metadata of the files in that eCrypfts mount to cause a buffer overflow, leading to a denial of service or privilege escalation...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the Realtek r8169 Ethernet driver in the Linux kernel. This driver allowed interfaces using this driver to receive frames larger than what could be handled. This could lead to a remote denial of service or code execution...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as the exitnotify function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID setuid application before exiting. This could allow a local, unprivileged user to elevate their privileg...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists when fput was called to close a socket, the scmdestroy function in the Linux kernel could make indirect recursive calls to itself...

Arbitrary JavaScript Code Execution

seamonkey is vulnerable to arbitrary javascript code execution. The vulnerability exists as a flaw was found in SeaMonkey that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. The vulnerability exists through an ASLR bypass for setuid binaries due to late installexeccreds...

Remote Code Execution

jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. The gadget org.apache.aries.transaction.jms is not validated and filtered by default from the interaction between serialization gadgets and polymorphic typing, allowing for injection of sai...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists due to an incomplete fix for race condition between mmgetnotzero/gettaskmm, and core dumping in CVE-2019-11599...

Remote Code Execution (RCE)

.NET software is vulnerable to remote code execution. Failure to validate the source markup of a file allows an attacker to execute code in the context of the application upon successful exploitation of the vulnerability. This CVE ID is different from CVE-2020-0606...

Remote Code Execution (RCE)

firefox is vulnerable to arbitrary code execution. Multiple critical memory safety bugs allow a remote attacker to execute arbtirary code on the system...

Privilege Escalation

Mozilla Firefox is vulnerable to privilege escalation. It allows an unintended access to a privileged JSONView object...

Insecure Encryption Key

Dnn.Platform uses an insecure encryption key. The vulnerability exists as it does not actually use an encrypted key as its key...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A remote peer is able to fragment TCP resend queues significantly more than if a larger MSS were enforced due to the default hard-coded MSS of 48 bytes. This allows a remote attacker to cause a denial of service condition in the process...

Arbitrary Code Execution

httpd is vulnerable to arbitrary code execution. With MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by...

Denial Of Service

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for ...

Denial Of Service (DoS)

Apache HTTPD modauthnzldap is vulnerable to denial of serviceDoS attacks if configured with AuthLDAPCharsetConfig. A remote user could send a specially crafted Accept-Language header value to trigger an out-of-bounds memory write error and potentially cause the target service to crash...

Denial Of Service (DoS)

PHP is vulnerable to denial of serviceDoS attacks. An attacker could exploit a flaw in the PHAR archive handler by supplying a malicious archive file which may leads to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the pharparsepharfile function in...

Arbitrary Code Execution

dnsmasq is vulnerable to stack buffer overflows. A remote attacker on the local network could send a crafted DHCPv6 request to dnsmasq which would cause a denial of service crash or execute arbitrary code...

Memory Corruption

Firefox is vulnerable to memory corruption attacks. A remote user can exploit a flaw in the JIT code allocation allowing a bypass of ASLR and DEP protection. This leads to obtain potentially sensitive information on the target system...

Out-Of-Bounds Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Buffer Over-Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...