Denial Of Service (DoS)

expat is vulnerable to denial of service DoS. The attack exists because XML parser does not validate and handle the XML names input with large number of colons, consuming high CPU and memory...

Prototype Pollution

lodash is vulnerable to prototype pollution. The vulnerability exists due to the ability to inject properties in .defaultsDeep, which allows DoS, and possibly other forms of attacks...

Information Disclosure

Undertow Core is vulnerable to information disclosure. Confidential information such as HTTP Authentication for HttpServerExchange object at ERROR level are logged in plain text using UndertowLogger.REQUESTLOGGER.undertowRequestFailedt, exchange by Connectors.executeRootHandler:402...

Information Disclosure

Python is vulnerable to information disclosure vulnerability. This is because, the python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of service DoS attacks. A remote user can send specially crafted HTTP/2 requests to cause worker processes to be allocated for 60 seconds longer than required, consuming excessive worker resources casing a worker exhaustion and an application crash...

Information Disclosure

PHP is vulnerable to information disclosure attacks. A remote user could trigger an information leak in the date extension's timelibmeridian parsing code to obtain potentially sensitive information from the interpreter...

Information Disclosure

admin-cli in Red Hat JBoss Enterprise Application Platform is vulnerable to information disclosure. This vulnerability exists due to EAP feature to download server log files that allows logs to be available via GET requests causing cross-origin attacks. An attacker could trigger the user's browse...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic acce...

Arbitrary File Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...

Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...

Information Disclosure

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

Privilege Escalation

The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the joinsessionkeyring function. A local, unprivileged us...

Denial Of Service (DoS)

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could u...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through the reference counter in the ipcrcuputref function...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS. The vulnerability exists as the parserockridgeinodeinternal function incorrectly handles iso9660 images with self-referential CL entry...

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Denial Of Service (DoS)

The openstack-nova packages provide OpenStack Compute Nova, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible...

Arbitrary Code Execution

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Memory Corruption

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Privilege Escalation

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...

Denial Of Service (DoS)

python is vulnerable to denial of service. An attacker is able to cause a denial of service condition via regex catastrophic backtracking in apop function in pop3lib...

Remote Code Execution Through Deserialization Attack

Apache ActiveMQ Artemis is vulnerable to deserialization attacks. The JMS specification outlines a getObject method on the javax.jms.ObjectMessage class. The Apache Artemis implementation of this method allows the deserialization of objects, from untrusted sources. There are several places where...

Arbitrary Code Execution

php55 is vulnerable to arbitrary code execution attacks. The vulnerability exists as a use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary...

Denial Of Service (DoS)

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted Content-Type header that bypasses a loop's intended exit conditions...

Remote Code Execution (RCE)

catalina is vulnerable to a remote code execution RCE attack. The library allows the replacement of the XML parser used for other web applications, allowing a malicious user to gain access to the applications' web.xml, context.xml or tld files...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to a type confusion in boundfunction handling which could lead to memory corruption and allow an attacker in memory to execute arbitrary code in the context of the authenticated user. This CVE ID is different from...

Insecure Defaults

Apache Derby is vulnerable to insecure defaults. An attacker can send network packets to a Derby Network Server to maliciously boot a database under their control control. The attack is only possible when the Java Security Manager policy file permits the reading of database locations, which is th...

Carry Propagation

OpenSSL is vulnerable to a carry propagation issue with the x8664 Montgomery squaring procedure. This attack can be carried out against unpatched systems using a target private key with persistent DH parameters and a private key which is shared with multiple clients. This could in some...

Remote Code Execution (RCE)

The nokogiri gem is susceptible to remote code execution RCE attacks. The attacks exist because the library uses the C package libxml2 which is vulnerable to CVE-2017-0663, allowing a malicious user to pass a XML file to execute arbitrary code or crash the application...

Heap-based Buffer Overflow Through Embedded C Dependency

The nokogiri gem contains a libxml2 package which is vulnerable to heap-based buffer overflow. The vulnerability is due to CVE-2016-1839 which is caused when a malicious XML file is passed to xmllint in xmlDictAddString...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks and possibly other attacks. A malicious user can pass a reused session ticket to the system that can cause a double free that can lead to the system crashing...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because the AES-NI functionality for TLS 1.1 and 1.2 can cause an application crash through CBC data...

ECDHE-to-ECDH Downgrade Attacks

OpenSSL is vulnerable to ECDHE-to-ECDH downgrade attacks. This is due to a flaw in ssl3getkeyexchange which allows attackers to trigger a loss of forward secrecy to omitting the ServerKeyExchange message...

Unsafe Number Generation

OpenSSL uses unsafe number generation. The library generates unsafe prime numbers, allowing a malicious user that can force a peer to perform multiple handshakes to conduct a man-in-the-middle attack...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a long digit string in hex format to trigger an integer overflow, which can cause heap memory corruption or null pointer dereferences that can cause the system to crash...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can cause a memory leak by seeking to connect to the system with an invalid username. By opening multiple invalid connections this way, the malicious user can cause the system to run out of memory...

Weak Cryptographic Protection

expat is vulnerable to having its cryptographic protection mechanisms defeated. This would only be possible when a parser that has not called XMLSetHashSalt or passed it a seed of 0. It is possible due to the use of the srand function...

OS Command Injection

php81 is vulnerable to OS Command Injection. The vulnerability is due to misinterpretation of characters in the command line by the PHP CGI module when using certain code pages on Windows. This may allow a malicious user to pass options to the PHP binary, potentially revealing source code, runnin...

Command Injection

llamaindex is vulnerable to Command Injection. The vulnerability is due to insufficient input validation in the safeeval function, allowing attackers to craft inputs that execute arbitrary OS commands without containing underscores, thus bypassing security checks...

Remote Code Execution

WordPress is vulnerable to Remote Code Execution RCE. The vulnerability is due to a defect in the Plugins - Add New - Upload plugin functionality where uploaded file other than a zip file remains temporary available in the Media Library despite being not allowed during FTP upload when that file i...

Path Traversal

vite is vulnerable to Path Traversal. The vulnerability is due to mishandling patterns containing directories caused by the server.fs.deny option. This allows an attacker to gain unauthorized access to certain files...

Denial Of Service (DoS)

Clojure is vulnerable to Denial of Service DoS. The vulnerability is caused due to a lack of input validation in the clojure.core$partial$fn5920 function, which is part of the deserialization process. When an attacker manipulates the deserialization of inputs, they can exploit this function to...

Arbitrary Code Execution

pillow is vulnerable to Arbitrary Code Execution. The vulnerability is due to an improper neutralization/sanitization of keys passed to the PIL.ImageMath.eval function environment parameter. An attacker can execute arbitrary code if they have control over the keys passed to PIL.ImageMath.eval...

Buffer Overflow

Vyper is vunlnerable to Buffer Overflow. The vulnerability is caused by buildIR for concat improperly adhering to the API of copy functions for =0.3.2 the copybytes function which results in Buffer Overflow...

Cookie Mixed Case PSL Bypass

Curl is vulnerable to Cookie Mixed Case PSL Bypass. The vulnerability is caused due to a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List PSL. This allows a malicious HTTP server to set "super cookies" in curl that are passed back to more origi...

Denial Of Service (DoS)

ch.qos.logback:logback-classic is vulnerable to Denial Of Service DoS. The vulnerability is due a missing check on the length of an argument array during the deserialization process. This could lead to Denial of Service attacks by sending crafted data...

Deserialization Of Untrusted Data

org.apache.activemq is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to org.jolokia.http.HttpRequestHandlerhandlePostRequest creating a JmxRequest through a JSONObject and calls to org.jolokia.http.HttpRequestHandlerexecuteRequest. This issue can be exploited by an...

Denial Of Service (DoS)

samba is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a series of malicious RPC requests to a vulnerable Samba server. The RPC requests would be designed to cause the server to block for a long period of time, which would prevent legitimate users fr...

Remote Code Execution (RCE)

rar is vulnerable to Remote Code Execution RCE. This vulnerability exists due to a flaw in the way WinRAR parses recovery volume names in the old RAR 3.0 format. A remote attacker can exploit this vulnerability by tricking the victim to open a specially crafted archive, which could lead to...