Dictionary Attacks

samba is vulnerable to dictionary attacks. The vulnerability exists in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail ...

NULL Byte Injection

PHP7 is vulnerable to NULL byte injection. While using getheaders with user-supplied URL, if the URL contains null byte \0, the URL will be silently truncated. This causes certain software to make incorrect assumptions about the target of the getheaders and potentially send confidential informati...

Denial Of Service (DoS)

samba is vulnerable to denial of service. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an attacker is able to cause a stack overflow leading to an application crash...

Arbitrary Code Execution

grub2 is vulnerable to arbitrary code execution. The vulnerability exists through a crafted grub.cfg file during boot process...

Denial Of Service (DoS)

unbound is vulnerable to Denial of Service DoS. The attack exists because of an Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...

Arbitrary Code Execution

qemu-kvm-rhev is vulnerable to arbitrary code execution. The vulnerability exists in slirp where an out of bounds OOB buffer access while emulating tcp protocols in tcpemu...

Denial Of Service (DoS)

ghostscript is vulnerable to denial of service DoS. The vulnerability exists as the memgetbitsrectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A use-after-free vulnerability in blkaddtrace in kernel/trace/blktrace.c allows an attacker to crash the system...

Insecure Password Reset Mechanism

wordpress uses an insecure password reset mechanism. A user's password reset link does not become invalidated upon a successful password change. This would allow an attacker to reset the user's password again if the password reset link was discovered...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way CIFS shares with DFS referrals at their root were handled. An attacker on the local network who is able to deploy a malicious CIFS server could create a CIFS network share that, when mounted,...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a non-member VLAN virtual LAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime OSCAR protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this...

Brute-force Attack

postgresql is vulnerable to brute-force attacks. The vulnerability exists as a signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII...

Access Control Bypass

firefox is vulnerable to access controls restrictions bypass. A flaw was found in the way Firefox processed the "Enter" keypress event. A malicious web page could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to denial of service. A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user runni...

Arbitrary Code Execution

thunderbird/firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists as a buffer overflow flaw in the DEC Alpha OSF partition implementation in the Linux kernel could allow a local attacker to cause an information leak by mounting a disk that contains specially-crafted partition tables...

Same Origin Policy Bypass

WebKitGTK+ is vulnerable to same origin policy bypass. It was found that WebKit did not correctly restrict read access to images created from the "canvas" element. Malicious web content could allow a remote attacker to bypass the same-origin policy and potentially access sensitive image data...

Information Disclosure

kernel is vulnerable to information disclosure. Missing initialization flaws in the Linux kernel could lead to information leaks...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. An attacker is able to exploit the vulnerability within the OS font implementation to execute arbitrary code using malformed OpenType fonts by verifying the font file prior to use...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

Privilege Escalation

kernel is vulnerable to privilege escalation. A miscalculation of the size of the free space of the initial directory entry in a directory leaf block was found in the Linux kernel Global File System 2 GFS2 implementation. A local, unprivileged user with write access to a GFS2-mounted file system...

Denial Of Service (DoS)

java is vulnerable to denial of service DoS. The vulnerability exists in in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit...

Arbitrary Code Execution

thunderbird is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird...

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists as the absence of a protection mechanism when attempting to access a critical section of code, as well as a race condition, have been found in the Linux kernel file system event notifier, dnotify. This could allow a local...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox...

Directory Traversal

github.com/containers/buildah is vulnerable to directory traversal. The image building process does not properly handle file path as well as symlinks. An attacker is able to exploit the vulnerability to overwrite arbitrary files on the file system and potentially escalation privileges by...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS. The attack exists because the function WriteTIFFImage of coders/tiff.c causes memory leaks in AcquireMagickMemory , allowing an attacker to input a malicious image file to trigger a heap-based buffer over-read...

HTTP Request Smuggling

Node is vulnerable to HTTP request smuggling. Failure to validate malformed HTTP requests allows an attacker to smuggle HTTP requests using malicious Transfer-Encoding header...

Cross-Site Request Forgery (CSRF)

spring-web is vulnerable to cross-site request forgery CSRF. The CORS preflight requests does not validate the Origin header and allows for CSRF attacks. Non-authenticated endpoints are vulnerable except for Chrome-based browsers using client certificates authentication...

Reflected File Download

spring-web is vulnerable to reflected file download. The filename attribute that is derived from the user-supplied Content-Disposition header is not validated and sanitized, potentially resulting in the downloaded content of the response to be saved and executed as a file by the user's browser...

Denial Of Service (DoS)

ASP.NET Core is vulnerable to denial of service. Improper handling of web requests allows a remote attacker to cause a denial of service condition in the application via vectors related to SignalR...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. Intel GPU results in a denial of service condition while accessing MMIO in lower power state...

Denial Of Service (DoS)

OpenJDK is vulnerable to denial of service DoS. The vulnerability exists through an unexpected exception thrown by XPath processing crafted XPath expression...

Information Disclosure

php is vulnerable to information disclosure. An out-of-bounds read in the function base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c causes PHP to read memory outside of the allocated buffers...

Information Disclosure

php is vulnerable to information disclosure. An uninitialized read in the function exifprocessIFDinMAKERNOTE allows an attacker to potentially read confidential information off uninitialized memory...

Directory Traversal

LibreOffice is vulnerable to directory traversal. Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning...

Authorization Bypass

httpd is vulnerable to authorization bypass. The vulnerability exists as modauthdigest has an access control bypass issue due to race condition...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists through a NULL pointer dereference in drivers/scsi/megaraid/megaraidsasbase.c leading to DoS...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists in HID debug where a buffer overflow in hiddebugeventsread in drivers/hid/hid-debug.c...

Information Disclosure

firefox/thunderbird is vulnerable to information disclosure. Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method...

Remote Code Execution (RCE) Through Deserialization

jackson-databind is vulnerable to remote code execution RCE attacks. This is due to a polymorphic typing issue when Default Typing is enabled. An attacker can craft a malicious JSON to invoke com.mysql.cj.jdbc.admin.MiniAdmin class, allowing the attacker to host a MySQL server or read arbitrary...

Arbitrary Code Execution

The Redis command line tool 'redis-cli' is vulnerable to arbitrary code execution through the -h host command line parameter which allows an attacker to achieve code execution and escalate to higher privileges...

Information Disclosure

PHP is vulnerable to information disclosure attacks. A remote user could trigger an information leak in the date extension's timelibmeridian parsing code to obtain potentially sensitive information from the interpreter...

Denial Of Service (DoS)

Oracle Java SE is vulnerable to denial of service DoS attacks. The vulnerability exists in an unknown functionality of the subcomponent JMX. An unauthenticated attacker with network access via multiple protocols could compromise Java SE, Java SE Embedded, JRockit causing a partial denial of servi...

Authorization Bypass

Linux kernel is vulnerable to authorization bypass attacks. This is because net/netfilter/nfnetlinkcthelper.c function does not require the CAPNETADMIN capability for new, get, and del operations. This allows local users to bypass intended access restrictions...

Privilege Escalation

Linux kernel is vulnerable to privilege escalation vulnerability. The vulnerability exists in the xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel. Local users could cause a denial of service via vectors involving omission of the firmware name from a certain dat...

Key Reinstallation Attack (KRACK)

WPA and WPA2 are vulnerable to key reinstallation attacks KRACK. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key GTK during a group key handshake...

Denial Of Service (DoS)

Apache httpd is vulnerable to denial of serviceDoS attacks. A remote user could send a specially crafted sequence of request headers to trigger a buffer overread error in apfindtoken and cause a segmentation fault which leads application to a crash...

Denial Of Service (DoS)

Apache HTTP Server is vulnerable to denial of serviceDoS attacks. A remote attacker can exploit a flaw in the modauthdigest module of httpd which does not properly check memory allocation failures causing httpd child processes to repeatedly crash if the server used HTTP digest authentication...