38355 matches found
Use After Free
kernel is vulnerable to use after free. The vulnerability exists due to a memory corruption in the hsofreenetdevice function of drivers/net/usb/hso.c which allows an attacker to escalate their privileges on the system...
Denial Of Service (DoS)
MariaDB is vulnerable to denial of service. The vulnerability exists due to a deadlock indsxbstream.cc, crashing the system when an error occurs streamctxt-destfile == NULL while executing the method xbstreamopen...
Denial Of Service (DoS)
.NET and Visual Studio are vulnerable to denial of service. The vulnerability exists due to a flaw in dotnet allowing an attacker to crash the system by applying MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...
Path Traversal
firefox is vulnerable to Path Traversal. A remote attacker is able to use the % character in filenames to store the data outside of the intended directory using windows environment variables, such as %HOMEPATH% or %APPDATA%...
Improper Access Control
github.com/awake1t/linglong is vulnerable to access control bypass. The vulnerability exists in the jwt.go due to the hard coded jwt token which allows an attacker to craft a malicious cookie and gain access to the system...
Cross-Site Request Forgery (CSRF)
XXL Job Core is vulnerable to cross-site request forgery. The vulnerability exists in xxl-job-admin component due to less restrictions of user permissions which allows an attacker to perform unauthorized actions...
Integer Overflow
org.springframework.security:spring-security-crypto is vulnerable to integer overflows. The encoder does not perform any salt rounds when the BCrypt class is used with the maximum work factor31, allowing a local authenticated attacker to cause an integer overflow error resulting in the attacker...
Information Disclosure
moodle is vulnerable to information disclosure. The vulnerability exists due to the $hiddenfields not properly set in user/profile.php and in user/view.php allowing the description user field to be seen even when it is set to hidden...
Denial Of Service (DoS)
openssl3 is vulnerable to denial of service. The vulnerability exists because the OPENSSLLHflush function reuses the memory occupied by the removed hash table entries, allowing an attacker to cause an application crash...
Denial Of Service (DoS)
spring-messaging is vulnerable to denial of service. The vulnerability exists because the handleMessageInternal function of SimpleBrokerMessageHandler.java does not properly handle to ignore the invalid STOMP frames, allowing an attacker to cause an application crash through the WebSocket endpoin...
Denial Of Service (DoS)
libxml2.so is vulnerable to denial of service. The xmlBufCreateSize function of buf.c does not properly check types of buffer sizes, allowing an attacker to crash the application by providing large multi-gigabyte buffers...
Cross-Site Scripting (XSS)
Liferay Layout SEO Web is vulnerable to stored cross-site scripting. The vulnerability exists in getOpenGraphTag function in OpenGraphTopHeadDynamicInclude.java due to lack of html escaping which allows an attacker to inject and execute arbitrary javascript...
Remote Code Execution (RCE)
jenkins-2-plugins is vulnerable to remote code execution. The vulnerability exists due to a sandbox bypass allowing attackers to execute arbitrary code on the system...
Buffer Overflow
glibc is vulnerable to buffer overflow. The vulnerability exists due to a memory corruption when the size of the buffer is exactly 1 which allows an attacker to control the input buffer and size passed to getcwd in a setuid program...
HTTP Request Smuggling (HRS)
twisted is vulnerable to http request smuggling. The vulnerability exists in twisted.web due to inconsistent interpretation of http requests which allows a remote attacker to conduct HTTP request smuggling attacks via a crafted request...
Denial Of Service (DoS)
.NET and Visual Studio are vulnerable to denial of service. The vulnerability exists due to a lack of sanitization allowing an attacker to crash the system...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists due to the lack of sanitization of access to the i915 Intel GPU...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization allowing an attacker to crash the system...
Use After Free
chromium is vulnerable to use after free. The vulnerability exists in Optimization Guide which allows an attacker to cause a memory corruption...
Denial Of Service (DoS)
Jenkins is vulnerable to denial of service. The vulnerability exists due to earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage...
Buffer Overflow
mruby is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to a lack of sanitization...
Buffer Overflow
Slurm is vulnerable to buffer overflow. The vulnerability exists in the PMIx MPI plugin which causes a buffer overflow which leads to an application crash...
Cross-site Scripting (XSS)
WordPress is vulnerable to cross site scripting. The vulnerability exists due to an Inappropriate implementation allowed a remote privileged authenticated users to abuse content security policy...
Authorization Bypass
Google Chrome is vulnerable to authorization bypass. This is because the insufficient policy enforcement in background fetch in prior to 96.0.4664.45 allows a remote attacker to bypass same origin policy via a crafted HTML page...
Cross-site Scripting (XSS)
mermaid is vulnerable to cross-site scripting. The vulnerability exists in the sanitizeUrl function in the svgDraw.js, allowing an attacker to inject and execute malicious javascript through the malicious diagrams...
Denial Of Service (DoS)
linux-oracle:hirsute is vulnerable to denial of service. A memory leak in the ccprunaesgcmcmdfunction in drivers/crypto/ccp/ccp-ops.c in the Linux kernel allows attackers to cause an application crash...
Denial Of Service (DoS)
thunderbird and firefox are vulnerable to denial of service. The vulnerability exist due to an incorrect type conversion of sizes from 64bit to 32bit integers which allows an attacker to corrupt memory...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service DoS attacks. A flaw out of bounds memory access in the Linux kernel bluetooth subsystem was found in the way when some data being read about the bluetooth device with the hciextendedinquiryresultevt call. A local user could use this flaw to crash the...
Information Disclosure
kernel is vulnerable to information disclosure. The vulnerability exists due to Insufficient control flow in certain data structures...
Signature Verification Bypass
The exploitation of this flaw requires RPM's package verification level to be set to "digest" or "none". In addition, to exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM. It is strongly recommended to only use RPMs fr...
Denial Of Service (DoS)
linux kernal ipc is vulnerable to denial of service. The vulnerability exists due to a memory overflow in the memcg subsystem which allows a attacker to cause an application crash...
Improper Input Validation
Java SE is vulnerable to improper input validation. An attacker can perform service disruption through the utility component in the oracle GraalVM enterprise edition...
HTTP Request Smuggling (HRS)
nodejs is vulnerable to HTTP Request Smuggling HRS. The vulnerability exists due to an error related to a space in headers which allows an attacker to poison the web cache, bypassing the web application...
Arbitrary Code Execution
crossbeam-deque is vulnerable to remote code execution. The vulnerability exists due to a race condition in the "Stealer::steal", "Stealer::stealbatch" and "Stealer::stealbatchandpop" functions. A remote attacker can exploit the race and gain unauthorized access to sensitive information...
Denial Of Service (DoS)
qemu:sid is vulnerable to denial of service. The vulnerability exists because the numbuffers being set after the virtqueue elem has been unmapped, allowing an attacker to crash the application through the use after free...
Prototype Pollution
aurelia-path is vulnerable to prototype pollution. An attacker is able to modify object class Object by tricking an application to parse the following URL: https://aurelia.io/blog/?protoasdf=asdf...
Man-In-The-Middle Attack (MitM)
curl is vulnerable to Man in the middle attack. The vulnerability exists due to a lack of clearing of previous cached responses, treating them as valid and authenticated...
Arbitrary Code Execution
chakracore is vulnerable to arbitrary code execution. A memory corruption vulnerability allows an attacker to execute arbitrary code on the host OS. This CVE ID is different from CVE-2020-17054...
Man In The Middle (MitM)
ruby2.7 is vulnerable to Man In the Middle Attack. An attacker may bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a “StartTLS stripping attack.”...
Privilege Escalation
kernel is vulnerable to privilege escalation. A refcount leak in llcpsockconnect results in a use-after-free bug which can lead to privilege escalation...
Directory Traversal
django is vulnerable to Directory Traversal. Lack of path sanitation allows checking of existence of arbitrary files via the use of admindocs TemplateDetailView view by any staff members. Moreover, the default admindocs templates allows developers to customize in such a way that reveals the conte...
Denial Of Service (DoS)
github.com/go-gitea/gitea and x/net/html of github.com/golang/go are vulnerable to Denial Of Service DoS. An infinite loop is caused when an attacker sends a malicious input to ParseFragment...
Billion Laugh Attack
libxml2:sid is vulnerable to billion laugh attack via parameter entities expansion and following the line of the billion laugh attack...
Information Disclosure
postgresql is vulnerable to information disclosure. The vulnerability exists through the use of an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, allowing arbitrary bytes of server memory to be read. The CREATE and TEMPORARY privileges on all databases and the CREATE...
Authorization Bypass
java is vulnerable to Authorization Bypass. A difficult to exploit vulnerability allows unauthenticated attacker with network access to affect intgrity of the system. The attack requires human interaction from a person other than the attacker...
Padding Oracle Attack
jose is vulnerable to padding oracle attack. A possible observable difference in timing when padding error occurs while decrypting the ciphertext allows an attacker to obtain the plaintext data without knowledge of the decryption key...
Denial Of Service (DoS)
etcd is vulnerable to denial of service. A panic occurs in decodeRecord method when a large slice is processed due to a lack of validation on the size of record...
Privilege Escalation
grub2 is vulnerable to privilege escalation. The vulnerability exists as variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with ...
Denial Of Service(DoS)
Jetty is vulnerable to denial of service DoS. The use of multiple Accept headers with a large number of quality causes a high CPU usage, resulting in long durations of CPU processing and crashing of the application...
Arbitrary Code Execution
qemu is vulnerable to arbitrary code execution. An out-of-bound heap buffer access via an interrupt ID field could potentially allow an attacker to execute arbitrary code on the host OS...