38326 matches found
Denial Of Service (DoS)
.NET Core is vulnerable to denial of service DoS. This is due to the way the .NET applications process XML documents which could lead to a denial of service condition when a specially crafted request is submitted...
Remote Code Execution (RCE) Via Memory Corruption
microsoft.chakracore is vulnerable to remote code execution via memory corruption vulnerability. This happens when an attacker inputs a large numeric or spread array literal to ByteCodeGenerator, leading to an out-of-bounds write. This CVE ID is different from CVE-2017-11886, CVE-2017-11889,...
Insecure Defaults
Apache Tomcat is vulnerable to insecure defaults. The CORS filter provided by default is insecure as it enables supportsCredentials for all origins. This can allow a malicious user unauthorized access to sensitive resources...
Denial Of Service (DoS)
Guava is vulnerable to Denial Of Service DoS. The attacks are possible because AtomicDoubleArray and CompoundOrdering classes perform memory allocations without checking user provided data and its size...
Denial Of Service (DoS)
Apache poi is vulnerable to denial of service DoS attacks. Attackers can cause infinite loops, when parsing WMF, EMF, MSG and macro files. They can also cause Out-of-Memory OOM exceptions to occur when parsing DOC, PPT and XLS files...
Remote Code Execution (RCE)
Apache Synapse uses a vulnerable version of commons-collections. This allows attackers to exploit the use of the vulnerable library to perform remote code execution RCE attacks...
Remote Code Execution (RCE)
struts2-core is vulnerable to remote code execution attacks. The vulnerability exists when expression literals, or forcing expression in Freemarker tags, are used as request values. The default Freemark configuration allows ObjectConstructor, Execurt, and freemarker.template.utility.JythonRuntime...
Denial Of Service(DoS) Via CPU Consumption
WordPress is vulnerable to denial of service DoS attacks. The attacks exist because the hashing of large passwords are not properly handled, leading to high CPU usage...
Unauthorized Access
WordPress is vulnerable to unauthorized access. The attack is possible because the library uses the SERVERNAME variable to get the hostname of the server for PHP mail functions, allowing an attacker to modify the hostname of his choice and trigger a password reset function. However, the attack ca...
Copy-Paste Vulnerability (CPV) Through Libxml2
nokogiri has a copied version of the libxml2 library. The copy that nokogiri includes is vulnerable to CVE-2017-8872 which allows attackers to cause a denial of service DoS or information disclosure via a buffer overflow. This is caused by the htmlParseTryOrFinish method in the HTMLparser.c file...
Information Disclosure
Tomcat is vulnerable to information disclosure. The library does not use the appropriate facade object when making calls to certain application listeners. This allows an untrusted application to retain a reference to the object and access or modify the associated information...
Remote Code Execution (RCE)
Glassfish is vulnerable to remote code execution. It is because the JMXMPConnectorStarter is not updated to consider Oracle’s fix for CVE-2016-3427 where a remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. Therefore,...
Incorrect Key Verification
ansible is vulnerable to incorrect key verification. The library does not verify key fingerprints before uploading them. This allows a malicious user to generate a key with the desired 16 digit id and upload it to the server...
Directory Traversal
ImageMagick is vulnerable to directory traversal. The library does not escape relative paths, allowing a malicious user to upload an arbitrary module into the system...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass malformed PKCS7 or CMS data to the server that can cause a memory leak that can lead to the system crashing...
Denial Of Service (DoS) Through Null Pointer Dereference
OpenSSL is vulnerable to denial of service DoS attacks through a null pointer dereference and daemon crash. This is because there is an unexpected handshake during the unsupported protocols. NOTE: this issue became relevant after the CVE-2014-3568 fix...
DROWN Attack
OpenSSL is vulnerable to the DROWN attack. The DROWN attack is also known as a Bleichenbacher RSA padding oracle. This vulnerability allows a malicious user to recover a session key from SSL2.0 connections, allowing them to decrypt such connections...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. The library does not validate division results, allowing a malicious user to cause a denial of service via an out-of-bounds write by sending a overly large BIGNUM...
Denial Of Service (DoS)
OpenSSL is vulnerable to Denial Of Service DoS. A malicious user can send multiple large OCSP Status Request extension to the server. causing it to run out of memory and crash...
Improper Authentication
github.com/edgelesssys/contrast is vulnerable to Improper Authentication. The vulnerability is due to unauthenticated LUKS2 volume metadata and support for null key-encryption algorithms, which allows an attacker to craft a malicious volume that opens with any passphrase and captures all written...
Sensitive Information Disclosure
Azure.Identity is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper validation of user-supplied input, allowing an attacker to access sensitive information...
Memory Leakage
libcurl is vulnerable to a Memory Leakage. The vulnerability is due to the improper handling of HTTP/2 server push requests, allows server push and the number of received headers exceeds the maximum limit...
Out-of-Bounds Write
Apache Commons Configuration is vulnerable to Out-of-Bounds Write. The vulnerability is due to improper handling of a cyclical object tree, which can trigger a StackOverflowError when the ListDelimiterHandler.flatten method is called. This occurs because the method recursively traverses the objec...
Denial Of Service (DoS)
org.apache.commons: commons-compress is vulnerable to Denial Of Service DoS. This vulnerability is caused when uncompressing a corrupted PAC200 archive, which results in Denial of Service by consuming excessive system resources...
Use After Free
Canvas in Google Chrome is vulnerable to Use after free.The vulnerability is due to referencing memory after it has been freed which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Improper Certificate Validation
Snowflake.data is vulnerable to Improper Certificate Validation. The vulnerability is due to not checking the Certificate Revocation List CRL when insecureMode is set to its default value of false. This allows an attacker with access to the private key of a correctly issued certificate to execute...
Authentication Bypass
LibreNMS is vulnerable to Authentication Bypass. The vulnerability is due to improper rate limiting checks on login mechanisms using the GET method in the /?username=admin=password= endpoint. This can be exploited by an attacker to perform a brute force attack at the login endpoint, resulting in...
Denial Of Service (DoS)
libde265.so is vulnerable to Denial of Service DoS. The vulnerability is due to the slicesegmentheader function in the slice.cc component. An attacker is able to cause a DoS condition by crafting a specially crafted file and tricking the system into processing it. This could disrupt service on th...
Information Disclosure
wordpress is vulnerable to Information Disclosure. An attacker could exploit this vulnerability by tricking a user into installing a malicious Popup Builder plugin or by uploading a malicious plugin to a vulnerable WordPress installation. The malicious plugin would then inject malicious code into...
Use After Free
chromium is vulnerable to Use After Free. The vulnerability exists in the WebAudio component in the library, which allows an attacker to potentially exploit heap corruption via a crafted HTML page...
Information Disclosure
openssl is vulnerable to Information Disclosure. An incorrect cipher key & IV length processing vulnerability allows an attacker to exploit a flaw in the way that OpenSSL handles cipher key and IV lengths by tricking a user into opening a specially crafted file or connecting to a malicious server...
Out-of-bounds Read
libopensc.so is vulnerable to out-of-bounds reads. The vulnerability exists in card-myeid.c because it does not properly validate symmetric keys, which allows an attacker to send maliciously crafted responses to the APDU and read information outside of the intended range...
Denial Of Service (DoS)
bind is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a malicious DNS packet to a vulnerable named server. Once the vulnerability is exploited, the attacker could take control of the server and steal data, install malware, or disrupt service...
Insecure Temporary File Creation
Jenkins is vulnerable to Insecure Temporary File Creation. The vulnerability is due to creating a temporary file when a plugin is deployed directly from a URL. An attacker can exploit this vulnerability by deploying a plugin from URL resulting in access to the Jenkins controller file system with...
SQL Injection
cacti is vulnerable to SQL Injection attacks. An attacker could exploit this vulnerability by sending a specially crafted SQL injection payload to a vulnerable Cacti server. This payload could allow the attacker to escalate their privileges to the root user or execute arbitrary code on the server...
Man-in-the-Middle (MitM)
open-vm-tools is vulnerable to Man-in-the-Middle MitM attacks. This vulnerability can be exploited by an attacker with man-in-the-middle MITM network positioning between vCenter and the ESXi host hosting the virtual machine to bypass SAML token signature verification, to perform VMware Tools Gues...
Improper Access Control
nodejs is vulnerable to Improper Access Control. This vulnerability exists due to a flaw in the way the module.constructor.createRequire API can be used to bypass the policy mechanism. An attacker can exploit this vulnerability to load modules outside of the policy...
Denial Of Service (DoS)
mariadb is vulnerable to Denial of Service DoS attacks. The vulnerability occurs when MariaDB attempts to print a warning message for a query that fails. If the query contains a NULL value, MariaDB could dereference a NULL pointer and crash...
Insufficient Data Validation
chromium is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the insufficient data validation in Extensions, allowing an attacker to convince user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension...
Use After Free
Google Chrome is vulnerable to Use After Free. The vulnerability is due to improper memory management in the media API, which results in heap corruption via crafted HTML page...
Improper Certificate Validation
curl is vulnerable to Improper Certificate Validation. The vulnerability allows matching of wildcard patterns when listed as 'Subject Alternative Name' in TLS server certificates and could result in accepting patterns that otherwise should be mismatched...
Denial Of Services (DoS)
openssl is vulnerable to Denial Of Services DoS. The vulnerability exists due to the bug in the AES-XTS cipher decryption implementation for 64 bit ARM platform, which reads the past input buffer, leading to an application crash...
Improper Input Validation
OpenJDK is vulnerable to Improper Input Validation. An attacker can access to critical data or complete access to all Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through the multiple protocols...
Denial Of Service (DoS)
dnsmasq is vulnerable to Denial of Service DoS. The vulnerability exists because of the size of the UDP packet exceeds the defaults size which allows an attacker to cause an application crash...
Integer Overflow
chromium is vulnerable to interger overflow. A malicious attacker could perform a sandbox escape via a crafter html page by comprimising the renderer process leading to interger overflow...
Unauthorized Access
virtualbox is vulnerable to unauthorized access. The vulnerability allows low privilege attackers with logon to the infrastructure to execute a comprimise resulting unauthorized read access to a subset of virtualbox accessible data...
Memory Corruption
firefox is vulnerable to Memory Corruption. The vulnerability occurs if multiple instances of resource exhaustion happens at the incorrect time, the garbage collector could cause memory corruption and a potentially exploitable crash...
Denial Of Services (DoS)
graphql-java is vulnerable to Denial Of Services DoS. An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash...
Double Free
curl is vulnerable to Double Free. Two threads sharing the same HSTS data could end up doing a double-free or use-after-free due to missing mutexes or thread locks. This was introduced without consideration for sharing across separate threads, which could lead to a double-free or use-after-free...
Cross-site Scripting (XSS)
cacti is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the improper escaping of error message during template import preview in the xmlpath field in the templatesimport.php, allowing an attacker to inject and execute malicious javascript...