38355 matches found
Denial Of Services (DoS)
openssl is vulnerable to Denial Of Services DoS. The vulnerability exists due to the bug in the AES-XTS cipher decryption implementation for 64 bit ARM platform, which reads the past input buffer, leading to an application crash...
File Upload Validation Bypass
Django is vulnerable to File Upload Validation Bypass. The vulnerability exists due to the FileInput class in widgets.py because uploading multiple files using one form field has never been officially supported by forms.FileField or forms.ImageField as only the last uploaded file was validated,...
Integer Overflow
chromium is vulnerable to interger overflow. A malicious attacker could perform a sandbox escape via a crafter html page by comprimising the renderer process leading to interger overflow...
Unauthorized Access
virtualbox is vulnerable to unauthorized access. The vulnerability allows low privilege attackers with logon to the infrastructure to execute a comprimise resulting unauthorized read access to a subset of virtualbox accessible data...
Denial Of Services (DoS)
graphql-java is vulnerable to Denial Of Services DoS. An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash...
Cross-site Scripting (XSS)
cacti is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the improper escaping of error message during template import preview in the xmlpath field in the templatesimport.php, allowing an attacker to inject and execute malicious javascript...
Information Disclosure
linux is vulnerable to Information Disclosure. An attacker is able to gain access to leaked kernel pointers remotely via l2capparseconfreq function of net/bluetooth/l2capcore.c, resulting in disclosure of sensitive information...
Timing Attack
openssl is vulnerable to Timing Attack. The vulnerability exists in rsa/rsaossl.c because an attacker can recover ciphertext with a Bleichenbacher style attack by sending a large number of trial messages...
Command Injection
github.com/rancher/wrangler is vulnerable to Command Injection attacks. An attacker is able to change the library's behavior and cause confusion when a specially crafted command is executed through Git, because it uses the underlying Git binary present on the host OS or container image...
Remote Code Execution (RCE)
org.apache.karaf.jaas.modules is vulnerable to remote code execution. The vulnerability exists because the doCreateDatasource function in JDBCUtils.java does not properly validate the jndiName parameter in the JNDI scheme when a configuration uses a JNDI LDAP data source URI, allowing an attacker...
Denial Of Service (DoS)
ruby-nokogiri is vulnerable to denial of service DoS attacks. The library fails to check the return value from xmlTextReaderExpand in the method Nokogiri::XML::Readerattributehash which may lead to a null pointer exception when invalid markup is being parsed, causing denial of service conditions...
HTTP Response Splitting
netty-codec-http is vulnerable to HTTP response splitting attack. The vulnerability exists in the setObject function of DefaultHeaders.java as it takes the arrays and iterators as arguments, providing a way to bypass value validation allowing an attacker to inject malicious header values into the...
Denial Of Service (DoS)
netty-codec-haproxy is vulnerable to Denial Of Service DoS. The vulnerability is due to a StackOverflowError in the HAProxyMessage.java as it does not properly limit the maximum nesting of TLV, allowing an attacker to cause an application crash via infinite recursion by passing a maliciously...
Heap Buffer Overflow
Chromium and Electron are vulnerable to a Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write which can result in an application crash...
Use After Free
linux-azure, linux-aws, linux-gcp, linux-oracle and linux-kvm is vulnerable to Use After Free. The vulnerability exists in mm/mremap.c via a stale tlb because of a rmap lock is not held during a pud move...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists if the Garbage Collector was in a specific state, leading to memory corruption and potentially result in an application crash...
Authorization Bypass
github.com/cloudflare/cloudflare-warp is vulnerable to authorization bypass. The vulnerability is due to the type WarpRoutingConfig struct parameter in configuration.go not properly validating endpoint configuration parameters which allows to malicious users to bypassing Zero Trust enrolled...
Heap-based Buffer Overflow
tcppreplay is vulnerable to heap-based buffer overflow. The vulnerability exists in the parsempls in get.c which allows an attacker to cause buffer overflows...
Denial Of Service (DoS)
mediawiki is vulnerable to denial of service. The vulberability exists in HTMLUserTextField where the attacker will code a specially crafted code to expose the existence of the hidden users...
Arbitrary Code Execution
webkitgtk is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a out-of-bounds write issue which allows an attacker to send maliciously crafted web content that may lead to arbitrary code execution...
Denial Of Service (DoS)
php is vulnerable to Denial Of Service DoS. The vulnerability exists due to the phar uncompressor code which recursively uncompress quines gzip files, resulting in an infinite loop and deplete the system resource...
Denial Of Service (DoS)
kafka-clients is vulnerable to denial of service. An attacker can crash the application through the OutOfMemoryException in the readArray function of ByteBufferAccessor.java by providing large amounts of memory on brokers...
Denial Of Service (DoS)
jettison is vulnerable to Denial Of Service DoS. The vulnerability exists due to the stack overflow in the convertToJSONPrimitive function of DefaultConverter.java, allowing an attacker to cause an application crash by providing malicious input through the parser...
Improper Input Validation
chromium is vulnerable to improper input validation. The vulnerability exists due to improper input validation in Mojo extension, which allows a remote attacker to perform a sandbox escape via a crafted HTML page...
Remote Code Execution (RCE)
vm2 is vulnerable to remote code execution. The vulnerability exists in the Object.defineProperties function of setup-sandbox.js, allowing an attacker to bypass the sandbox protections by injecting and executing malicious code on the sandbox host...
Spoofing Attacks
moodle/moodle is vulnerable to spoofing attacks. The vulnerability exists in the getremoteaddr function in moodlelib.php, allowing an attacker to spoof a user's IP through the X-Forwarded-For headers, bypassing the remote address checks...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to the use after free in the library, allowing an attacker to crash the application by providing a malicious input...
Out-of-bounds Write
unzip:sid is vulnerable to out-of-bounds write. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...
Command Injection
s3-kilatstorage is vulnerable to command injection. The vulnerability exists due to a lack of sanitization of the input argument allowing an attacker to inject maliciously crafted OS command into the system...
Arbitrary Code Execution
xen is vulnerable to Arbitrary Code Execution. The vulnerability exists in Spectre variant under certain microarchitecture-dependent conditions which allows an attacker to inject and execute arbitrary speculative codes...
Use-After-Free
qemu is vulnerable to use-after-free. The vulnerability exists in USB EHCI controller emulation because EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets which allows an attacker to cause an application crash...
Command Injection
git-clone is vulnerable to command injection. The vulnerability exists due to the insecure usage of the --upload-pack feature of git. An attacker with the ability to control the options object provided to the clone function through the options.args array, is able to inject arbitrary commands to r...
Insecure Cryptography
ujson is vulnerable to insecure cryptography. The vulnerability exists in a JSON string contains escaped surrogate characters which are not part of a proper surrogate pair, the library may decode those characters incorrectly which allows remote attackers to cause unintended behavior in the...
Remote Code Execution (RCE)
openssl is vulnerable to remote code execution. The vulnerability exists due to the improper RSA implementation of AVX512IFMA instructions in X8664 CPUs, allowing an attacker to crash the application by providing a malicious input...
Out-of-Bounds Read
Apache HTTP Server is vulnerable to out of bounds read. The vulnerability exists due to a memory corruption when configured to process requests with the modisapi module...
Denial Of Service (DoS)
github.com/minio/minio is vulnerable to distributed denial of service attacks. The vulnerability exists in the serverMain function in server-main.go due to a lack of validation in client requests. This allows a malicious user to cause an application crash...
Denial Of Service (DoS)
libtiff is vulnerable to denial of service. The vulnerability exists due to a buffer overflow in the "invertImage" function in the component "tiffcrop" allowing an attacker to crash the system via the "invertImage"...
Command Injection
github.com/hashicorp/go-getter is vulnerable to command injection. The vulnerability exists in clone function in gethg.go due to improper handling of user input which allows an attacker to inject and execute arbitrary commands...
Privilege Escalation
cups is vulnerable to privilege escalation. The vulnerability exists due to gain elevated privileges which allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key...
Out-of-bounds Write
Qt is vulnerable to Out-of-bounds Write. The vulnerability exists in QtPrivate::QCommonArrayOps::growAppend which allows an attacker who is able to submit a crafted image file to an application that uses qsvghandler could cause an out-of-bounds write and potential denial of service...
Cross-Site Scripting (XSS)
total.js is vulnerable to stored cross-site scripting. The vulnerability exists in upload function due to lack of sanitization which allows an attacker to execute arbitrary javascript via a javascript embedded PDF file...
Denial Of Service (DoS)
org.apache.tika, tika is susceptible to denial of service. This vulnerability exists in the extractMetadata function in BPGParser.java due to invalid memory allocation which allows an attacker to crash the system via a crafted file...
Remote Code Execution
laravel/laravel is vulnerable to remote code execution. Improper deserialization in destruct in GuzzleHttp\Cookie\FileCookieJar.php allows an attacker to upload and execute malicious code via an unserialized pop chain...
Denial Of Service (DoS)
pjproject is vulnerable to denial of service. The vulnerability exists due to the library does not properly check the WAV file data length when it greater than 31-bit, allowing an attacker to crash the application by providing malicious WAV files...
Denial Of Service (DoS)
FreeType is vulnerable to denial of service. The vulnerability exists in sfntinitface function due to a segment violation which allows an attacker to cause an application crash...
Access Control Bypass
ceph is vulnerable to access control bypass. The vulnerability exists due to a flaw which allows key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks...
Type Confusion
Google Chrome is vulnerable to type confusion. A remote attacker is able to exploit a heap memory corruption issue via a crafted HTML page, which leads to a use-after-free state in V8 Turbofan engine...
Denial Of Service (DoS)
go:edge is vulnerable to denial of service DoS attacks. A malicious user is able to cause an application crash via a large amount of PEM data...
Out Of Bound Reads
vhost-vsockis vulnerable to out of bound reads. The vulnerability exists because, case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results...
Improper Access Control
calibreweb is vulnerable to improper access control. The vulnerability exists because the server doesn't properly validate the user permissions when rendering HTML containing shelf name which allows an attacker to gain access to names of all private shelves...