38355 matches found
Denial Of Service (DoS)
pjproject is vulnerable to denial of service. The vulnerability exists due to the library does not properly check the WAV file data length when it greater than 31-bit, allowing an attacker to crash the application by providing malicious WAV files...
Denial Of Service (DoS)
FreeType is vulnerable to denial of service. The vulnerability exists in sfntinitface function due to a segment violation which allows an attacker to cause an application crash...
Type Confusion
Google Chrome is vulnerable to type confusion. A remote attacker is able to exploit a heap memory corruption issue via a crafted HTML page, which leads to a use-after-free state in V8 Turbofan engine...
Path Traversal
studio-42/elfinder is vulnerable to path traversal. The vulnerability exists due to improper handling of absolute file paths in the getFullPathfunction. allowing a remote attacker to access data in the system...
Regular Expression Denial Of Service (ReDoS)
ckeditor4 is vulnerable to regular expression denial of service. The vulnerability exists due to a lack of sanitization of the input validator regular expression in dialog...
Information Disclosure
moodle/moodle is vulnerable to information exposure. The vulnerability exists due to a lack of sanitization in output field in the manage.php file, allowing to read sensitive information in the system...
Denial Of Service (DoS)
github.com/istio/istio is vulnerable to Denial Of Service DoS. The vulnerability exists because the library does not properly limit the reads from untrusted inputs, allowing an attacker to crash the application by providing maliciously crafted messages...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. An attacker is able to exploit the vulnerability by forcing a text reflow in an SVG object leading to a potentially exploitable crash...
Denial Of Service (DoS)
Chrome is vulnerable to denial of service. The vulnerability exists due to a Use after free in WebShare...
Arbitrary Code Execution
vm2 is vulnerable to arbitrary code execution. Remote attackers are able to inject and execute crafted malicious scripts on the host machine via direct access to host error objects generated by node internals during generation of a stacktraces...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow which allows an attacker to cause an application crash...
Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to a lack of sanitization...
Heap-Based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to the lack of sanitization of the help.ccauses a heap-based buffer overflow which could result in an application crash...
Denial Of Service (DoS)
expat is vulnerable to denial-of-service. The vulnerability exists in storeAtts function in xmlparse.c may lead to realloc misbehavior, allowing a malicious user to cause an application crash...
Denial Of Service (DoS)
firefox is vulnerable to denial of service. The vulnerability exists due to a heap-buffer-overflow in blendGaussianBlur allowing an attacker to crash the system by applying a CSS filter effect...
Denial Of Service (DoS)
python3 is vulnerable to denial of service. The vulnerability exists because the ftplib is using the host from the PASV response which allows an attacker to cause an application crash...
Denial Of Service (DoS)
kernel is vulnerable to Denial Of Service DoS. An Access Point AP forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and make...
Denial Of Service (DoS)
busybox is vulnerable to denial of service. An out-of-bounds heap read in unlzma leads to information leak and application crash when crafted LZMA-compressed input is decompressed...
Improper Input Validation
Java SE is vulnerable to Improper Input Validation. An attacker can perform service disruption through the Hotspot component in the oracle GraalVM enterprise edition...
HTTP Request Smuggling
puma is vulnerable to HTTP request smuggling. Incorrect handling of HTTP requests with LF characters as line endings, allows a remote attacker to smuggle a request through a proxy, causing the proxy to send a response back to the victim...
Privilege Escalation
github.com/moby/moby is vulnerable to privilege escalation. Attempting to copy files to a malicious container using docker cp allows an attacker to change the permission for existing files in the host's system...
Privilege Escalation
zoneminder is vulnerable to privilege escalation. The vulnerability exists due to a Time-of-check Time-of-use TOCTOU Race Condition...
Denial Of Service
FFmpeg is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference passed as argument to libavformat/aviobuf.c...
Privilege Escalation
kernel is vulnerable to privilege escalation. The vulnerability exists due to a race condition in the SCTP sockets net/sctp/socket.c which allows an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPFCGROUPINETSOCKCREATE is...
Denial Of Service (DoS)
tor:edge is vulnerable to denial of service. The vl one of three use after free UAF bugs...
Denial Of Service (DoS)
apache2 is vulnerable to denial of service. A null pointer dereference occurs when handling malicious HTTP/2 request. A remote attacker could use this flaw to crash the httpd child process, causing temporary denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. The ext4 file system implementation contains an integer overflow in ext4escacheextent when lblk + len exceeds 2^32. An attacker is able to crash the kernel by mounting a malicious file system...
Regular Expression Denial Of Service (ReDoS)
trim-newlines is vulnerable to Regular Expression Denial Of Service ReDoS. The usage of an insecure regular expression in the .end method allows an attacker to cause excessive resource consumption...
Information Disclosure
curl is vulnerable to information disclosure. The vulnerability exists in -t command line in CURLOPTTELNETOPTIONS because the option parser for sending NEWENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server which allows an attacker to...
Cross-Site Scripting (XSS)
ceph is vulnerable to cross-site scripting. The vulnerability exists due to a flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the...
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. The vulnerability can be caused by a privileged local user through the kbdkeycode function of keyboard.c, where an out of bounds write was possible due to a missing bounds check...
Denial Of Service (DoS)
glib:edge is vulnerable to denial of service. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption...
Arbitrary Code Execution
libxml2 is vulnerable to arbitrary code execution. A use-after-free occurs in xmllint when --html and --push options are used, allowing an attacker to execute arbitrary code on the host OS by submitting malicious files...
Privilege Escalation
exim4 is vulnerable to privilege escalation. The vulnerability exists due to insufficient validation of user-supplied input when processing new line characters. A remote attacker can inject a new line character into the spool header file and modify the mail queue...
CVE-2021-28148
One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a denial of service DoS...
Denial Of Service(DoS)
webkit2gtk is vulnerable to denial of service. A memory corruption happens due to processing of maliciously crafted web content, leading to an arbitrary code execution...
Authentication Bypass
botframework-connector is vulnerable to authentication bypass. The vulnerability exists as Skill claims found in the jwt token is not validated against the SkillValidation.isSkillClaim method...
Regular Expression Denial-of-Service (ReDoS)
pillow is vulnerable to regular expression denial of service. Usage of an insecure regex allows an attacker to cause excessive CPU consumption when parsing a malicious PDF file...
Arbitrary Code Execution
linux is vulnerable to arbitrary code execution. The vulnerabilitye exists as the kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and...
XML External Entity (XXE)
batik-svgbrowser is vulnerable to XML external entity attacks. An attacker is able to submit HTTP GET requests on behalf of the server using malicious arguments...
OS Command Injection
systeminformation is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands via service parameters that are passed to si.inetLatency, si.inetChecksite, si.services, si.processLoad etc...
Open Redirection
rails is vulnerable to open redirection. Inadequate validation and regex matching of URLs allows an attacker to bypass validation checks using a malicious Host header and redirect users to a malicious website...
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. The vulnerability exists through a use-after-free in the sound subsystem as card disconnection causes certain data structures to be deleted too early...
Buffer Overflow
glibc is vulnerable to buffer overflow. The vulnerability occurs when processing invalid multi-byte input sequences in the EUC-KR encoding...
Remote Code Execution (RCE)
firefox is vulnerable to remote code execution. The vulnerability exists due to a use-after-free error when processing COOKIE-ECHO chunk in a SCTP packet. An attacker can inject malicious data to the browser, triggering a use-after-free error and execute arbitrary code on the system...
Deserialization Of Untrusted Object
jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because untrusted classes org.apache.commons.dbcp2.datasources.SharedPoolDataSource was not filtered by default from the interaction between serialization gadgets and...
Prototype Pollution
datatables.net is vulnerable to prototype pollution. The vulnerabilities exists as it does not sanitize values of the proto and constructor headers...
NULL Pointer Dereference
SQLite is vulnerable to NULL pointer dereference. An attacker, interleaving reads and writes in a single transaction with an fts5 virtual table could cause denial of service conditions...
Arbitrary Code Execution
openjfx is vulnerable to arbitrary code execution.An easy-to-exploit vulnerability allows an unauthenticated attacker to compromise and takeover the Java SE...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. Incorrect optimization assumptions in V8 allows a remote attacker to execute arbitrary code inside a sandbox via a malicious HTML page...