38355 matches found
Denial Of Service (DoS)
The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...
Privilege Escalation
An attack technique against the W3C XML Encryption Standard when block ciphers were used in CBC mode could allow a remote attacker to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram. CVE-2011-1096 JBoss Web Services leaked side-channe...
Arbitrary Code Execution
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Privilege Escalation
IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security...
Sandbox Restrictions Bypass
openjdk is vulnerable to sandbox restrictions bypass. An improper permission check issue was discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...
Denial Of Service (DoS)
Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF Extensible Record Format capture files. If Wireshark opened a...
Denial Of Service (DoS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Access Restriction Bypass
JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the...
Memory Corruption
The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. Detailed vulnerability descriptions are linked fr...
Memory Corruption
The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. Detailed vulnerability descriptions are linked fr...
Denial Of Service (DoS)
nginx is vulnerable to denial of service. The implementation of HTTP/2, when compiled with ngxhttpv2module and if the http2 option of the listen directive is used in a configuration file, contains a vulnerability which would allow an attacker to crash the service from excessive memory consumption...
Open Redirection
tomcat-catalina is vulnerable to open redirection. The vulnerability is possible because the library creates a protocol-relative redirect in the default servlet when generating a redirect to a directory, allowing an attack through any malicious URL...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS attacks. The vulnerability exists as the tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and system crash by triggering a disconnect within a...
Use-After-Free
Linux kernel is vulnerable to privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKETV3 ring buffer. A local user able to op...
Arbitrary Code Execution
rh-mariadb100-mariadb is vulnerable to arbitrary code execution attacks. The vulnerability exists as a heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by...
Denial Of Service (DoS)
net-snmp is vulnerable to denial of service DoS attacks. The vulnerability exists as snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service snmptrapd crash via a crafted SNMP trap message, which triggers a conversion to the...
Double Free Vulnerability
PHP is vulnerable to a double free. It is due to a flaw in zendtshashgracefuldestroy function in the PHP ZTS module...
Denial Of Service (DoS)
Mozilla Firefox is vulnerable to denial of service. The application does not properly process malformed web content, which would allow a remote attacker to crash a user's application via malicious H.264 video data in an m4v file...
Denial Of Service (DoS)
libkrb5.so is vulnerable to denial of service DoS attacks. The vulnerability exists in the krb5gssprocesscontexttoken function of lib/gssapi/krb5/processcontexttoken.c where a terminated security-context handle could be used by authenticated users to cause a Denial of Service DoS attack...
Directory Traversal
Django is vulnerable to directory traversal attacks. Attacker can perform unauthorized file access using the ssi templating tag which is configured in the ALLOWEDINCLUDEROOTS setting incorrectly. Therefore it is opening up the loophole to use relative path provided in the ALLOWEDINCLUDEROOTS...
Arbitrary File Access Using A Symlink Attack
rack/file.rb Rack::File in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATHINFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka 'symlink path...
Denial Of Service (DoS)
httpd is vulnerable to denial of service DoS attacks. The vulnerability exists as moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in whi...
Remote Code Execution (RCE)
httpd is vulnerable to remote code execution RCE. The modrewrite.c in the modrewrite module does not sanitize non-printable characters before writing to a log file, allowing a remote attacker to inject escape sequences for a terminal emulator into the log file via an HTTP request, resulting in...
Directory Traversal When Route Globbing Configurations Are Enabled
Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...
Remote Code Execution (RCE)
busybox is vulnerable to remote code execution RCE attacks. The vulnerability exists in the decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffe...
Cross-site Scripting (XSS)
Python SimpleHTTPServer is vulnerable to cross-site scripting XSS. The listdirectory function in Lib/SimpleHTTPServer.py does not set a charset parameter in the Content-Type HTTP header, allowing an attacker to inject arbitrary Javascript through UTF-7 encoding into Internet Explorer 7 browser vi...
Memory Corruption
Oracle MySQL has a stack-based buffer overflow vulnerability. It does not handle checking of user permission in MySQL, allowing an authenticated user to crash the mysqld daemon and subsequently leading to arbitrary code execution with the privileges of the user running the application...
Remote Code Execution (RCE)
jackson-databind is susceptible to deserialisation vulnerability. The vulnerability is due to the lack of openjpa class blockage, allowing a remote attacker to leverage this vulnerability to execute arbitrary code...
Authentication Bypass
catalina is vulnerable to authentication bypass attacks. The vulnerability exists due to the improper handling of failed undeploy where the appBase files can remain after the failed undeploy process...
Out-of-Bounds Read
libcurl.so is vulnerable to a out-of-bounds read. The warning message display function does not format the display information correctly when a warning is longer than 80 bytes, leading to an out-of-bounds read that can disclose sensitive information from the buffer or crash the application...
Open Redirection
tomcat-catalina is vulnerable to open redirection. The vulnerability is possible because the library creates a protocol-relative redirect in the default servlet when generating a redirect to a directory, allowing an attack through any malicious URL...
Man-in-the-Middle (MitM)
node.js is vulnerable to a man-in-the-middle MitM attack. The library does not properly handle the wildcard character in the X.509 Certificate namefields. This can allow a malicious user to spoof servers and cause a MitM attack...
Information Disclosure
tomcat is vulnerable to information disclosure attacks. The vulnerability exists due to the mishandling of close in the NIO and NIO2 connectors where user sessions can be mixed up, causing information disclosure...
Vulnerability Through C Libraries
chef uses vulnerable versions of LibXML2, OpenSSL and LibXSLT. These vulnerabilities are included due to the omnibusoverride file using the vulnerable versions. LibXML2 is vulnerable to the following CVEs: CVE-2017-9050, CVE-2017-9049, CVE-2017-9048, CVE-2017-9047, CVE-2017-8872, and CVE-2016-931...
Arbitrary Command Execution
Dulwich is vulnerable to arbitrary command execution. When using the SSH subprocess, an attacker can use an ssh URL with the - dash character in the hostname.This is related to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...
Denial Of Service (DoS)
ImageMagick is susceptible to denial of service DoS attacks. The vulnerability is caused due to not properly handling memory allocation in the formatIPTC method in coders/meta.c...
Arbitrary Code Execution Through Serialization
QOS.ch Logback is vulnerable to arbitrary code execution through serialization. It is possible to write untrusted objects from the Logger, allowing arbitrary code execution. This is related to CVE-2017-5929...
Remote Code Execution (RCE)
phpunit is vulnerable to remote code execution RCE attacks. A malicious user can inject and execute arbitrary PHP script by using the ?php tag and sending a POST request to the eval-stdin.php file on the system...
HTTP Smuggling
undertow is vulnerable to HTTP Smuggling attacks. The library does not verify that messages do not contain invalid headers, allowing a malicious user to conduct http smuggling that can lead to cross-site scripting attacks. This is related to an incomplete fix in CVE-2017-2666...
Cross-site Scripting
console-common is vulnerable to cross-site scripting XSS attacks. They are possible because it does not perform HTML escaping properly...
Cipher Bypass
OpenSSL is vulnerable to cipher bypasses. A malicious user can negotiate and complete an SSLv2 handshake with the server even if the ciphers have been disabled on the server. SSLv2 handshakes are vulnerable to man-in-the-middle attacks...
Denial Of Service (DoS) Through Memory Consumption
OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because there is a memory leak in the tlsdecryptticket function which can be triggered through a session ticket...
Protection Mechanism Bypass
OpenSSL is vulnerable to protection mechanism bypass. This is because OpenSSL accepts several variations of certificate signature algorithms and signature encodings. It doesn't then enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. This...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. The library does not clear DTLS handshake messages when they are delivered out of order even when the handshake has been completed. A malicious user can take advantage of this by opening multiple DTLS connections to the system, causing a...
Denial Of Service (DoS) Or Arbitrary Code Execution
expat is vulnerable to denial of service DoS or arbitrary code execution attacks. When users input malformed document, expat XML parser mishandles the input which causes a buffer overflow during the processing and error reporting. This leading to a denial of service and conceivably result in remo...
Cache-timing Attack
OpenSSL is vulnerable to a cache-timing attack. The attack exists due to a flaw in signing function of crypto/ecdsa/ecdsaossl.c which sets the BNFLGCONSTTIME flag for nonces instead of taking a secure code path in the BNmodinverse method...
XML External Entity (XXE)
org.jenkins-ci.plugins, generic-webhook-trigger is vulnerable to XML External Entity XXE. The vulnerability is due to improper XML parser configuration that does not disable external entity processing, which allows an attacker to exploit crafted XML input to access sensitive information or perfor...
Improper Input Validation
Apache is vulnerable to Improper Input Validation. The vulnerability is caused due to inadequate input validation, which can be exploited by attackers to manipulate HTTP responses...
Denial Of Service (DOS)
golang.org/x/net is vulnerable to Denial Of Service DoS. The vulnerability is due to a lack of header frame limits, allowing an attacker to send excessive CONTINUATION frames which causes the endpoint to read arbitrary amounts of header data without proper memory allocation limits...
Asymmetric Resource Consumption
python is vulnerable to Asymmetric Resource Consumption. This vulnerability is due to an issue in the zip format, allowing for the creation of zip-bombs with a high compression ratio...