Information Disclosure

chromium:sid is vulnerable to information disclosure. It allows a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Regular Expression Denial-of-Service (ReDoS)

pillow is vulnerable to regular expression denial of service. Usage of an insecure regex allows an attacker to cause excessive CPU consumption when parsing a malicious PDF file...

Denial Of Service (DoS)

linux is vulnerable to denial of service DoS. The vulnerability exists through a use after free in the Linux kernel infiniband hfi1 driver, found in the way user calls Ioctl after open dev file and fork...

XML External Entity (XXE)

batik-svgbrowser is vulnerable to XML external entity attacks. An attacker is able to submit HTTP GET requests on behalf of the server using malicious arguments...

OS Command Injection

systeminformation is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands via service parameters that are passed to si.inetLatency, si.inetChecksite, si.services, si.processLoad etc...

Open Redirection

rails is vulnerable to open redirection. Inadequate validation and regex matching of URLs allows an attacker to bypass validation checks using a malicious Host header and redirect users to a malicious website...

Sandbox Restrictions Bypass

chromium is vulnerable to arbitrary code execution. An inappropriate implementation flaw in the iframe sandbox component allows an attacker to bypass sandbox restrictions...

Remote Code Execution (RCE)

firefox is vulnerable to remote code execution. The vulnerability exists due to a use-after-free error when processing COOKIE-ECHO chunk in a SCTP packet. An attacker can inject malicious data to the browser, triggering a use-after-free error and execute arbitrary code on the system...

Authorization Bypass

curl is vulnerable to authorization bypass. The vulnerability is present only if OpenSSL is the designated TLS backend. OCSP stapling is not enabled by default by libcurl, it needs to be explicitly enabled by the application to get used...

Buffer Overflow

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

Arbitrary Code Execution

openjfx is vulnerable to arbitrary code execution.An easy-to-exploit vulnerability allows an unauthenticated attacker to compromise and takeover the Java SE...

Remote Code Execution (RCE)

Google Chrome is vulnerable to remote code execution. The vulnerability existed because of an integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux. An attacker is able to execute arbitrary code via a crafted HTML page...

Privilege Escalation

cephx is vulnerable to privilege escalation attacks. This is because cephx authentication protocol does not verify ceph clients correctly. An attacker who has access to the ceph cluster network is able to sniff packets on the network...

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS. An attacker having high privilege with network access via multiple protocols can compromise MySQL Server...

Denial Of Service (DoS)

math/big in github.com/golang/go is vulnerable to denial of service. An attacker can send a divisor or modulo argument larger than 3168 bits on 32-bit architectures or 6336 bits on 64-bit architectures to a number of math/big.Int methods Div, Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqr...

Information Disclosure

kernel is vulnerable to information disclosure.It incorrectly writes to the /proc/sys/vm/cmmtimeout file.This flaw allows to local user see the kernel stack information leak on s390/s390x...

Denial Of Service (DoS)

kernel is vulnerable to denial-of-service DoS attacks. The vulnerability exists in dlparparseccproperty in arch/powerpc/platforms/pseries/dlpar.c due to an unchecked kstrdup of prop-name allowing an attacker to cause an application crash...

Information Disclosure

apache tomcat is vulnerable to information disclosure. The HTTP headers within a request can potentially be included in a subsequent request and reveal confidential information, when the agreed maximum number of concurrent streams for a connection is exceeded...

Arbitrary Code Execution

WebKitGTK+ is vulnerable to arbitrary code execution. Processing maliciously crafted web content may lead to arbitrary code execution...

Privilege Escalation

Qt is vulnerable to Privilege Escalation. Files placed by attacker can influence the working directory and lead to malicious code execution...

Cross-site Scripting (XSS)

firefox is vulnerable to cross-site scripting XSS. The vulnerability exists when pasting a tag from the clipboard into a rich text editor, and the CSS sanitizer does not escape characters, and when a webpage subsequently copies the node's innerHTML, and assigns it to another innerHTML...

Arbitrary Code Execution

GraphicsMagick is vulnerable to arbitrary code execution. A segmentation violation in the WriteMAPImage function in coders/map.c when processing a non-colormapped image allows an attacker to execute arbitrary code on the host OS. This vulnerability is different from CVE-2017-11642...

Use-after-free

libslirp is vulnerable to use-after-free. It is due to a flaw in ipreass in ipinput.c...

Wrong Access Permission

Linux kernel is using wrong access permission.It can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered...

Injection Attacks

thunderbird is vulnerable to injection attacks. The vulnerability exists as the CSS sanitizer incorrectly rewrites a @namespace rule when pasting a tag from the clipboard into a rich text editor...

Use-After-Free

qemu is vulnerable to use-after-free. hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

Use-after-free

Linux kernel has a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d...

Unauthorised Access

openjdk7 is vulnerable to unauthorized. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data...

Validation Bypass

PowerDNS Recursor is vulnerable validation bypass. The answer section of a NXDOMAIN response lacking an SOA is not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation...

Arbitrary Code Execution

Webkit2gtk is vulnerable to arbitrary code execution. The vulnerability exists as a use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. The vulnerability exists as an issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOPmapgrant. Grant table operations are expected to return 0 for success, and a negative...

Authorization Bypass

mariadb is vulnerable to authorization bypass. The vulnerability exists through high privileged attacker with network access via multiple protocols...

Remote Code Execution (RCE)

typo3/cms is vulnerable to insecure cryptography. During installation with mediace extension, the vulnerability exists because it was possible to generate arbitrary checksums that allows the injection of arbitrary data, allowing an attacker with at least one Extbase plugin or module action to...

Denial Of Service (DoS)

curl and libcurl is vulnerable to denial of service DoS. The platforms allow attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact because too little memory is allocated for interfacing to an SSL library...

Arbitrary Code Execution

libraw is vulnerable to arbitrary code execution. The vulnerability exists as a boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to...

Arbitrary Code Execution

openjpeg is vulnerable to arbitrary code execution. A heap-based buffer overflow was discovered in the opjt2encodepacket function in lib/openjp2/t2.c which may lead to remote denial of service or potentially allow an attacker to execute arbitrary code on the system...

Remote Code Execution (RCE)

git is vulnerable to a remote code execution vulnerability. It exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'...

Missing HTTP Security Headers

keycloak does not contain security headers in its server responses. The lack of these headers does not directly lead to a vulnerability, however it reduces the restrictions of an attacker and aids them in their efforts in the event of a successful exploit of a web vulnerability...

Arbitrary Code Execution

rpm is vulnerable to arbitrary code execution. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library such as the rpm command line tool, or the yum and up2date...

Denial Of Service (DoS)

glibc is vulnerable to denial of service. A denial of service flaw was found in the remote procedure call RPC implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that...

Arbitrary Code Execution

openssl is vulnerable to arbitrary code execution. The vulnerability exists as a double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially-crafted...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload UFO functionality on. A remote attacker could use this flaw to cause a denial of service...

Information Disclosure

squirrelmail is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the SquirrelMail Mail Fetch plug-in. If an administrator enabled this plug-in, a SquirrelMail user could use this flaw to port scan the local network the server was on...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists as /proc/PID/io is world-readable by default. Previously, these files could be read without any further restrictions. A local, unprivileged user could read these files, belonging to other, possibly privileged processes to...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the script that launches OpenOffice.org. In some situations, a "." character could be included in the LDLIBRARYPATH variable, allowing a local attacker to execute arbitrary code with the...

Arbitrary Code Execution

gimp is vulnerable to arbitrary code execution. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause...

Denial Of Service (DoS)

Mozilla Thunderbird is vulnerable to Denial Of Service DoS. A flaw was found in the way Thunderbird displayed multiple marquee elements. A malformed HTML mail message could cause Thunderbird to execute arbitrary code with the privileges of the user running Thunderbird...

Information Disclosure

kernel is vulnerable to information disclosure. The vulnerability exists through missing validations of null-terminated string data structure elements in the doreplace, compatdoreplace, doiptgetctl, doip6tgetctl, and doarptgetctl functions could allow a local user who has the CAPNETADMIN capabili...

Information Disclosure

kernel is vulnerable to information disclosure. An information leak was found in the Linux kernel's taskshowregs implementation. On IBM S/390 systems, a local, unprivileged user could use this flaw to read /proc/PID/status files, allowing them to discover the CPU register values of processes...

Access Control Bypass

kernel is vulnerable to access control bypass. A missing security check in the Linux kernel's implementation of the installspecialmapping function could allow a local, unprivileged user to bypass the mmapminaddr protection mechanism...