Denial Of Service (DoS)

org.mvel: mvel2 is vulnerable to Denial Of Service DoS. The vulnerability is due to the ParseTools.subCompileExpression method which times or executes for an indefinite time when parsing a crafted MVFLEX Expression MVEL. A malicious user can craft an MVEL expression and pass to the...

Buffer Overflow

SQLite is vulnerable to heap-based buffer overflow. The vulnerability is due to the sessionReadRecord function within ext/session/sqlite3session.c, which allows an attacker to manipulate the pIn parameter which results in a buffer overflow...

Denial Of Service (DoS)

libsquid.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a buffer overread bug in the library. This allows an attacker to cause an application crash during HTTP message processing...

Denial Of Service

libtiff.so is vulnerable to Denial Of Service attack. The vulnerability is due to a lack of codec validation in the tiffcp utility. A heap based buffer overflow is caused while processing a crafted TIFF file, leading to Denial of Service DoS...

Denial Of Service (DoS)

libtiff.so is vulnerable to Denial of Service. The vulnerability is caused by the TIFFReadDirEntryArrayWithLimit and EstimateStripByteCounts functions in tifdirread.c failing to verify if the requested memory size was greater than the actual file size due to allocating memory based on the size of...

Denial Of Service (DoS)

libde265.so is vulnerable to Denial of Service DoS. The vulnerability is due to the slicesegmentheader function in the slice.cc component. An attacker is able to cause a DoS condition by crafting a specially crafted file and tricking the system into processing it. This could disrupt service on th...

Arbitrary Code Injection

quartz-jobs is vulnerable to Arbitrary code injection. The vulnerability is due to lack of message validation in the SendQueueMessageJob.execute method, which can lead to remote code execution...

Information Disclosure

urllib3 is vulnerable to Information Disclosure. The vulnerability is due the http body not being removed after a redirect with a 301, 302, or 303 status. to An attacker could exploit this vulnerability by tricking a user into performing a POST request to a vulnerable application. The attacker...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS. A Division by Zero vulnerability allows local attackers to crash QEMU and the guest operating system by sending a specially crafted SCSI command...

Remote Code Execution (RCE)

exim is vulnerable to Remote Code Execution RCE. The vulnerability arises from the absence of proper validation for user-supplied data in the SMTP service. This could result in a buffer overflow, enabling an attacker to inject and execute malicious code within the service account's context...

Denial Of Service (DoS)

bind is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending a malicious DNS packet to a vulnerable named server. Once the vulnerability is exploited, the attacker could take control of the server and steal data, install malware, or disrupt service...

XML External Entity (XXE)

python3.9 is vulnerable to XML External Entity XXE. This vulnerability exists due to a flaw in the way the plistlib module parses certain XML plist files. An attacker can exploit this vulnerability by sending a specially crafted plist file that references an external entity, which could allow the...

XML Injection

org.apache.ivy:ivy is vulnerable to XML Injection. The vulnerability exists due to improper external DTD XML restrictions. An attacker is able to exploit this vulnerability by parsing a specially crafted XML file, which allows the attacker to access sensitive information, such as passwords or oth...

Out-of-bounds Write

qemu is vulnerable to Out-of-bounds Write. This vulnerability occurs since there is no check for the value of 'srclen' and 'dstlen' in 'virtiocryptosymophelper' resulting in a heap-based buffer overflow...

Arbitrary Code Execution

langchain is vulnerable to Arbitrary Code Execution. The vulnerability exists in the frommathprompt function at langchain.chains.PALChain which allows an attacker to execute arbitrary codes through prompt injection...

Cross-Site Scripting (XSS)

firefox is vulnerable to Cross-Site Scripting XSS attacks. This vulnerability occurs due to a flaw in the way that Firefox handles data: URLs. An attacker can exploit this vulnerability to load a malicious document in the same process as a trusted document, bypassing the site-isolation protection...

Information Disclosure

xen is vulnerable to Information Disclosure. Under specific micro architectural circumstances, an attacker is able to potentially access sensitive user information...

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to the missing length checks in the bgpattrpsidsub function of bgpattr.c, allowing an attacker to cause an application crash by providing a maliciously crafted input...

Sandbox Escape

vm2 is vulnerable to Sandbox Escape. The vulnerability exists because the library does not properly sanitize a Promise return, allowing an attacker to escape the sandbox and inject and execute malicious code...

Heap-based Buffer Overflow

libtiff.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists in the processCropSelections at tiffcrop.c due to not correctly updating the buffer size after rotateImage is called which causes an application crash...

Use After Free

Google Chrome is vulnerable to Use After Free. The vulnerability is due to improper memory management in the media API, which results in heap corruption via crafted HTML page...

Integer Overflow

snappy-java is vulnerable to Integer Overflow. The vulnerability exists because the shuffle functions of BitShuffle.java does not properly check multiplication results if its zero, too small or a negative value or not which cause java.lang.NegativeArraySizeException and...

Remote Code Execution (RCE)

RocketMQ is vulnerable to Remote Code Execution RCE. The vulnerability exists because the library allows updating the config path at runtime, allowing an attacker to inject and execute malicious code through the update configuration function by forging the RocketMQ protocol content, which also...

Use-After-Free

xen is vulnerable to Use-After-Free. The vulnerability allows established shadow page tables to be freed again immediately, while other code is still accessible on the assumption that they would remain allocated...

Authentication Bypass

github.com/GoogleCloudPlatform/esp-v2 is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly filter the malicious HTTP headers, which allows an attacker to send maliciously crafted X-HTTP-Method-Override header values to bypass JWT authentication in...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause an infinite loop via integer overflows when calling any of the Parse functions which contain //line directives with very large line numbers, which can cause the application to crash...

Denial Of Service (DoS)

docker is vulnerable to Denial of Service DoS attacks. The injection of arbitrary ethernet frames allow remote attackers to enable denial of service attacks, such as establishing a UDP or TCP connection or smuggling packets into the overlay network...

Authorization Bypass

docker is vulnerable to Authorization Bypasses. Encrypted overlay networks can be used to inject arbitrary Ethernet frames into the network by encapsulating them in VXLAN datagrams...

Prototype Pollution

matrix-js-sdk is vulnerable to Prototype Pollution. Events sent with special strings in key places may disrupt or impede the library from functioning properly, potentially impacting the consumer's ability to process data safely...

Security Bypass

spring-webmvc is vulnerable to Security Bypass. The vulnerability exists because using "" as a pattern in spring security configuration with the mvcRequestMatcher which creates a mismatch in pattern matching between Spring Security and Spring MVC and the potential for a security bypass...

Denial Of Service (DoS)

eap7 is vulnerable to Denial of Service DoS attacks. A denial of service is possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

Authentication Bypass

curl is vulnerable to Authentication Bypass. The library would reuse a previously created connection even if the GSS delegation CURLOPTGSSAPIDELEGATION option had been changed, but this setting was left out from configuration match checks, affecting krb5/kerberos/negotiate/GSSAPI transfers...

Special Element Injection

curl is vulnerable to Special Element Injection. The library allows users to pass on user name and telnet options to the server without proper input scrubbing, allowing them to pass on content or do option negotiation without the application intending to do so...

Denial Of Service (DoS)

Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the video, allowing an attacker to exploit heap corruption via a crafted HTML page, leading to an application crash...

Privilege Escalation

Linux kernel is vulnerable to Privilege Escalation. The vulnerability exists in the ALSA PCM package because of the missing locks in the SNDRVCTLIOCTLELEMREAD|WRITE32, which leads to use-after-free, resulting in gaining access to ring0 from the system user...

Denial Of Service (DoS)

linux is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause the application to crash via drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the device file /dev/dri/renderD128...

Privilege Escalation

github.com/containerd/containerd is vulnerable to Privilege Escalation. An authenticated attacker is able to use supplementary group access to bypass primary group restrictions in some cases where supplementary groups are not set up properly inside a container, which allows the attackers to acqui...

Integer Overflow

apr-util and apr is vulnerable to Integer Overflow.The vulnerability exists in aprbase64 function because it allows an attacker to write beyond bounds of a buffer which affects the apache portable runtime...

Heap-based Buffer Overflow

linux is vulnerable to Heap-based Buffer Overflow. A local attacker is able to cause heap-based buffer overflows when a user connects to a malicious USB device which allows the attacker to crash the system or escalate their privileges...

Type Confusion

openssl is vulnerable to type confusion. The vulnerability exists because it may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory content...

LDAP Injection

sssd is vulnerable to LDAP Injection. The vulnerability exists because the libssscertmap fails to sanitize certificate data used in LDAP filters...

Denial Of Service (DoS)

kernel-rt is vulnerable to Denial Of Service DoS. The vulnerability exists in the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices due to the multiple out-of-bounds reads and possible out-of-bounds writes, leading to an application crash...

Denial Of Service (DoS)

bind is vulnerable to Denial of Service DoS. The vulnerability exists because named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota causing an application crash...

Denial Of Service (DoS)

kernel is vulnerable to Denial of Service DoS attacks. A race condition may lead to a NULL pointer dereference and general protection fault via VTRESIZEX ioctl, resulting in an application crash...

Denial Of Service (DoS)

bind is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause n application crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query...

Regular Expression Denial Of Service (ReDoS)

cookiejar is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists in the parse function of cookiejar.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string...

Session Fixation

github.com/KubeOperator/kubepi is vulnerable to Session Fixation. The vulnerability exists due to insufficient session expiration mechanisms in the library, allowing an attacker to hijack the legitimate user sessions...

Authentication Bypass

Linux kernel is vulnerable to Authentication Bypass. The vulnerability exists in the nfconntrackirc because it incorrectly matches the massage, which allows an attacker to bypass the firewall when users are using unencrypted IRC with nfconntrackirc configured...

Privilege Escalation

samba is vulnerable to Privilege Escalation. The Netlogon RPC implementations uses the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types, which allows an attacker who knows the plain text content communicated...

Out Of Bound Read

xrdp is vulnerable to Out of Bound Reads. The vulnerability exists due to the out of bound read in the xrdpcapsprocessconfirmactive function of the library, allowing an attacker to cause an application crash or access sensitive information...