38332 matches found
Use-After-Free
xen is vulnerable to Use-After-Free. The vulnerability allows established shadow page tables to be freed again immediately, while other code is still accessible on the assumption that they would remain allocated...
Denial Of Services (DoS)
Google Chrome is vulnerable to Denial Of Services DoS. The vulnerability exists due to the out of bounds memory access in Service Worker API, which allows an attacker to potentially exploit heap corruption via a crafted HTML page...
Arbitrary Code Execution
vm2 is vulnerable to Arbitrary Code Execution. The vulnerability exists because the transformer function of transformer.js allows remote attackers to bypass handleException and leak unsanitized host exceptions to escape the sandbox and run arbitrary code in the host context...
Security Bypass
spring-webmvc is vulnerable to Security Bypass. The vulnerability exists because using "" as a pattern in spring security configuration with the mvcRequestMatcher which creates a mismatch in pattern matching between Spring Security and Spring MVC and the potential for a security bypass...
Privilege Escalation
github.com/minio/minio is vulnerable to Privilege Escalation. The vulnerability exists in the AddUser and ImportIAM functions of admin-handlers-users.go because a user with consoleAdmin permissions can potentially create a user that matches the root credential accessKey. Once this user is created...
Denial Of Service (DoS)
Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the video, allowing an attacker to exploit heap corruption via a crafted HTML page, leading to an application crash...
Information Disclosure
github.com/moby/buildkit is vulnerable to Information Disclosure. When a build request contains a Git URL with credentials, anyone with access to the build provenance attestation will be able to view the credentials issued. An attacker can use these Git credentials to access repositories...
Denial Of Service (DoS)
go is vulnerable to Denial of Service DoS attacks. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses...
Type Confusion
openssl is vulnerable to type confusion. The vulnerability exists because it may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory content...
LDAP Injection
sssd is vulnerable to LDAP Injection. The vulnerability exists because the libssscertmap fails to sanitize certificate data used in LDAP filters...
Denial Of Service (DoS)
kernel is vulnerable to Denial of Service DoS attacks. A race condition may lead to a NULL pointer dereference and general protection fault via VTRESIZEX ioctl, resulting in an application crash...
Denial Of Service (DoS)
bind is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause n application crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query...
Remote Code Execution(RCE)
libxpm is vulnerable to Remote Code ExecutionRCE. When processing .Z or .gz file extensions, the library calls external programs to compress and uncompress files. This could allow a malicious user to execute other programs by manipulating the PATH environment variable...
Authentication Bypass
Linux kernel is vulnerable to Authentication Bypass. The vulnerability exists in the nfconntrackirc because it incorrectly matches the massage, which allows an attacker to bypass the firewall when users are using unencrypted IRC with nfconntrackirc configured...
Privilege Escalation
samba is vulnerable to Privilege Escalation. The Netlogon RPC implementations uses the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types, which allows an attacker who knows the plain text content communicated...
Command Injection
cacti is vulnerable to command injection. Authorization can be bypassed due to the implementation of the getclientaddr function. The function is defined in the file lib/functions.php and checks serval $SERVER variables to determine the IP address of the client which allows an attacker to set...
Denial Of Service (DoS)
org.codehaus.jettison:jettison is vulnerable to denial of service DoS attacks. A remote attacker is able to cause a stack overflow via injecting crafted JSON data, resulting in denial of service conditions...
HTTP Response Splitting
ruby is vulnerable to http response splitting. The vulnerability exists when applications use untrusted user input either to generate an HTTP response or to create a cgi cookie object...
Remote Code Execution (RCE)
heimdal is vulnerable to remote code execution. The vulnerability exists due to an invalid free in ASN.1 codec which allows an attacker to inject and execute arbitrary codes into the system...
Information Disclosure
H2 Database Engine is vulnerable to information disclosure. The vulnerability is caused by the webAdminPassword argument, which allows an administrator to specify the password in plaintext. An attacker can get the password for the H2 web admin console by looking at the running processes...
Information Disclosure
bc-fips is vulnerable to Information Disclosure. The vulnerability exists because the temporary keys used in the module get zeroed out while still in use by the module, resulting in an error or potential information loss. This vulnerability only affects Java 13 or later...
Information Disclosure
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attackers to cause an application crash and modify the critical data or all MySQL Server accessible data through multiple protocols...
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Options component, allowing an attacker to cause an application crash and modify some MySQL Server accessible data through the multiple protocols...
Denial Of Service (DoS)
@fastify/websocket and fastify-websocket are vulnerable to denial of service. The vulnerability is due to the fastifyWebsocket function in index.js which crashes the application on an uncaught exception when processing a malformed packet...
Buffer Overflow
samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet causing an application cras...
Arbitrary Code Execution
badaso/core is vulnerable to arbitrary code executions. The vulnerability is due to the application not properly validating the data uploaded by users which allows an attacker to perform arbitrary code execution...
Denial Of Service (DoS)
protobuf-cpp is vulnerable to Denial of Service. The vulnerability exists in multiple functions due to out of memory failures which allows an attacker to cause an application crash via multiple key-value...
Authentication Bypass
grafana is vulnerable to Authentication Bypass. The vulnerability exists due to the GetUserByLogin function in user.go conflict in the login field; An attacker can register into the system from another user's email address as a username blocking a user's login attempt...
Remote Code Execution (RCE)
commons-jxpath is vulnerable to remote code execution. The vulnerability exists in selectSingleNode function in JXPathContext.java where the attacker can use the xpath expression to load any java class from the classpath which will lead to a code execution...
Denial Of Service (DoS)
eap7 is vulnerable to denial of service. The vulnerability exists because the lack of handling by the browser over HTTP/2 may cause overhead or application crashes. This flaw exists because of an incomplete fix for CVE-2021-3629...
Denial Of Service (DOS)
Consul is vulnerable to authorization denial of service. Due to incorrectly validating JWT characters, an attacker can continually request TLS certificates and ACL tokens. This unnecessary information being stored can result in authorization denial of service...
Denial Of Service (DoS)
.NET Core is vulnerable to denial of service. The vulnerability exists due to a stack overflow which allows an attacker to send a customized payload that is parsed during model binding and cause an application crash...
Authorization Bypass
chromium, sid is vulnerable to authorization bypass. The vulnerability exists due to an inappropriate implementation flaw was found in the extensions API component of the chromium browser...
Improper Input Validation
chromium is vulnerable to improper input validation. The vulnerability exists due to the library does not properly validate user input in Intents...
Denial Of Service (DoS)
github.com/helm/helm is vulnerable to denial of service. The vulnerability exists in setIndex function in parser.go because a maximum index is not defined when setting index which allows an attacker to cause an application crash...
Denial Of Service (DoS)
moodle/moodle is vulnerable to denial of service. The vulnerability exists because the yuicombo.php does not properly limit the path length, allowing an attacker to crash the application by loading a large number of files...
Denial Of Service (DoS)
u-boot is vulnerable to denial of service. The vulnerability exists due to the integer signedness error, resulting stack stack-based buffer overflow in the i2c md command, which enables the corruption of the return address pointer of the doi2cmd function...
Denial Of Service (DoS)
vim is vulnerable to denial of service. The vulnerability exists due to heap based overflow in inscompladd of insexpand.c which allows an attacker to cause an application crash...
SQL Injection
loopback-connector-postgresql is vulnerable to sql injection attacks. The vulnerability exists in buildExpression function in postgresql.js because the user provided inputs for contains loopback filter are not properly sanitized which allows an attacker to inject and execute arbitrary sql command...
Denial Of Service (DoS)
undertow is vulnerable to Denial Of Service DoS. The vulnerability exists in read function in AjpServerRequestConduit.java because the exceptions are not handled properly for large AJP requests which allows an attacker to send a malicious request and trigger server errors causing an application...
Directory Traversal
rsync is vulnerable to Directory Traversal. The vulnerability exists due to a lack of validation of file names allowed, allowing a malicious rsync server or Man-in-The-Middle attacker to overwrite arbitrary files in the rsync client target directory and subdirectories...
Out-Of-Bounds Read
vim:sid is vulnerable to out of bounds read. A remote attacker is able to perform out of bound reads...
Double Free
Linux kernel is vulnerable to double free. The vulnerability exists in usb8devstartxmit in drivers/net/can/usb/usb8dev.c because is no need to call devkfreeskb when usbsubmiturb fails because canputechoskb deletes original skb and canfreeechoskb deletes the cloned skb causing a double free...
Denial Of Service
libtiff.so is vulnerable to denial of service DoS attacks. A malicious user is able to cause denial of service conditions via a crafted TIFF file through TIFFVGetField function, resulting in an application crash...
Denial Of Service (DoS)
HTTP2 Server is vulnerable to Denial Of Service DoS. The vulnerability exists in onRequest function in HttpChannelOverHTTP2.java due to improper error handling which allows an attacker to cause an application crash...
Information Disclosure
opensshkeyparser is vulnerable to information disclosure. The vulnerability exists in readfixedbytes function in pascalstylebytestream.py because the exception message is not properly handled which allows an attacker to gain access to view and modify the length of a raw field value of a key...
Regular Expression Denial Of Service (ReDoS)
org.apache.tika:tika is vulnerable to regular expression denial of service ReDoS attacks. An attacker is able to cause denial of service conditions to the users who are running the StandardsExtractingContentHandler component, due to an insecure regular expression usage in setThreshold function by...
Information Disclosure
guzzlehttp/guzzle is vulnerable to information disclosure. The vulnerability exists in serveral functions in RedirectMiddleware.php because the change in port is not considered a change in origin when sending requests with header files which allows an attacker to gain access to sensitive header...
Arbitrary Code Execution
watools is vulnerable to arbitrary code execution. The vulnerability exists because of a code execution backdoor in all the versions of watools packages available in Pypi which allows an attacker to inject and execute malicious codes...
Use-After-Free
vim is vulnerable to use after free. The vulnerability exists in utfptr2char function in mbyte.c because the freed memory is used when searching for pattern in path which allows an attacker to cause a memory corruption causing an application crash...