Sensitive Information Leakage

The kernel-rt packages is susceptible to denial of service DoS. The attack is possible because it does not make sure the addrlen value to get initialized with the associated data structure, allowing a local unauthorized user to do the recvmsg, recvfrom, and recvmmsg system calls to leak kernel...

Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS attacks. The vulnerability exists as multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and...

Denial Of Service (DoS)

qemu-kvm is vulnerable to denial of service DoS attacks. The vulnerability exists as QEMU, possibly before 2.0.0, allows local users to cause a denial of service divide-by-zero error and crash via a zero value in the 1 tracks field to the seektosector function in block/parallels.c or 2 extentsize...

Request-smuggling Attacks

Apache Tomcat Coyote before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, doesn't handle inconsistent HTTP request headers well when an HTTP or AJP connector is used. This allows remote attackers to incorrectly identify the requests length and conduct request-smuggling attacks through...

Man-in-the-Middle (MitM)

gnutls is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists as lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service DoS attacks. The vulnerability exists as an off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact v...

Authentication Bypass

postgresql is vulnerable to authentication bypass attacks. The vulnerability exists as the cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80...

Arbitrary File Overwrite

hplip3 is vulnerable to arbitrary file overwrite attacks. The vulnerability exists as the senddatatostdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing HPLIP 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out...

Timing Side- Channel Attack

OpenSSL is vulnerable to timing attacks. It happens because of lack of validation of MAC addresses in constant time during the processing of a malformed CBC padding. It is also known as "Lucky Thirteen" issue...

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS attacks. The vulnerability exists as Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number of points, which is...

Unspecified Flaw

Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service. Incorrect handling of the Delay and Unwritten buffer head states in the journalunmapbuffer function in fs/jbd2/transaction.c allows local attackers to crash systems that have an ext4 file system with a journal mounted...

Cross-Origin Resource Sharing (CORS) Bypass

System.Net.Http is vulnerable to cross-origin resource sharing CORS bypass. An attacker is able to exploit the vulnerability to retrieve confidential user and system information...

Deserialization Of Untrusted Data

jackson-databind can deserialize untrusted data. The vulnerability is due to an incomplete fix for the CVE-2017-7525...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to an out-of-bounds in the ChakraCore JIT which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-8617, CVE-2018-8618, CVE-2018-8624,...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This is due to a buffer overflow in TypeHandler caused by an invalid index reuse, which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-8517 and...

Arbitrary Code Execution

Libraw.so is vulnerable to code execution. An error within the findgreen function in internal/dcrawcommon.cpp allows an attacker to execute code via a stack-based buffer overflow...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230,...

Remote Code Execution (RCE)

Microsoft.PowerShell.EditorServices.Protocol is vulnerable to remote code execution. Improper processing of local connections allow a remote attacker to execute arbitrary commands in the context of the authenticated user...

Denial Of Service (DoS)

Apache Tomcat is vulnerable to denial of service DoS. Simultaneous requests to a directory containing a large number of files causes heavy CPU consumption, resulting in a denial of service condition...

Open Redirection

tomcat-catalina is vulnerable to open redirection. The vulnerability is possible because the library creates a protocol-relative redirect in the default servlet when generating a redirect to a directory, allowing an attack through any malicious URL...

Remote Code Execution (RCE)

libtiff.so is vulnerable to remote code execution. A heap-based buffer overflow occurs in the functions gtTielSeparate and gtStripSeparate in tiffgetimage.c due to improper handling of the tile size in a TIFF file, allowing remote attackers to execute arbitrary code via a specially crafted TIFF...

Denial Of Service (DoS)

libtiff.so is susceptible to denial of service DoS. The vulnerability is possible because the ChopUpSingleUncompressedStrip function allocates memory without considering the size of the file, leading to the attack if a malicious TIFF file is input. This CVE is different from CVE-2018-15209...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. ProxyEntryPointInfo causes out-of-bound writes or arbitrary code being executed. This CVE ID is different from CVE-2018-8353, CVE-2018-8355, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user can pass a tiff file encoded with LogL compression to the application, causing an out-of-bound read that can cause the application to crash...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attack. A malicious user can pass a tiff file to the NeXTDecode function in tifnext.c to cause an out-of-bounds write that can crash the application...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE attacks. The library does not call the ImplicitCallFlags during code interpretation, leading to arbitrary code being injected and executed...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This happens because the application attempts to index a detached ArrayBuffer, leading to a use-after-free that can allow RCE attacks. This CVE ID is different from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894,...

Information Disclosure

libcurl.so is vulnerable to information disclosures. When running with the --write-out command, the application skips the end of the string zero byte if the string ends with % or \\ , causing the application to read out of the buffer and disclose sensitive information...

Denial Of Service (DoS) Through Stack Buffer Overflow

libarchive.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in safefprintf of tar/util.c when printing a filename can cause a buffer overflow when formatting a non-printable multi-byte character...

Remote Code Execution (RCE)

spring-data-commons is vulnerable to remote code execution RCE attacks. The vulnerability exists due to the improper sanitization of special elements that can be used as gadgets to achieve remote code execution RCE when evaluated...

Copy-paste Vulnerability Through LibXML2

Nokogiri and chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to the following CVEs: 1 CVE-2017-16931 - LibXML2 incorrectly handles parameter-entity references in parser.c. 2 CVE-2017-16932 - LibXML2 can enter an infinite...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a WPG image file to the application, causing a heap allocation error that can crash the application...

Unauthorised Metadata Modification

Moodle is vulnerable to unauthorised metadata modification. The vulnerability exists due to a flaw in mod/assign/externallib.php which does not filter the function parameters, allowing modification of the grade metadata information...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious MIFF file to the system to trigger an infinite loop to occur that can cause the system to run out of resources and crash...

Information Disclosure

OpenSSL is vulnerable to information disclosure. When pretty printing through the OBJobj2txt function in crypto/objects/objdat.c is it possible for attackers to read from the process stack memory. This is caused because OpenSSL does not ensure the presence of \0 characters...

Denial Of Service (DoS) Through Null Pointer Dereference

OpenSSL is vulnerable to denial of service DoS attacks. This is caused by the sslsetclientdisabled function and triggered by a ServerHello message that includes an SRP ciphersuite but no negotiation of that suite with the client...

Side Channel Attack On Modular Exponentiation

OpenSSL is vulnerable to side channel attacks. The vulnerability exploits cache-bank conflicts on the Intel Sandy-Bridge microarchitecture, exposing RSA keys. However, an attacker can only exploit this only if he has control of code in a thread running on the same hyper-threaded core as the victi...

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

Denial Of Service (DoS)

io.netty: netty-codec-http is vulnerable to Denial Of Service DoS. The vulnerability is due to missing form field restrictions within the HttpPostRequestDecoder class. An attacker can send a chunked POST request with many small form fields, possibly resulting in Denial of Service DoS...

Denial Of Service (DoS)

XNIO API is vulnerable to Denial of Service DoS. The vulnerability is caused due to the problematic accumulation of notifier states within the chain. When this chain grows to be excessively large, it can lead to a StackOverflowException, overwhelming the stack and potentially causing Denial of...

Asymmetric Resource Consumption

python is vulnerable to Asymmetric Resource Consumption. This vulnerability is due to an issue in the zip format, allowing for the creation of zip-bombs with a high compression ratio...

Denial Of Service (DoS)

github.com/argoproj/argo-cd is vulnerable to Denial of Service DoS. The vulnerability is due to unsafe manipulation of an array in a multi-threaded environment. When two threads interact with the same array simultaneously this flaw can potentially leads to an application crash...

Denial Of Service (DoS)

Django is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient string processing within the intcomma template filter when a long string is parsed. This issue can be exploited by an attacker to cause DoS...

Bleichenbacher Timing Attack

M2Crypto is vulnerable to Bleichenbacher Timing Attack. The vulnerability is due insecure padding schemes, resulting in the exposure of confidential or sensitive data...

Use After Free

Canvas in Google Chrome is vulnerable to Use after free.The vulnerability is due to referencing memory after it has been freed which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Expired Pointer Dereference

squid is vulnerable to Expired Pointer Dereference. The vulnerability is due to the usage of a pointer after dereference. An attacker can exploit this vulnerability to mount a Denial Of Service DOS attack against Cache Manager error responses when generating error pages for Client Manager reports...

Improper Access Control

CRI-O is vulnerable to Improper Access Control. The vulnerability is due to improper restrictions of the experimental io.kubernetes.cri-o.UnifiedCgroup annotation, which results in container resources being unconfined. This issue can be exploited by an attacker to specify any amount of memory/cpu...

SQL Injection

Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...

Denial Of Service

asterisk:sid is vulnerable to denial of service. The vulnerability due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. It allows an attacker can be done continuously, thus denying new DTLS-SRTP encrypted calls which can leads to denia...