Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service out-of-bound...

Timing Attack

tomcat-catalina is vulnerable to timing attacks. When the supplied username does not exist, the Realm implementation will not process the supplied password, making a timing attack possible to determine valid usernames. Note that the default configuration includes the LockOutRealm which makes...

Denial Of Service (DoS)

gstreamer-plugins-bad-free is vulnerable to denial of service DoS attacks. The vulnerability exists as an integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service crash via large width and height values, which triggers a buffer overflow...

Denial Of Service (DoS) Through Heap Out-of-Bounds (OOB) Read

liblcms2.so is vulnerable to denial of service DoS attacks. The vulnerability exists through a heap out-of-bound OOB read in TypeMLURead of cmstypes.c where the MLU bounds were not properly checked, causing the DoS attack...

Denial Of Service (DoS)

Linux kernel-rt is vulnerable to denial of service. A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctpaccept during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SC...

Denial Of Service (DoS)

nginx is vulnerable to denial of service. It was discovered that nginx could perform an out of bound read and dereference an invalid pointer when resolving CNAME DNS records. An attacker able to manipulate DNS responses received by nginx could use this flaw to cause a worker process to crash if...

Remote Code Execution (RCE)

ImageMagick is vulnerable to remote code execution RCE. The library does not sanitize certain user inputs, allowing a malicious user to pass a malicious image to the system for file conversion to trigger the execution of arbitrary code. This is also known as the ImageTragick vulnerability...

Authorization Bypass

samba is vulnerable to authorization bypas. An access flaw was found in the way Samba verified symbolic links when creating new files on a Samba share. A remote attacker could exploit this flaw to gain access to files outside of Samba's share path...

Denial Of Service (DoS)

net-snmp is vulnerable to denial of service. It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system wit...

Arbitrary Code Execution

qemu-kvm-rhev is vulnerable to arbitrary code execution attacks. The vulnerability exists as the pitioportread in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS attacks. The vulnerability exists as the 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution attacks. The vulnerability exists as Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via...

Cross-site Scripting (XSS)

modcluster is vulnerable to cross-site scripting XSS attacks. The vulnerability exists in the manager web interface in modcluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message...

Denial Of Service (DoS)

php is vulnerable to denial of service DoS attacks. The vulnerability exists as the scan function in ext/date/lib/parseisointervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service heap-based buffer...

Privilege Escalation

openstack-neutron is vulnerable to privilege escalation attacks. The vulnerability exists as the default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted...

Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS attacks. The vulnerability exists as multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and...

Denial Of Service (DoS)

qemu-kvm is vulnerable to denial of service DoS attacks. The vulnerability exists as QEMU, possibly before 2.0.0, allows local users to cause a denial of service divide-by-zero error and crash via a zero value in the 1 tracks field to the seektosector function in block/parallels.c or 2 extentsize...

Denial Of Service (DoS)

glibc is vulnerable to denial of service DoS attacks. The vulnerability exists as multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvallo...

Information Disclosure

Linux kernel-rt is vulnerable to information disclosure. A NULL pointer dereference in the sndctlelemusertlv function in sound/core/control.c allows a local privileged user to exploit the vulnerability to leak kernel memory to user space...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service DoS attacks. The vulnerability exists as an off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact v...

Man-in-the-Middle (MitM)

python is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists as the ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a \0 character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows...

Authentication Bypass By Sniffing Valid Network Requests

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...

Remote Code Execution (RCE)

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to an out-of-bounds in Edge WIP which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This is due to a buffer overflow in TypeHandler caused by an invalid index reuse, which would allow an attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-8517 and...

Remote Code Execution (RCE)

Microsoft ChakraCore is vulnerable to remote code execution. This is due to how the scripting engine handles objects in memory, allowing a remote attacker to execute arbitrary code in the context of the authenticated user. This CVE ID is different from CVE-2017-0224, CVE-2017-0228, CVE-2017-0230,...

Remote Code Execution (RCE)

Microsoft Chakracore is vulnerable to remote code execution. The scripting engine does not properly handle objects in memory, which would allow an attacker to execute arbitrary commands in the context of the authenticated user. This CVE ID is different from CVE-2017-11886, CVE-2017-11889,...

Denial Of Service (DoS)

Apache Tomcat is vulnerable to denial of service DoS. Simultaneous requests to a directory containing a large number of files causes heavy CPU consumption, resulting in a denial of service condition...

Denial Of Service (DoS)

libglusterfs.so is vulnerable to a denial of service DoS attack or information disclosures. The library does not restrict the ../ characters from being passed in pathnames, allowing a malicious user to gain access to file statuses or crash the application with a malformed filename...

Directory Traversal

webtales/rubedo is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of the file path in the theme component, allowing directory traversal attacks...

Out-Of-Bounds Write

json-patch is affected by an out-of-bounds write vulnerability. This is due to a lack of index checking of the idx parameter in patch.go, which could allow an attacker to cause a denial of service condition...

Denial Of Service (DoS)

libtiff.so is susceptible to denial of service DoS. The vulnerability is possible because the ChopUpSingleUncompressedStrip function allocates memory without considering the size of the file, leading to the attack if a malicious TIFF file is input. This CVE is different from CVE-2018-15209...

Denial Of Service (DoS)

libvirt.so is vulnerable to denial of service DoS attacks. The library does not properly initialize a nodemap, leading to an invalid free that can crash the application or cause arbitrary code to be executed...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attacks. A malicious user can pass a TIFF image to the TIFFRGBAImageOK function in tifgetimage.c to cause an out-of-bounds read that can crash the application...

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service DoS attack. A malicious user can pass a tiff file to the NeXTDecode function in tifnext.c to cause an out-of-bounds write that can crash the application...

Heap Overflow

libgdkpixbuf-2.0.so is vulnerable to heap overflows. A malicious user can pass a jpeg file to the gdkpixbufjpegimageloadincrement function in io-jpeg.c, causing a heap overflow that can crash the application or cause arbitrary code to be executed...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass an .mpc file to the WriteMPCImage function in mpc.c, causing a memory leak that can crash the application or consume resources...

TLS Session Resumption Client Certificate Bypass

libcurl.so is vulnerable to TLS session resumption client certificate bypass attacks. The vulnerability exists in Curlclonesslconfig of lib/vtls/vtls.c where libcurl.so does not prevent the TLS session resumption if the client certificate has been replaced...

Denial Of Service (DoS)

libxml2 is affected by a denial-of-service DoS vulnerability. In xpath.c:xmlXPathCompOpEval, the cases XPATHOPAND and XPATHOPOR does not check for NULL values when assigning valuePopctxt which can result in a NULL pointer deference leading to a denial of service condition...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution. This happens because the application attempts to index a detached ArrayBuffer, leading to a use-after-free that can allow RCE attacks. This CVE ID is different from CVE-2017-11886, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894,...

Remote Code Execution (RCE)

icu4c is vulnerable to remote code execution RCE attacks. A malicious user can pass a string to the application to cause a double free that can crash the application or cause arbitrary code to be executed...

Information Disclosure

libcurl.so is vulnerable to information disclosures. When running with the --write-out command, the application skips the end of the string zero byte if the string ends with % or \\ , causing the application to read out of the buffer and disclose sensitive information...

Denial Of Service (DoS) Through Stack Buffer Overflow

libopenjpeg.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in the pgxtovolume of jp3d/codec/convert.c where it is possible to cause an out-of-bounds write leading to a DoS attack...

Out-of-Bounds Read

libapr-1.so is vulnerable to out-of-bounds read. A malicious user can pass a invalid month value to the aprtimeexp or the aprosexptime functions to cause an out-of-bounds read that can lead to sensitive information being disclosed or the application crashing...

Denial Of Service (DoS)

spring-data-commons is vulnerable to denial-of-service DoS attacks. The vulnerability exists due to the lack of sane limits of depths when parsing a PropertyPath value, allowing attackers to cause a DoS attack through CPU and memory consumption by specifying a path with a large amount of depth...

Denial Of Service (DoS)

OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a malicious string, causing the ASN.1 types with recursive definitions to exceed the stack and crash the application...

Incorrect Documentation

Apache Tomcat contains incorrect documentation. The library's default documentation's CGI search algorithm was incorrect, and could have caused the outcome of scripts to be incorrect when executed...

Copy-paste Vulnerability Through LibXML2

Nokogiri and chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to the following CVEs: 1 CVE-2017-16931 - LibXML2 incorrectly handles parameter-entity references in parser.c. 2 CVE-2017-16932 - LibXML2 can enter an infinite...

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass a WPG image file to the application, causing a heap allocation error that can crash the application...

Weak Password Hashing Algorithm

WordPress is vulnerable to collision attacks. It uses a weak MD-5 based password hashing algorithm, making it easier for attackers to obtain a valid password hash...

Regular Expression Denial Of Service (ReDoS) Via Parsing Cookies

tough-cookie is vulnerable to regular expression denial of service ReDoS attack. The vulnerability exists because the COOKIEPAIR regular expression used to parse the cookies causes unlimited repetitions when matching input characters. By using a large cookie string, attackers can make the process...