Lucene search
K
VeracodeMost viewed

38333 matches found

Veracode
Veracode
•added 2022/01/27 3:56 a.m.•34 views

Integer Overflow

libexpat.so is vulnerable to integer overflow. The vulnerability exists in the doProlog function in the xmlparse.c file, allowing an attacker to cause an application crash...

7.5CVSS4AI score0.03992EPSS
Exploits0References11Affected Software22
Veracode
Veracode
•added 2022/01/22 9:57 p.m.•34 views

Buffer Overflow

vim is vulnerable to Heap-based Buffer Overflow. The vulnerability exist due to a lack of sanitization of the memory control pointer...

7.8CVSS3.8AI score0.01831EPSS
Exploits1References15Affected Software1
Veracode
Veracode
•added 2022/01/15 10:10 p.m.•34 views

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to a heap-based Buffer Overflow allowing an attacker to crash the system...

8CVSS3.9AI score0.02075EPSS
Exploits1References9Affected Software1
Veracode
Veracode
•added 2022/01/15 9:52 p.m.•34 views

Denial Of Service (DoS)

vim is vulnerable to denial of service. The vulnerability exists due to a heap-based Buffer Overflow allowing an attacker to crash the system...

7.8CVSS3.9AI score0.01461EPSS
Exploits1References9Affected Software3
Veracode
Veracode
•added 2022/01/15 12:37 a.m.•34 views

Information Disclosure

python-django is vulnerable to information disclosure. The vulnerability exist due to the lack of sanitizaton of the Template Language's variable resolution logic...

7.5CVSS1.8AI score0.01839EPSS
Exploits0References8Affected Software3
Veracode
Veracode
•added 2022/01/15 12:2 a.m.•34 views

Incorrect Security UI In Autofill

Chrome has Incorrect security. The vulnerability exist due to an Incorrect security UI in Autofill...

4.3CVSS2.4AI score0.01065EPSS
Exploits1References9Affected Software2
Veracode
Veracode
•added 2022/01/11 11:9 a.m.•34 views

Out-of-Bounds Read

libtiff is vulnerable to out-of-bounds read. The vulnerability allows remote attackers to influence memory values leading to information disclosure and/or denial of service...

5.5CVSS5.2AI score0.01336EPSS
Exploits1References7Affected Software3
Veracode
Veracode
•added 2022/01/05 6:23 p.m.•34 views

Remote Code Execution (RCE)

RabbitMQ is vulnerable to Regular Expression Denial Of Service ReDoS. A new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper...

5.4CVSS5.4AI score0.01437EPSS
Exploits1References4Affected Software1
Veracode
Veracode
•added 2021/12/27 12:41 a.m.•34 views

Denial Of Service (DoS)

Undertow AJP connector is vulnerable to denial of service. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability...

7.5CVSS3.8AI score0.01269EPSS
Exploits0References6Affected Software19
Veracode
Veracode
•added 2021/12/23 6:35 p.m.•34 views

Cross-site Scripting (XSS)

webkit2gtk is vulnerable to cross-site scripting. The vulnerability exists due to a logic issue...

6.1CVSS1.6AI score0.01309EPSS
Exploits0References12Affected Software4
Veracode
Veracode
•added 2021/12/23 6:32 p.m.•34 views

Information Disclosure

webkit2gtk is vulnerable to information disclosure. The vulnerability exists due to a logic issue...

6.5CVSS1.2AI score0.01604EPSS
Exploits0References12Affected Software4
Veracode
Veracode
•added 2021/11/14 11:40 p.m.•34 views

Denial Of Service (DoS)

libsolv is vulnerable to denial of service. The vulnerability exists through the prunetorecommended function in policy.c, allowing an attacker to crash the application via malicious input...

7.5CVSS4AI score0.01422EPSS
Exploits1References4Affected Software1
Veracode
Veracode
•added 2021/11/14 7:42 a.m.•34 views

Denial Of Service (DoS)

postgresql is vulnerable to denial of service...

5.9CVSS2.3AI score0.01501EPSS
Exploits0References12Affected Software10
Veracode
Veracode
•added 2021/11/13 12:40 a.m.•34 views

Arbitrary Code Execution

ibjpeg-turbo is vulnerable to arbitrary code execution. A remote attacker could exploit this vulnerability by send a malformed jpeg file to the service and cause arbitrary code execution or denial of service...

8.8CVSS5.3AI score0.02728EPSS
Exploits1References6Affected Software1
Veracode
Veracode
•added 2021/11/12 8:52 a.m.•34 views

Denial Of Service (DoS)

busybox:edge is vulnerable to denial of service...

7.2CVSS2.1AI score0.02579EPSS
Exploits0References8Affected Software5
Veracode
Veracode
•added 2021/11/05 1:37 a.m.•34 views

Denial Of Service (DoS)

rust:edge is vulnerable to denial of service. The vulnerability exists as it permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters causing an...

8.3CVSS3.6AI score0.12205EPSS
Exploits4References22Affected Software13
Veracode
Veracode
•added 2021/11/03 2:3 p.m.•34 views

Denial Of Service (DoS)

vim is vulnerable denial of service. The vulnerability exists due to Heap-based Buffer Overflow...

7.8CVSS3.6AI score0.01389EPSS
Exploits1References9Affected Software4
Veracode
Veracode
•added 2021/10/18 2:27 p.m.•34 views

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. A high privileged attacker with network access via multiple protocols can compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL...

6.8CVSS3.2AI score0.02157EPSS
Exploits0References7Affected Software1
Veracode
Veracode
•added 2021/10/05 1:32 p.m.•34 views

Remote Code Execution (RCE)

Redis is vulnerable to remote code execution. The vulnerability exists due to an integer overflow bug which can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution...

7.5CVSS3.9AI score0.03839EPSS
Exploits0References17Affected Software2
Veracode
Veracode
•added 2021/10/03 1:51 p.m.•34 views

Denial Of Service (DoS)

mediawiki is vulnerable to denial of service. The system may crash when processing ApiQueryBacklinks with a full db table scan...

7.5CVSS2.4AI score0.01646EPSS
Exploits0References11Affected Software1
Veracode
Veracode
•added 2021/09/24 2:43 a.m.•34 views

SQL Injection

php is vulnerable to SQL injection. The vulnerability exists due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements into the MySQL server for execution...

6.5CVSS3.3AI score0.01337EPSS
Exploits0References6Affected Software3
Veracode
Veracode
•added 2021/09/21 1:43 p.m.•34 views

CVE-2021-38209

linux is vulnerable to information disclosure. The vulnerability exists due to an allowable observation of changes in any net namespace which can be leaked into all other net namespaces...

3.3CVSS2.3AI score0.00283EPSS
Exploits0References3Affected Software1
Veracode
Veracode
•added 2021/08/24 8:17 a.m.•34 views

Remote Code Execution (RCE)

xstream is vulnerable to remote code execution. An attacker can manipulate the processed input stream and replace or inject objects, that result in execution of arbitrary code loaded from a remote server...

8.5CVSS3.7AI score0.04752EPSS
Exploits1References15Affected Software4
Veracode
Veracode
•added 2021/08/24 6:48 a.m.•34 views

Remote Code Execution (RCE)

xstream is vulnerable to remote code execution. The vulnerability exists due to the usage of an insecure default blacklist which does not cover all the excluded XStream security framework...

8.5CVSS2.8AI score0.04474EPSS
Exploits1References15Affected Software4
Veracode
Veracode
•added 2021/08/06 8:24 a.m.•34 views

Insecure Cryptographic Function

libapache2-mod-auth-openidc has insecure cryptographic functions. The vulnerability existis due to reusing the same key...

5.9CVSS2.6AI score0.01503EPSS
Exploits0References10Affected Software2
Veracode
Veracode
•added 2021/07/30 3:29 a.m.•34 views

Request Smuggling

tomcat-coyote is vulnerable request smuggling. Incorrect way of parsing of the HTTP transfer-encoding request header causes request smuggling when it is used with a reverse proxy and if the client declared it would only accept an HTTP/1.0 response...

5.3CVSS0.4AI score0.75353EPSS
Exploits1References22Affected Software7
Veracode
Veracode
•added 2021/07/26 9:26 a.m.•34 views

Denial Of Service (DoS)

curl is vulnerable to denial of service. The SSL backend fails to secure the CURLOPTSSLCERT against current directory file overriding the keychain nickname specified, potentially resulting in the overriding the CURLOPTSSLCERT specified certificate and thus causing denial of service...

7.5CVSS2.8AI score0.0982EPSS
Exploits1References16Affected Software2
Veracode
Veracode
•added 2021/06/13 8:0 p.m.•34 views

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to a use after free in the Spell check component...

8.8CVSS2.5AI score0.00931EPSS
Exploits0References8Affected Software2
Veracode
Veracode
•added 2021/06/13 12:23 p.m.•34 views

Denial Of Service (DoS)

NGINX is vulnerable to denial of service. A buffer overflow for years that exceed four digits causes an integer overflow, resulting in an application crash...

9.8CVSS4.8AI score0.03285EPSS
Exploits1References7Affected Software1
Veracode
Veracode
•added 2021/06/07 1:13 p.m.•34 views

Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow in libavfilter/vfyadif.c...

6.5CVSS4AI score0.01667EPSS
Exploits1References4Affected Software3
Veracode
Veracode
•added 2021/06/06 10:35 a.m.•34 views

Denial Of Service (DoS)

linux is vulnerable to denial of service. In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c in the Linux kernel on some Haswell CPUs, userspace applications such as perf-fuzzer can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6...

5.5CVSS3.6AI score0.00385EPSS
Exploits0References11Affected Software5
Veracode
Veracode
•added 2021/06/02 8:31 a.m.•34 views

Information Disclosure

Elastic APM .NET Agent is vulnerable to information disclosure. Confidential HTTP header information is disclosed when logging the details during an application error...

4.3CVSS0.00611EPSS
Exploits0References3Affected Software3
Veracode
Veracode
•added 2021/05/28 1:4 p.m.•34 views

Information Disclosure

chromium is vulnerable to information disclosure. The vulnerability exists due to an out of bounds memory access security issue has been found in the WebAudio component of the Chromium...

8.8CVSS1.9AI score0.01181EPSS
Exploits1References8Affected Software3
Veracode
Veracode
•added 2021/05/24 9:29 a.m.•34 views

Denial Of Service (DoS)

linux is vulnerable to denial of service. The vulnerability exists due to a race conditions during an update of the local and shared status which allows an attacker to crash the application via malicious input...

4.7CVSS6.1AI score0.00258EPSS
Exploits0References4Affected Software3
Veracode
Veracode
•added 2021/05/24 9:1 a.m.•34 views

Man-in-the-middle (MITM)

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session...

5.9CVSS1.4AI score0.01339EPSS
Exploits0References4Affected Software2
Veracode
Veracode
•added 2021/05/20 3:28 p.m.•34 views

Denial Of Service (DoS)

unbound is vulnerable to denial of service DoS. The vulnerability exists through an assertion failure through a compressed name in dnamepktcopy...

7.5CVSS2.6AI score0.02128EPSS
Exploits0References7Affected Software3
Veracode
Veracode
•added 2021/05/15 12:9 a.m.•34 views

Denial Of Service (DoS)

squid is vulnerable to denial of service. An attacker can cause a fatal error via the HTTP response of a squid cache, resulting in a denial of service condition...

6.5CVSS1.1AI score0.71867EPSS
Exploits0References15Affected Software6
Veracode
Veracode
•added 2021/05/06 12:13 p.m.•34 views

Arbitrary Code Execution

exim4 is vulnerable to arbitrary code execution. A heap out-of-bounds write in parsefixphrase allows an attacker to execute arbitrary code on the host OS...

7.8CVSS3.8AI score0.00399EPSS
Exploits1References3Affected Software4
Veracode
Veracode
•added 2021/05/06 9:12 a.m.•34 views

Denial Of Service (DoS)

rust is vulnerable to denial of service. The vulnerability exists due to a double free in theVec::fromiter function...

9.8CVSS2.6AI score0.0289EPSS
Exploits1References11Affected Software2
Veracode
Veracode
•added 2021/04/29 12:14 p.m.•34 views

Integer Overflow

openldap:edge is vulnerable to integer overflow. An integer underflow can causes a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

7.5CVSS3.8AI score0.83381EPSS
Exploits0References18Affected Software1
Veracode
Veracode
•added 2021/03/15 4:19 a.m.•34 views

Cross-Site Scripting (XSS)

keycloak-theme is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the referrer URL in the new account console...

7.5CVSS3.9AI score0.0119EPSS
Exploits0References2Affected Software1
Veracode
Veracode
•added 2021/03/11 10:57 p.m.•34 views

Cross-site Scripting (XSS)

ceph dashboard is vulnerable to cross-site scripting XSS attacks. The JSON Web Token JWT used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks...

5.4CVSS4.2AI score0.02449EPSS
Exploits0References2Affected Software5
Veracode
Veracode
•added 2021/03/09 9:46 p.m.•34 views

Denial Of Service (DoS)

gsoap is vulnerable to denial of service DoS. The vulnerability exists in the WS-Security plugin functionality when processing a SOAP request...

7.5CVSS2.8AI score0.03023EPSS
Exploits1References7Affected Software1
Veracode
Veracode
•added 2021/03/09 2:27 p.m.•34 views

Information Disclosure

chromium is vulnerable to information disclosure. The vulnerability exists through the lack of data validation in the Reader Mode that allows cross-origin data to be leaked...

6.5CVSS2.1AI score0.0094EPSS
Exploits0References11Affected Software1
Veracode
Veracode
•added 2021/02/26 2:11 a.m.•34 views

Denial Of Service (DoS)

Linux Kernel is vulnerable to denial of service DoS. The vulnerability is possible because of an issue was discovered in drivers/accessibility/speakup/spkttyio.c. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs...

5.5CVSS3.7AI score0.00328EPSS
Exploits0References11Affected Software4
Veracode
Veracode
•added 2021/02/18 11:42 p.m.•34 views

Information Disclosure

libslirp is vulnerable to information disclosure. A buffer over-read in slirp.c allows reading of a certain amount of header data pass the total packet length...

4.3CVSS2.4AI score0.0183EPSS
Exploits1References9Affected Software2
Veracode
Veracode
•added 2021/02/08 6:2 a.m.•34 views

Denial Of Service (DoS)

cryptography is vulnerable to denial of service. An integer overflow and buffer overflow occurs when certain sequences of update calls to symmetrically encrypted multi-GB values allows an attacker to crash the application...

9.1CVSS4.8AI score0.06718EPSS
Exploits1References9Affected Software3
Veracode
Veracode
•added 2021/02/07 12:29 a.m.•34 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. The vulnerability exists due to non-validation in epan/dissectors/packet-btatt.c...

6.5CVSS2.2AI score0.01457EPSS
Exploits1References6Affected Software1
Veracode
Veracode
•added 2021/02/05 3:21 a.m.•34 views

Denial Of Service (DoS)

glibc is vulnerable to denial of service DoS. The vulnerability exists through sysdeps/i386/ldbl2mpn.c where a stack-based buffer overflow occurs on the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

7.5CVSS4.7AI score0.02765EPSS
Exploits0References7Affected Software1
Veracode
Veracode
•added 2021/02/03 7:44 a.m.•34 views

Privilege Escalation

Kernel is vulnerable to privilege escalation. In auditfreelsmfield of auditfilter.c, there is a possible bad kfree due to a logic error in auditdatatoentry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS3.5AI score0.00213EPSS
Exploits0References5Affected Software2
Total number of security vulnerabilities5000