Lucene search
K
VeracodeMost viewed

38340 matches found

Veracode
Veracode
•added 2020/04/10 1:12 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The RHSA-2011:1530 kernel update introduced an integer overflow flaw in the Linux kernel. On PowerPC systems, a local, unprivileged user could use this flaw to cause a denial of service...

4.9CVSS4.2AI score0.00397EPSS
Exploits1References10Affected Software1
Veracode
Veracode
•added 2020/04/10 1:10 a.m.•34 views

Denial Of Service (DoS)

openssl is vulnerable to denial of service. A denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially-crafted X.509 certificate that has malformed RFC 3779...

4.3CVSS3.2AI score0.09331EPSS
Exploits0References14Affected Software1
Veracode
Veracode
•added 2020/04/10 1:10 a.m.•34 views

Privilege Escalation

openjdk is vulnerable to privilege escalation. The vulnerability exists as the AtomicReferenceArray class implementation did not properly check if the array was of the expected Object type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions...

3.6CVSS2.9AI score0.0168EPSS
Exploits0References10Affected Software1
Veracode
Veracode
•added 2020/04/10 1:8 a.m.•34 views

Privilege Escalation

glibc is vulnerable to privilege escalation. A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd...

6.9CVSS4AI score0.00538EPSS
Exploits1References16Affected Software1
Veracode
Veracode
•added 2020/04/10 1:8 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the Linux kernel's Journaling Block Device JBD. A local attacker could use this flaw to crash the system by mounting a specially-crafted ext3 or ext4 disk...

2.1CVSS2.7AI score0.0049EPSS
Exploits2References15Affected Software2
Veracode
Veracode
•added 2020/04/10 1:8 a.m.•34 views

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution. A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by...

6.9CVSS3.2AI score0.00556EPSS
Exploits1References11Affected Software2
Veracode
Veracode
•added 2020/04/10 1:8 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A missing validation flaw was found in the Linux kernel's mstop implementation. A local, unprivileged user could use this flaw to trigger a denial of service...

5.5CVSS3.8AI score0.00367EPSS
Exploits0References10Affected Software2
Veracode
Veracode
•added 2020/04/10 1:8 a.m.•34 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

7.5CVSS5.1AI score0.03761EPSS
Exploits0References37Affected Software3
Veracode
Veracode
•added 2020/04/10 1:7 a.m.•34 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way Firefox parsed certain Scalable Vector Graphics SVG image files that contained eXtensible Style Sheet language Transformations XSLT. A web page containing a malicious SVG image file could...

9.3CVSS2.9AI score0.05809EPSS
Exploits0References16Affected Software3
Veracode
Veracode
•added 2020/04/10 1:6 a.m.•34 views

Arbitrary Code Execution

libarchive is vulnerable to arbitrary code execution. The vulnerability exists when a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code wit...

6.8CVSS5.2AI score0.04246EPSS
Exploits0References9Affected Software1
Veracode
Veracode
•added 2020/04/10 1:5 a.m.•34 views

Privilege Escalation

qemu-kvm is vulnerable to privilege escalation. It was found that qemu-kvm did not properly drop supplemental group privileges when the root user started guests from the command line "/usr/libexec/qemu-kvm" with the "-runas" option. A qemu-kvm process started this way could use this flaw to gain...

2.1CVSS2.1AI score0.00435EPSS
Exploits0References19Affected Software1
Veracode
Veracode
•added 2020/04/10 1:3 a.m.•34 views

Denial Of Service (DoS)

php is vulnerable to denial of service DoS. The vulnerability exists as multiple memory leak flaws were found in the PHP OpenSSL extension. A remote attacker able to make a PHP script use opensslencrypt or openssldecrypt repeatedly could cause the PHP interpreter to use an excessive amount of...

4.3CVSS2.6AI score0.13205EPSS
Exploits2References12Affected Software1
Veracode
Veracode
•added 2020/04/10 1:1 a.m.•34 views

Denial Of Service (DoS)

subversion is vulnerable to denial of service. An infinite loop flaw was found in the way the moddavsvn module processed certain data sets. If the SVNPathAuthz directive was set to "shortcircuit", and path-based access control for files and directories was enabled, a malicious, remote user could...

4.3CVSS2.1AI score0.08483EPSS
Exploits2References23Affected Software1
Veracode
Veracode
•added 2020/04/10 12:59 a.m.•34 views

Authentication Bypass

openldap is vulnerable to authentication bypass. The vulnerability exists as a flaw was found in the way OpenLDAP handled authentication failures being passed from an OpenLDAP slave to the master. If OpenLDAP was configured with a chain overlay and it forwarded authentication failures, OpenLDAP...

4.6CVSS1.6AI score0.02959EPSS
Exploits0References23Affected Software1
Veracode
Veracode
•added 2020/04/10 12:59 a.m.•34 views

HTTP Response Splitting

perl is vulnerable to HTTP response splitting. The vulnerability exists as it was found that the Perl CGI module used a hard-coded value for the MIME boundary string in multipart/x-mixed-replace content. A remote attacker could possibly use this flaw to conduct an HTTP response splitting attack v...

4.3CVSS0.8AI score0.02713EPSS
Exploits0References38Affected Software1
Veracode
Veracode
•added 2020/04/10 12:58 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A divide-by-zero flaw was found in the tcpselectinitialwindow function in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to trigger a denial of service by calling setsockopt with certain options...

4.9CVSS3.7AI score0.01355EPSS
Exploits15References27Affected Software2
Veracode
Veracode
•added 2020/04/10 12:58 a.m.•34 views

Arbitrary Code Execution

thunderbird/firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...

10CVSS2.9AI score0.05772EPSS
Exploits0References18Affected Software4
Veracode
Veracode
•added 2020/04/10 12:58 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The vulnerability exists as a missing validation check was found in the Linux kernel's signals implementation. A local, unprivileged user could use this flaw to send signals via the sigqueueinfo system call, with the sicode set to SITKILL and with spoofe...

3.6CVSS4.2AI score0.00489EPSS
Exploits2References11Affected Software1
Veracode
Veracode
•added 2020/04/10 12:57 a.m.•34 views

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as an array index error and an integer signedness error were found in the way OpenOffice.org parsed certain Rich Text Format RTF files. An attacker could use these flaws to create a specially-crafted RTF file that,...

9.3CVSS4.5AI score0.10274EPSS
Exploits0References26Affected Software1
Veracode
Veracode
•added 2020/04/10 12:56 a.m.•34 views

Arbitrary Code Execution

thunderbird is vulnerable to arbitrary code execution. The vulnerability exists through as a HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird...

10CVSS3.1AI score0.0507EPSS
Exploits0References13Affected Software3
Veracode
Veracode
•added 2020/04/10 12:53 a.m.•34 views

Cross-site Scripting (XSS)

php is vulnerable to cross-site scripting XSS. The vulnerability exists as a numeric truncation error and an input validation flaw were found in the way the PHP utf8decode function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escape...

6.8CVSS1.1AI score0.11281EPSS
Exploits1References38Affected Software1
Veracode
Veracode
•added 2020/04/10 12:53 a.m.•34 views

Denial Of Service (DoS)

mysql is vulnerable to denial of service DoS. The vulnerability exists as a flaw in the way MySQL handled LOAD DATA INFILE requests allowed MySQL to send OK packets even when there were errors...

4CVSS3.7AI score0.12229EPSS
Exploits1References20Affected Software1
Veracode
Veracode
•added 2020/04/10 12:50 a.m.•34 views

Arbitrary Code Execution

seamonkey is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey...

9.3CVSS4.8AI score0.08669EPSS
Exploits0References34Affected Software4
Veracode
Veracode
•added 2020/04/10 12:50 a.m.•34 views

Arbitrary Code Execution

seamonkey is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey...

9.3CVSS4.8AI score0.04812EPSS
Exploits0References21Affected Software4
Veracode
Veracode
•added 2020/04/10 12:49 a.m.•34 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service DoS. The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file...

8.3CVSS2.4AI score0.00812EPSS
Exploits0References19Affected Software1
Veracode
Veracode
•added 2020/04/10 12:49 a.m.•34 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service DoS. The vulnerability exists as wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file...

4.3CVSS2.4AI score0.01705EPSS
Exploits0References22Affected Software1
Veracode
Veracode
•added 2020/04/10 12:48 a.m.•34 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

9.3CVSS5.1AI score0.06527EPSS
Exploits0References19Affected Software6
Veracode
Veracode
•added 2020/04/10 12:44 a.m.•34 views

Arbitrary Code Execution

tetex is vulnerable to arbitrary code execution. The vulnerability exists through the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash...

6.8CVSS3.6AI score0.0343EPSS
Exploits1References12Affected Software1
Veracode
Veracode
•added 2020/04/10 12:43 a.m.•34 views

Denial Of Service (DoS)

libpng is vulnerable to denial of service DoS. The vulnerability exists as a memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale sCAL extension. An attacker could create a specially-crafted PNG image that could cause an...

6.5CVSS2.1AI score0.02628EPSS
Exploits0References44Affected Software1
Veracode
Veracode
•added 2020/04/10 12:43 a.m.•34 views

Denial Of Service (DoS)

Mozilla Firefox is vulnerable to denial of service DoS. A focus stealing flaw was found in the way Firefox handled focus changes. A malicious website could use this flaw to steal sensitive data from a user, such as user names and passwords...

5.8CVSS1.1AI score0.02018EPSS
Exploits0References52Affected Software7
Veracode
Veracode
•added 2020/04/10 12:43 a.m.•34 views

Authorization Bypass

firefox is vulnerable to authorization bypass. The vulnerability exists as a flaw was found in the Firefox XML document loading security checks. Certain security checks were not being called when an XML document was loaded. This could possibly be leveraged later by an attacker to load certain...

4.3CVSS2AI score0.0119EPSS
Exploits0References22Affected Software7
Veracode
Veracode
•added 2020/04/10 12:43 a.m.•34 views

Denial Of Service (DoS)

Mozilla Thunderbird is Denial of Service DoS. It is possible because it processes e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted...

4.3CVSS7.3AI score0.03186EPSS
Exploits1References15Affected Software2
Veracode
Veracode
•added 2020/04/10 12:42 a.m.•34 views

Cross-site Scripting (XSS)

SeaMonkey is vulnerable to cross-site scripting XSS. The attack is possible because remote attackers can perform cross-origin keystroke capture, and possibly conduct cross-site scripting XSS attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object...

4.3CVSS3.2AI score0.01775EPSS
Exploits1References8Affected Software4
Veracode
Veracode
•added 2020/04/10 12:41 a.m.•35 views

Spoofed Content Association

Mozilla Firefox allows spoofed content association. A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid address. If a user visits an attacker-controlled web page that results in a blank page, the attacker could inject content into that blank page, possib...

6.8CVSS3.6AI score0.02539EPSS
Exploits6References28Affected Software2
Veracode
Veracode
•added 2020/04/10 12:40 a.m.•34 views

Arbitrary Code Execution

ibm java is vulnerable to arbitrary code execution. An attacker is able to execute arbitrary code by modifying certain JNLP file to point a URL to an untrusted application...

9.3CVSS4.1AI score0.06182EPSS
Exploits1References22Affected Software1
Veracode
Veracode
•added 2020/04/10 12:39 a.m.•34 views

Information Disclosure

The kernel package is vulnerable to Information Disclosure. An information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode...

2.1CVSS2.9AI score0.00414EPSS
Exploits0References28Affected Software2
Veracode
Veracode
•added 2020/04/10 12:36 a.m.•34 views

Unauthorized Replacement

SeaMonkey is vulnerable to unauthorized replacement. Due to a law found in the way SeaMonkey creates temporary file names for downloaded files. If a local attacker knows the name of a file SeaMonkey is going to download, they can replace the contents of that file with arbitrary contents...

4.4CVSS3.2AI score0.00292EPSS
Exploits2References15Affected Software5
Veracode
Veracode
•added 2020/04/10 12:35 a.m.•34 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. Multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially-crafted ext4 file system...

4.9CVSS2.9AI score0.00412EPSS
Exploits0References21Affected Software1
Veracode
Veracode
•added 2020/04/10 12:35 a.m.•34 views

Arbitrary Code Execution

python is vulnerable to Arbitrary Code Execution. Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute...

5.8CVSS7.4AI score0.12488EPSS
Exploits1References51Affected Software1
Veracode
Veracode
•added 2020/04/10 12:35 a.m.•34 views

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS. The vulnerability exists as a deadlock flaw was found in the Linux kernel splice implementation. This deadlock could occur during interactions between the genericfilesplicewrite and splicefrompipe functions, possibly leading to a partial denial of...

4.7CVSS4.3AI score0.00589EPSS
Exploits1References23Affected Software1
Veracode
Veracode
•added 2020/04/10 12:32 a.m.•34 views

Arbitrary Code Execution

xpdf is vulnerable to arbitrary code execution. The vulnerability exists as an attacker could create a malicious PDF file that would cause Xpdf to crash or, potentially, execute arbitrary code when opened...

4.3CVSS4.8AI score0.02577EPSS
Exploits1References53Affected Software5
Veracode
Veracode
•added 2020/04/10 12:30 a.m.•34 views

Privilege Escalation

java is vulnerable to privilege escalation. The vulnerability exists as a flaw in the Java Runtime Environment Virtual Machine code generation functionality could allow untrusted applets to extend their privileges. An untrusted applet could extend its privileges, allowing it to read and write loc...

6.4CVSS3.7AI score0.04574EPSS
Exploits0References30Affected Software1
Veracode
Veracode
•added 2020/04/10 12:29 a.m.•34 views

Denial Of Service (DoS)

cups is vulnerable to denial of service DoS. The vulnerability exists as a null pointer dereference flaw was found in the way CUPS handled subscriptions for printing job completion notifications. A local user could use this flaw to crash the CUPS daemon by submitting a large number of printing jo...

7.5CVSS0.9AI score0.0921EPSS
Exploits1References23Affected Software1
Veracode
Veracode
•added 2020/04/10 12:28 a.m.•34 views

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS.Flaws in MySQL allowed an authenticated user to cause the MySQL daemon to crash via crafted SQL queries. This only caused a temporary denial of service, as the MySQL daemon is automatically restarted after the crash...

3.5CVSS3.3AI score0.01972EPSS
Exploits0References13Affected Software1
Veracode
Veracode
•added 2020/04/10 12:28 a.m.•34 views

Same-Origin Policy Bypass

seamonkey is vulnerable to same-origin policy bypass. Several flaws were found in the way malformed content was processed. A website containing specially-crafted content could potentially trick a SeaMonkey user into surrendering sensitive information...

6.8CVSS2.6AI score0.02091EPSS
Exploits0References43Affected Software6
Veracode
Veracode
•added 2020/04/10 12:26 a.m.•34 views

Privilege Escalation

kernel is vulnerable to privilege escalation. A missing capability check was found in the Linux kernel dochangetype routine. This could allow a local unprivileged user to gain privileged access or cause a denial of service...

7.8CVSS4.9AI score0.00375EPSS
Exploits0References23Affected Software1
Veracode
Veracode
•added 2020/04/10 12:25 a.m.•34 views

Privilege Escalation

seamonkey is vulnerable to privilege escalation. The vulnerability exists as a web page containing specially crafted content could potentially trick a SeaMonkey user into surrendering sensitive information...

7.5CVSS3.6AI score0.02143EPSS
Exploits1References45Affected Software3
Veracode
Veracode
•added 2020/04/10 12:22 a.m.•34 views

Information Disclosure

kernel is vulnerable to information disclosure. A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not zero the...

4.9CVSS2AI score0.0057EPSS
Exploits1References20Affected Software1
Veracode
Veracode
•added 2020/04/10 12:20 a.m.•34 views

Privilege Escalation

e2fsprogs is vulnerable to privilege escalation. The vulnerability exists when a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized...

5.8CVSS3AI score0.03978EPSS
Exploits0References40Affected Software1
Veracode
Veracode
•added 2020/04/10 12:20 a.m.•34 views

Spoofing Attack

kernel is vulnerable to spoofing attacks. A flaw in the CIFS handling of the mount option sec= that didn't enable integrity checking and didn't produce any error message...

4.3CVSS2.2AI score0.02624EPSS
Exploits0References20Affected Software1
Total number of security vulnerabilities5000