45 matches found
CVE-2021-44790
CVE-2021-44790 affects Apache HTTP Server up to version 2.4.51. It describes a buffer overflow in the mod_lua multipart parser (triggered via r:parsebody() from Lua scripts). Connected documents corroborate this in various advisories and patch notes, indicating releases with fixes (e.g., patched ...
CVE-2020-11023
The connected Astra Linux bulletin confirms CVE-2020-11023: in jQuery versions >= 1.0.3 and < 3.5.0, passing HTML containing elements from untrusted sources to DOM manipulation methods (e.g., .html(), .append()) may lead to untrusted code execution. Patch released in jQuery 3.5.0. Remediat...
CVE-2021-23017
CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2021-44224
CVE-2021-44224 concerns Apache HTTP Server (httpd) with the mod_proxy forward proxy configuration. A crafted URI to a forward proxy (ProxyRequests on) can trigger a NULL pointer dereference, causing a crash. In configurations that mix forward and reverse proxy declarations, it can enable requests...
CVE-2021-41182
CVE-2021-41182 is an XSS in the jQuery-UI Datepicker altField path (embedded in some OTRS deployments). Affected version observed as 1.12.1 copy; the issue is fixed in jQuery UI 1.13.0 by treating any altField value as a CSS selector. Debris from related CVEs (41183/41184) describe similar issues...
CVE-2021-41184
CVE-2021-41184 describes an XSS in jQuery-UI before 1.13.0 where untrusted input passed to the of option of the .position() utility could lead to code execution. The connected documents confirm the issue affects jQuery-UI embedded in other software (e.g., OTRS/IU contexts) and state the fix is to...
CVE-2019-5482
CVE-2019-5482 is a heap buffer overflow in curl/libcurl’s TFTP handler (tftp_receive_packet) affecting curl versions up to 7.65.3. Public advisories detail that a small TFTP blocksize can trigger overflow, potentially enabling DoS or arbitrary code execution. Public fixes exist across distributio...
CVE-2019-16056
CVE-2019-16056 : Debian LTS advisories fix a vulnerability in the Python email module where addresses containing multiple @ characters can bypass checks on From/To headers, potentially causing an application to accept an invalid address. The issue affects Python 2.7 as documented in DLA-2337-1 an...
CVE-2021-41183
CVE-2021-41183 concerns jQuery-UI’s Datepicker in the embedded jQuery-UI copy used by OTRS (notably in the 1.12.1 series). The vulnerability arises from accepting values for the various *Text options from untrusted sources, which could allow execution of untrusted code. The issue is fixed in jQue...
CVE-2019-5481
CVE-2019-5481 is a double-free vulnerability in curl’s FTP-Kerberos code, affecting curl 7.52.0 through 7.65.3. Exploitation involves a malicious FTP server sending a very large data block, which can cause memory corruption leading to a crash or denial of service (DoS). Multiple connected advisor...
CVE-2021-32762
CVE-2021-32762 affects Redis components (redis-cli, redis-sentinel) via an integer overflow when parsing large multi-bulk network replies due to an overflow in the underlying hiredis library. The vulnerability can lead to heap overflow on affected platforms, with fixed defaults noted: the vulnera...
CVE-2019-15165
The CVE-2019-15165 issue affects libpcap: sf-pcapng.c in libpcap before 1.9.1 fails to validate PHB header length before memory allocation, enabling potential memory exhaustion. Confirmed references from multiple advisories indicate the vulnerability is addressed by upgrading to libpcap 1.9.1 or ...
CVE-2019-3822
CVE-2019-3822 affects libcurl 7.36.0 through before 7.64.0. The vulnerability is a stack-based buffer overflow in the NTLM header creation path: Curl_auth_create_ntlm_type3_message() uses unsigned arithmetic to guard a local buffer, but the check is insufficient, allowing the output data to excee...
CVE-2021-32626
CVE-2021-32626 affects Redis with Lua scripting. Specifically crafted Lua scripts can overflow the heap-based Lua stack due to insufficient checks, leading to heap corruption and potential remote code execution. Affected: Redis versions supporting Lua scripting (from 2.6 onward). Remediation: upg...
CVE-2021-41099
Redis EoF/heap corruption CVE-2021-41099 arises from an integer overflow in the Redis string library when proto-max-bulk-len is set to an excessively large value, allowing crafted network payloads to potentially cause denial of service or remote code execution through heap corruption. Affected ve...
CVE-2021-32675
CVE-2021-32675 affects Redis and is triggered by parsing Redis Standard Protocol (RESP) requests. An attacker can craft requests to cause Redis to allocate large amounts of memory across multiple connections, potentially impacting availability. The issue is tied to the RESP parsing path and authe...
CVE-2019-10192
CVE-2019-10192 is a heap-buffer overflow in Redis HyperLogLog used by SETRANGE. Affected: Redis HyperLogLog in 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. By corrupting a hyperloglog, an attacker can cause Redis to write up to 3 bytes beyond the end of a heap-allocated buffer. Imp...
CVE-2019-7164
CVE-2019-7164 affects SQLAlchemy up to 1.2.17 and 1.3.x up to 1.3.0b2, allowing SQL Injection when the order_by parameter is controlled. The connected exploit repository (mlflow-cve-2019-7164) demonstrates a practical exploit pipeline using Docker/Hud and a Python test, indicating real-world appl...
CVE-2021-32672
Redis contains CVE-2021-32672, a vulnerability in the Redis Lua Debugger where the protocol parser can read data beyond the actual buffer when handling malformed requests. This affects Redis builds that include Lua debugging support (3.2+). The issue is mitigated by upgrading to patched releases:...
CVE-2022-24735
CVE-2022-24735 concerns Redis, where weaknesses in the Lua script execution environment allow a less-privileged user to inject Lua code that can execute with the (potentially higher) privileges of another Redis user. Affected versions are Redis prior to 7.0.0 or 6.2.7, with fixes in 7.0.0 and 6.2...
CVE-2019-10193
CVE-2019-10193 is a stack-buffer overflow in Redis HyperLogLog exposed by the SETRANGE usage. Affected branches are Redis 3.x before 3.2.13, 4.x before 4.0.14, and 5.x before 5.0.4. Exploitation could cause writes past the end of a stack-allocated buffer, per multiple connected advisories. Public...
CVE-2019-10219
The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...
CVE-2021-32687
CVE-2021-32687 describes an integer overflow in Redis affecting all versions, exploitable via set-max-intset-entries to corrupt the heap and potentially leak heap contents or enable remote code execution. Affected component is Redis’ intset handling when set-max-intset-entries is configured very ...
CVE-2018-16890
CVE-2018-16890 affects libcurl versions 7.36.0 to before 7.64.0. The NTLM type-2 handling path (lib/vauth/ntlm.c:ntlm_decode_type2_target) fails to validate incoming data, enabling an integer overflow that an attacker could abuse to trigger a heap read out-of-bounds. Related issues in the same se...
CVE-2019-7548
SQLAlchemy 1.2.17 is affected by CVE-2019-7548 and allows SQL Injection when the group_by parameter can be controlled. Connected documents confirm the vulnerable component is SQLAlchemy 1.2.17 and describe the injection via group_by as the root cause. The sources do not provide specific exploit d...
CVE-2021-32627
Redis has a heap-corruption vulnerability (CVE-2021-32627) caused by an integer overflow when modifying proto-max-bulk-len/client-query-buffer-limit to very large values, potentially enabling remote code execution. Affected Redis versions are fixed in 6.2.6, 6.0.16, and 5.0.14. The recommended re...
CVE-2021-32628
CVE-2021-32628 affects Redis. An integer overflow in the ziplist data structure can be triggered by setting very large ziplist-related configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries, zset-max-ziplist-value), leading to heap corruption and pote...
CVE-2019-3823
CVE-2019-3823 affects curl/libcurl from version 7.34.0 through before 7.64.0. The issue is a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn’t NUL terminated and contains no character ending the parsed number, and len is 5, a...
CVE-2020-14147
The CVE-2020-14147 issue is a vulnerability in Redis: an integer overflow in the getnum function of lua_struct.c on Redis builds before 6.0.3 can be triggered by processing large numbers in Lua code, leading to memory corruption, a denial of service (application crash), and potentially bypassing ...
CVE-2018-11219
CVE-2018-11219 is a Redis Lua subsystem integer overflow vulnerability (bounds checking failure) affecting Redis up to versions prior to 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2. The issue originates in lua_struct.c:b_unpack() and can lead to memory corruption or a crash. Public details ...
CVE-2018-11218
CVE-2018-11218 describes a memory corruption vulnerability in the Redis Lua subsystem’s cmsgpack handling, caused by stack-based buffer overflows. Affected Redis versions are before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2. Several connected sources reiter the issue as a Redis component ...
CVE-2022-24736
CVE-2022-24736 affects Redis up to versions 6.2.7 and 7.0.0. A crafted Lua script can trigger a NULL pointer dereference, crashing the redis-server process. The issue is fixed in Redis 7.0.0 and 6.2.7. A partial mitigation is to block SCRIPT LOAD and EVAL via ACL rules if Lua scripting isn’t used...
CVE-2017-3730
OpenSSL 1.1.0 before 1.1.0d is affected. A malicious server may supply bad DHE/ECDHE parameters causing the client to dereference a NULL pointer, resulting in a client crash and a Denial of Service. This is the explicit root cause described in multiple sources. Remediation is to upgrade to OpenSS...
CVE-2022-21246
CVE-2022-21246 affects Oracle Communications Operations Monitor (Mediation Engine). Affected versions: 3.4, 4.2, 4.3, 4.4 and 5.0. The vulnerability is exploitable with network access via HTTP by a low-privileged attacker; successful exploitation requires minimal user interaction. Impact per sour...
CVE-2022-21400
CVE-2022-21400 affects Oracle Communications Operations Monitor (component: Mediation Engine). Affected versions: 3.4, 4.2, 4.3, 4.4, 5.0. Exploitation requires network access via HTTP with low privileges and user interaction; successful attacks may lead to unauthorized update/insert/delete and r...
CVE-2022-21399
The CVE-2022-21399 entry describes a vulnerability in Oracle Communications Operations Monitor (component: Mediation Engine) affecting versions 3.4, 4.2, 4.3, 4.4 and 5.0. The vulnerability allows a high-privileged attacker with network access via HTTP to compromise the product, with potential un...
CVE-2022-21401
Oracle Communications Operations Monitor (Mediation Engine) is affected in versions 3.4, 4.2, 4.3, 4.4 and 5.0. An attacker with network access via HTTP and high privileges can exploit this to perform unauthorized updates, inserts, deletes, and read access to data, with potential partial denial o...
CVE-2022-21397
Oracle Communications Operations Monitor (Mediation Engine) is affected in versions 3.4, 4.2, 4.3, 4.4 and 5.0. The flaw allows a low-privilege, network-accessing attacker (HTTP) with user interaction to compromise data integrity and confidentiality, potentially enabling unauthorized read/update/...
CVE-2022-21402
Oracle Communications Operations Monitor (Mediation Engine) is affected in CVE-2022-21402 for versions 3.4, 4.2, 4.3, 4.4 and 5.0. The vulnerability enables a high-privilege attacker with network access via HTTP to compromise data confidentiality and integrity, with unauthorized read/update/delet...
CVE-2022-21396
CVE-2022-21396 affects Oracle Communications Operations Monitor (Mediation Engine). Affected versions: 3.4, 4.2, 4.3, 4.4 and 5.0. Vulnerability allows a low-privileged, network-accessible attacker to compromise via HTTP, with user interaction required, potentially leading to unauthorized update/...
CVE-2022-21395
CVE-2022-21395 affects Oracle Communications Operations Monitor (component: Mediation Engine) with affected versions 3.4, 4.2, 4.3, 4.4 and 5.0. The vulnerability allows a highly privileged attacker who can access the service over HTTP to compromise the monitor, potentially leading to takeover. T...
CVE-2022-21403
Summary of CVE-2022-21403 : A vulnerability in the Oracle Communications Operations Monitor product (component: Mediation Engine) affects versions 3.4, 4.2, 4.3, 4.4 and 5.0. An attacker with high privileges and network access via HTTP can compromise the monitor, potentially allowing unauthorized...
CVE-2022-21398
CVE-2022-21398 affects Oracle Communications Operations Monitor (Mediation Engine) with affected versions 3.4, 4.2, 4.3, 4.4 and 5.0. The entry describes a network-exploitable vulnerability allowing a low-privileged attacker with HTTP access to compromise data confidentiality and integrity, requi...
CVE-2016-3513
The CVE-2016-3513 entry concerns Oracle Communications Operations Monitor (part of Oracle Communications Applications) prior to version 3.3.92.0.0. A vulnerability exists in the Infrastructure-related area that allows remote authenticated users to affect confidentiality. Public information in NVD...