137 matches found
CVE-2019-0211
CVE-2019-0211 affects Apache HTTP Server 2.4.17–2.4.38 when using MPM event, worker, or prefork. The issue arises from code executing in less-privileged child processes/threads (including in-process scripting interpreters) that could be exploited to run arbitrary code with the privileges of the p...
CVE-2019-9513
CVE-2019-9513 (and related HTTP/2 CVEs) affect nginx and nghttp2. The issues enable denial of service via HTTP/2 resource loops and priority/window manipulation, causing high CPU/memory usage. nginx 1.16.x and nghttp2 are specifically named in advisories; remediation is upgrading to fixed package...
CVE-2019-9517
CVE-2019-9517 describes an attack against some HTTP/2 implementations where unconstrained internal data buffering can cause a denial of service. The vulnerability arises when an attacker floods a connection with a large number of requests for a large response object while manipulating HTTP/2 flow...
CVE-2021-40438
CVE-2021-40438 is an SSRF flaw in Apache HTTP Server 2.4.x through older revisions where a crafted request URI path can cause mod_proxy to forward the request to an origin server chosen by the remote user. The issue affects Apache httpd 2.4.48 and earlier; the CVSSv3.1 base score is 9.0 (CRITICAL...
CVE-2019-11043
CVE-2019-11043 affects PHP in FPM configurations where known underflow in env_path_info in fpm_main.c allows writing past buffers, enabling remote code execution. Affected versions are PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, and 7.3.x
CVE-2019-9511
CVE-2019-9511 is an HTTP/2 denial-of-service issue observed in multiple products where an attacker manipulates HTTP/2 window size and stream prioritization to force queuing of data in 1-byte chunks, potentially exhausting CPU/memory. Connected advisories confirm affected components include nginx ...
CVE-2020-9490
CVE-2020-9490 affects Apache HTTP Server versions 2.4.20–2.4.43. A specially crafted value for the Cache-Digest header in an HTTP/2 request could cause a crash when the server subsequently attempts to HTTP/2 PUSH a resource. Mitigation for unpatched servers is to disable HTTP/2 PUSH via H2Push of...
CVE-2019-9516
CVE-2019-9516 is an HTTP/2 header leak vulnerability affecting nginx and several Linux distributions. The issue occurs when an attacker sends streams with 0-length header names and values (optionally Huffman encoded), causing nginx to allocate memory for headers that may be kept until the session...
CVE-2021-3426
CVE-2021-3426 corresponds to a vulnerability in Python’s pydoc where the getfile feature could be abused to read arbitrary files. The linked sources confirm the issue affects Python versions prior to specific releases (e.g., Python before 3.8.9, 3.9.3, and 3.10.0a7 per the CVE description) and no...
CVE-2021-4104
CVE-2021-4104 affects JMSAppender in Log4j 1.2 when it is explicitly configured to use JMSAppender. A deserialization of untrusted data can occur if an attacker can write Log4j configuration and supply TopicBindingName and TopicConnectionFactoryBindingName, causing JMSAppender to perform JNDI req...
CVE-2023-2454
CVE-2023-2454 concerns PostgreSQL; a flaw in schema_element defeats protective search_path changes could allow an authenticated user with database-level privileges to run arbitrary code. This has been observed in multiple advisories (including Astra Linux and Amazon Linux 2 notes) and is linked t...
CVE-2023-5869
CVE-2023-5869 (PostgreSQL) : A flaw in PostgreSQL enables authenticated database users to execute arbitrary code via missing overflow checks during SQL array value modification, caused by an integer overflow when modifying arrays. The described impact includes arbitrary write/read of memory and p...
CVE-2016-0752
CVE-2016-0752 is a directory-traversal flaw in Rails’ Action View triggered when untrusted input is passed to render, allowing remote read of arbitrary files via a path containing .. and linked to incomplete fixes that affected Rails 3.2.x/4.x. The vulnerability stems from Action View’s rendering...
CVE-2023-0056
CVE-2023-0056 affects HAProxy and is described in connected advisories as an uncontrolled resource consumption DoS that can crash the service, including a scenario where an authenticated remote attacker could trigger a crafted server in an OpenShift cluster. The issue is associated with HAProxy’s...
CVE-2019-9638
CVE-2019-9638 affects PHP’s EXIF component. Root cause: uninitialized read in exif_process_IFD_in_MAKERNOTE due to mishandling maker_note->offset/value_len. Affected versions: PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Impact is potential arbitrary code execution on the sy...
CVE-2019-9639
CVE-2019-9639 affects the PHP EXIF extension: uninitialized read in exif_process_IFD_in_MAKERNOTE (data_len mishandling) on PHP < 7.1.27, < 7.2.16, and
CVE-2019-9514
CVE-2019-9514 corresponds to an HTTP/2 vulnerability where an attacker floods a peer by sending HEADERS frames, causing unbounded memory growth and potential DoS. Public details in connected advisories show affected stacks include Go HTTP/2 implementations and Go-based tools, with remediation via...
CVE-2020-10735
CVE-2020-10735 affects Python’s integer parsing with non-binary bases, where int("text") on very long digit strings can cause a CPU DoS, impacting availability. The flaw is present in Python’s PyLong_FromString path and manifests in quadratic-time scenarios when parsing large decimal-like strings...
CVE-2021-4189
CVE-2021-4189 affects Python’s FTP (ftplib) client: in PASV mode it trusts the host from the PASV response by default, enabling a malicious FTP server to trick clients into connecting back to an attacker-specified IP/port (potential port scanning). Debian LTS postings and other advisories explici...
CVE-2023-2455
CVE-2023-2455 describes a vulnerability in PostgreSQL row-level security where policies can be misapplied when a query plan is reused across different roles (e.g., security definer, or a common user plan executed under multiple SET ROLEs). The issue arises when policy evaluation depends on the in...
CVE-2019-11042
CVE-2019-11042 affects PHP’s EXIF extension when parsing EXIF data (exif_read_data) across PHP 7.1.x < 7.1.31, 7.2.x < 7.2.21, and 7.3.x
CVE-2019-11041
CVE-2019-11041 affects PHP EXIF parsing (exif_read_data) and can read past the allocated buffer, enabling information disclosure or crash. Affected PHP versions are 7.1.x < 7.1.31, 7.2.x < 7.2.21, and 7.3.x
CVE-2021-32027
CVE-2021-32027 is documented across multiple connected advisories as a PostgreSQL flaw in which, on versions prior to 13.3, 12.7, 11.12, 10.17, and 9.6.22, authenticated database users could write arbitrary bytes into server memory while modifying certain SQL array values due to missing bounds ch...
CVE-2023-5868
CVE-2023-5868 affects PostgreSQL memory handling via certain aggregate calls with unknown-type arguments, allowing remote access to parts of server memory through excessive output in aggregates. The issue is documented across multiple vendors' advisories, with remediation generally involving upgr...
CVE-2019-11038
CVE-2019-11038 affects the GD Graphics Library (LibGD) 2.2.5 as used in the PHP gd extension. The flaw arises in gdImageCreateFromXbm(), where input data can cause the function to use an uninitialized variable, potentially leaking contents from stack memory. Affected PHP branches are 7.1.x below ...
CVE-2019-16056
CVE-2019-16056 : Debian LTS advisories fix a vulnerability in the Python email module where addresses containing multiple @ characters can bypass checks on From/To headers, potentially causing an application to accept an invalid address. The issue affects Python 2.7 as documented in DLA-2337-1 an...
CVE-2019-11039
CVE-2019-11039 – PHP iconv_mime_decode_headers out-of-buffer read Description: The vulnerability arises in PHP’s MIME header parsing in function iconv_mime_decode_headers(), vulnerable versions include PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, and 7.3.x
CVE-2019-11040
CVE-2019-11040 describes a heap/buffer over-read in PHP’s EXIF extension during EXIF data parsing (exif_read_data()). Affected are PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, and 7.3.x
CVE-2021-23214
CVE-2021-23214 describes a MITM risk in PostgreSQL when using trust authentication with a client certificate requirement or cert authentication, enabling an attacker to inject arbitrary SQL on the first connection even with SSL verification. Connected advisories (ALAS/Amazon) confirm affected Pos...
CVE-2019-11036
CVE-2019-11036 involves a heap-based buffer over-read in the PHP EXIF extension when processing EXIF data, potentially allowing information disclosure or a crash. The connected advisories confirm this issue and related EXIF problems (CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038–...
CVE-2023-5870
Summary (CVE-2023-5870) : PostgreSQL vulnerability where the pg_cancel_backend role can signal background workers (including the autovacuum launcher and logical replication launcher). The underlying issue is that signaling is possible for non-core extensions with less-resilient background workers...
CVE-2019-9518
CVE-2019-9518 describes a denial-of-service risk in HTTP/2 where a flood of frames with empty payloads (DATA, HEADERS, CONTINUATION, PUSH_PROMISE) and no end-of-stream flag can exhaust CPU and memory. Connected docs confirm concrete mentions across multiple ecosystems: Cloud Foundry products (emp...
CVE-2019-10906
CVE-2019-10906 affects Pallets Jinja2 before 2.10.1. The vulnerability arises from str.format_map allowing a sandbox escape, enabling potentially untrusted template code to escape sandbox restrictions. The issue is blocked to Jinja2’s sandboxed evaluation and affects environments using Pallets Ji...
CVE-2019-9515
CVE-2019-9515 concerns an HTTP/2 settings flood that can cause memory/CPU exhaustion. Arista’s security advisory (Security Advisory 0043) states the vulnerability is in Go’s gRPC HTTP/2 usage and can affect TerminAttr, OpenConfig, CVP, and certain Wi‑Fi OpenConfig-enabled components when enabled....
CVE-2019-15605
CVE-2019-15605 describes HTTP request smuggling due to malformed Transfer-Encoding in Node.js contexts. Connected advisories show affected components as http-parser across various Linux distributions and Node.js builds, with remediation via updating http-parser (and related Node.js packages) to p...
CVE-2021-41819
CVE-2021-41819 affects Ruby and the CGI::Cookie.parse function; Ruby up to 2.6.8 (and CGI gem up to 0.3.0) mishandle security prefixes in cookie names, enabling cookie-prefix spoofing. Public advisories confirm this and list affected Ruby versions across multiple distributions (AL2, AL2 Ruby3.0 e...
CVE-2019-11034
CVE-2019-11034 (and related CVEs) affects PHP’s EXIF extension. The issue is a heap-based/over-read when processing certain files that allows reading beyond allocated buffers via exif_process_IFD_TAG (and related functions such as exif_iif_add_value). Affected PHP branches: 7.1.x < 7.1.28, 7.2...
CVE-2021-3393
CVE-2021-3393 affects PostgreSQL: information leakage where a user with UPDATE but not SELECT permission on a column could cause error messages to reveal values from that column. Versions affected are before 13.2, before 12.6, and before 11.11. Fixes are available by upgrading to PostgreSQL 13.2+...
CVE-2019-11035
CVE-2019-11035 affects the PHP EXIF extension: reading past the allocated buffer in exif_iif_add_value can disclose information or crash. Affected are PHP 7.1.x < 7.1.28, 7.2.x < 7.2.17, and 7.3.x
CVE-2019-2534
CVE-2019-2534 affects Oracle MySQL Server (subcomponent: Server: Replication). Affected versions are 5.6.42 and earlier, 5.7.24 and earlier, and 8.0.13 and earlier. The vulnerability is exploitable by a low-privileged attacker with network access via multiple protocols, potentially leading to una...
CVE-2020-1720
CVE-2020-1720 discusses a PostgreSQL flaw in ALTER ... DEPENDS ON EXTENSION where sub-commands did not perform authorization checks. An authenticated attacker could, in certain configurations, drop objects (functions, triggers, etc.) causing database corruption. Affected versions are PostgreSQL p...
CVE-2017-12613
CVE-2017-12613 affects the Apache Portable Runtime (APR) library: out-of-bounds memory access when apr_time_exp*() or apr_os_exp_time*() are given an invalid month, potentially exposing heap contents or triggering a denial of service. A fix was released in APR 1.6.3 (and later backported in some ...
CVE-2019-2531
CVE-2019-2531 affects the MySQL Server component (subcomponent: Server: Replication) of Oracle MySQL. Affected versions are 5.6.42 and earlier, 5.7.24 and earlier, and 8.0.13 and earlier. The vulnerability allows a high-privileged, network-access attacker to cause a hang or a frequent crash (DOS)...
CVE-2019-9640
CVE-2019-9640 affects the PHP EXIF extension with an Invalid Read in exif_process_SOFn. The issue is present in PHP builds before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. The connected documentation confirms this exact fault and notes critical exposure. Impact is memory read access th...
CVE-2021-41817
CVE-2021-41817 is a Ruby-related ReDoS in Date parsing. The vulnerability affects Ruby’s date parsing pathways (notably date parsing methods) up to versions around 3.2.0, enabling denial-of-service via crafted date strings. The fixed releases cited in the sources are 3.2.1, 3.1.2, 3.0.2, and 2.0....
CVE-2019-2738
CVE-2019-2738 affects Oracle MySQL Server (subcomponent: Server: Compiling). Affected versions include 5.6.44 and prior, 5.7.26 and prior, and 8.0.16 and prior. The vulnerability allows a low privileged, network-accessed attacker to read a subset of MySQL Server data. The provided connected docum...
CVE-2021-3677
CVE-2021-3677 is a memory disclosure flaw in PostgreSQL. A purpose-crafted query can read arbitrary server-memory bytes. In default configurations, any authenticated database user can trigger the attack without creating objects; if max_worker_processes=0, known variants are infeasible, though und...
CVE-2019-5418
CVE-2019-5418 (Rails/Action View) affects Rails/Action View versions prior to 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1 and v3. The flaw is a File Content Disclosure via specially crafted accept headers in combination with calls to render file:, allowing an attacker to disclose contents of arbitrary fi...
CVE-2019-2797
CVE-2019-2797 affects Oracle MySQL Server (Client programs subcomponent). Affected: MySQL Server in Oracle MySQL with versions 5.7.26 and earlier and 8.0.16 and earlier. Impact: high-privileged attacker with access to the physical network segment can cause the MySQL Server to hang or crash (DoS)....
CVE-2019-2755
CVE-2019-2755 affects the MySQL Server component of Oracle MySQL (Server: Replication). The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (complete DoS) of MySQL Server. Affected versions incl...