Writeup Exploits
60,754 exploits tracked across all sources.
libtiff < 4.4.0 - Out-of-bounds Read in extractImageSection
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8.
CVSS 5.5
QEMU 4.2.0-7.0.0 - Denial of Service via Tulip DMA Reentrancy
A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn't check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers multiple times, possibly leading to a stack or heap overflow. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.
CVSS 7.8
GitLab CE/EE <15.1.6, <15.2.4, <15.3.2 - Info Disclosure
An improper access control issue in GitLab CE/EE affecting all versions starting before 15.1.6, all versions from 15.2 before 15.2.4, all versions from 15.3 before 15.3.2 allows disclosure of pipeline status to unauthorized users.
CVSS 4.3
GitLab CE/EE <15.1.6, <15.2.4, <15.3.2 - Info Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It may be possible for an attacker to guess a user's password by brute force by sending crafted requests to a specific endpoint, even if the victim user has 2FA enabled on their account.
CVSS 3.7
GitLab CE/EE <12.7 - Info Disclosure
Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests
CVSS 7.3
GitLab <15.2.5-15.4.1 - Info Disclosure
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. It was possible for an unauthorised user to create issues in a project.
CVSS 5.4
GitLab CE/EE <15.2.5-15.4.1 - Info Disclosure
An issue has been discovered in the Import functionality of GitLab CE/EE affecting all versions starting from 14.4 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. It was possible for an authenticated user to read arbitrary projects' content given the project's ID.
CVSS 6.5
QEMU 6.1.0-7.0.0 - Denial of Service via VNC ClientCutText Message Integer Underflow
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.
CVSS 6.5
Wireshark 3.4.0-3.4.15 and 3.6.0-3.6.7 - Denial of Service via F5 Ethernet Trailer Dissector Infinite Loop
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
CVSS 6.3
GitLab 12.4-15.6.6, 15.7-15.7.5, 15.8-15.8.0 - Authenticated Denial of Service via Large Issue Description
A lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage.
CVSS 6.5
hunter2 < 2.1.0 - Authenticated Cleartext Storage of Sensitive Information via Auto-Completion Input
An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses
CVSS 6.5
libtiff 3.9.0-4.4.0 - Heap Buffer Overflow in tiffcrop.c via Crafted TIFF Image
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
CVSS 7.7
libtiff 3.9.0-4.4.0 - Heap Buffer Overflow in tiffcrop.c via Crafted TIFF Image
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
CVSS 7.7
LibTIFF < 4.4.0 - Out-of-bounds Write via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Write via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
LibTIFF 4.4.0 - Out-of-bounds Write in extractContigSamplesShifted24bits
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
CVSS 5.5
LibTIFF 4.4.0 - Out-of-bounds Write in extractContigSamplesShifted24bits
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Read in tiffcrop writeSingleSection
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Read in tiffcrop writeSingleSection
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Write in _TIFFmemset via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Write in _TIFFmemset via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Write via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
LibTIFF < 4.4.0 - Out-of-bounds Write via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVSS 5.5
GitLab 10.8.0-15.1.5, 15.2.0-15.2.3, 15.3.0-15.3.1 - Denial of Service via Branch Creation
A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. Improper data handling on branch creation could have been used to trigger high CPU usage.
CVSS 4.3
Wireshark 3.6.0-3.6.8 - Denial of Service via USB HID Protocol Dissector
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows
CVSS 6.3
By Source