38273 results (0.029 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A buffer overflow leading to a denial of service has been found in the NVD Tools, a collection of tools for working with National Vulnerability Database feeds. • https://github.com/facebookincubator/nvdtools https://github.com/facebookincubator/nvdtools/pull/201/commits/81447a60e831223814cc146df3bb172dfd4d52f8 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9 are susceptible to a Denial of Service (DoS) vulnerability. • https://security.netapp.com/advisory/ntap-20241108-0001 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

El Actualizador de software de Elefant (ESU) consta de dos componentes. • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Los atacantes con acceso local al equipo del consultorio médico pueden escalar sus privilegios de usuario de Windows a "NT AUTHORITY\SYSTEM" sobrescribiendo uno de los dos binarios de servicio de Elefant con permisos débiles. ... Además, el instalador de Elefant registra dos servicios de base de datos de Firebird que se ejecutan como "NT AUTHORITY\SYSTEM". • https://hasomed.de/produkte/elefant https://r.sec-consult.com/hasomed • CWE-250: Execution with Unnecessary Privileges CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. • https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f https://github.com/moxystudio/node-cross-spawn/pull/160 https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 • CWE-1333: Inefficient Regular Expression Complexity •