Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-252
Total 69 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34585 1 Codesys 1 Codesys 2021-11-23 5.0 MEDIUM 7.5 HIGH
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
CVE-2020-15191 2 Google, Opensuse 2 Tensorflow, Leap 2021-11-18 5.0 MEDIUM 5.3 MEDIUM
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition. However, this `status` argument is not properly checked. Hence, code following these methods will bind references to null pointers. This is undefined behavior and reported as an error if compiling with `-fsanitize=null`. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.
CVE-2005-4360 1 Microsoft 2 Internet Information Services, Windows Xp 2021-11-08 7.8 HIGH N/A
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
CVE-2021-31366 1 Juniper 17 Junos, Mx10, Mx10003 and 14 more 2021-10-25 3.3 LOW 6.5 MEDIUM
An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (AAA) services on the MX devices and leads to a Denial of Service (DoS) condition. Continued receipted of these PPP login request will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2.
CVE-2021-28675 2 Fedoraproject, Python 2 Fedora, Pillow 2021-09-14 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.
CVE-2021-29853 1 Ibm 1 Planning Analytics 2021-09-09 4.0 MEDIUM 4.3 MEDIUM
IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.
CVE-2021-29739 1 Ibm 1 Planning Analytics Local 2021-08-17 4.0 MEDIUM 4.9 MEDIUM
IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.
CVE-2021-37625 1 Skytable 1 Skytable 2021-08-12 5.0 MEDIUM 7.5 HIGH
Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.
CVE-2019-17178 3 Freerdp, Lodev, Opensuse 3 Freerdp, Lodepng, Leap 2021-07-21 5.0 MEDIUM 7.5 HIGH
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
CVE-2019-9372 1 Google 1 Android 2021-07-21 7.1 HIGH 6.5 MEDIUM
In libskia, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132782448
CVE-2016-10061 1 Imagemagick 1 Imagemagick 2021-04-28 4.3 MEDIUM 6.5 MEDIUM
The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.
CVE-2016-10060 1 Imagemagick 1 Imagemagick 2021-04-28 4.3 MEDIUM 6.5 MEDIUM
The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVE-2020-27898 1 Apple 1 Macos 2021-03-11 4.3 MEDIUM 5.5 MEDIUM
A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection.
CVE-2020-12372 1 Intel 1 Graphics Drivers 2021-02-22 2.1 LOW 5.5 MEDIUM
Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2021-26955 1 Xcb Project 1 Xcb 2021-02-18 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server.
CVE-2021-26958 1 Xcb Project 1 Xcb 2021-02-18 6.5 MEDIUM 8.8 HIGH
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmute to return a reference to an arbitrary type.
CVE-2019-15523 2 Debian, Linbit 2 Debian Linux, Csync2 2021-01-04 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.
CVE-1999-0199 1 Gnu 1 Glibc 2020-12-03 7.5 HIGH 9.8 CRITICAL
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
CVE-2007-5191 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2020-11-04 7.2 HIGH N/A
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
CVE-2020-4531 1 Ibm 2 Business Automation Workflow, Business Process Manager 2020-09-29 5.0 MEDIUM 5.3 MEDIUM
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182715.