📦 Ontap Tools

This vulnerability is a buffer overflow in GLib's SOCKS4 proxy implementation due to an off-by-one error. It allows attackers to execute arbitrary code or cause denial of service by sending specially ...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Apache CXF's Aegis DataBinding component. It allows attackers to make unauthorized HTTP requests from the vulnerable server to ...

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

This vulnerability in Apache Tomcat allows attackers to cause denial of service by exploiting the TLS handshake process to trigger OutOfMemoryError conditions. It affects Tomcat versions 11.0.0-M1 thr...

CVE-2024-49761 is a Regular Expression Denial of Service (ReDoS) vulnerability in REXML, Ruby's XML toolkit. It allows attackers to cause denial of service by sending specially crafted XML documents w...

This vulnerability allows attackers to cause a stack overflow by sending malicious Protocol Buffers data with deeply nested groups, potentially crashing applications. It affects any system using Googl...

This CVE involves the removal of GLOBALTRUST root certificates from the certifi Python package due to compliance issues. Systems using affected certifi versions may trust certificates issued by GLOBAL...

This vulnerability in Apache Tomcat allows attackers to cause uncontrolled resource consumption through HTTP/2 connections. By sending excessive HTTP headers, attackers can force Tomcat to keep connec...

CVE-2023-38709 is an input validation vulnerability in Apache HTTP Server that allows malicious backend applications or content generators to split HTTP responses, potentially enabling response smuggl...

This CVE describes an out-of-bounds write vulnerability in Apache Commons Configuration that could allow attackers to write data beyond allocated memory boundaries. It affects versions from 2.0 up to ...

CVE-2024-28757 is an XML Entity Expansion vulnerability in libexpat that allows attackers to cause denial of service through resource exhaustion when external parsers are created via XML_ExternalEntit...

This vulnerability in OpenLDAP causes a null pointer dereference in the ber_memalloc_x() function, which can lead to denial of service (DoS) by crashing the LDAP service. Any system running vulnerable...

This vulnerability in Eclipse Jetty allows denial-of-service attacks by causing 100% CPU usage when processing large invalid TLS frames. Attackers can exploit this to make affected servers unresponsiv...

This vulnerability in Apache Commons IO allows attackers to cause denial of service by consuming excessive CPU resources through maliciously crafted input to the XmlStreamReader class. It affects appl...