Lucene search
K

210 matches found

CVE
CVE
added 2026/06/30 1:56 p.m.22 views

CVE-2026-14178

openGauss contains a heap-use-after-free in to_timestamp handling when an NLS parameter is used, triggered in the seqscan+sort path by saving nls_fmt_str in the session parser context and referencing it after the SeqScan expression context is reset. Attack requires database SQL execution permissi...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 1:56 p.m.28 views

CVE-2026-14178 openGauss存在非法内存访问导致DoS漏洞

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A heap buffer overflow vulnerability exists in the PDFium component of Google Chrome, which can be exploited by an attacker to execute arbitrary code in the sandbox via specially crafted PDF files...

8.3CVSS6.4AI score0.0031EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a memory misreference vulnerability that can be exploited by attackers to cause heap corruption...

8.8CVSS6AI score0.00317EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause heap corruption...

8.8CVSS6AI score0.00271EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.14 views

Adobe Illustrator 安全漏洞

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A heap buffer overflow vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.4AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.9 views

Adobe InDesign Desktop 安全漏洞

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.5AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.6 views

Tenda AC18 安全漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg fails to correctly...

9CVSS8.3AI score0.01147EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.3 views

NVIDIA CUDA Toolkit 安全漏洞

NVIDIA CUDA Toolkit is a development software application for creating high-performance GPU-accelerated applications from NVIDIA. NVIDIA CUDA Toolkit suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code execution...

7.8CVSS8AI score0.00306EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.4 views

Adobe InCopy 安全漏洞

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.7 views

Adobe InCopy 安全漏洞

Adobe InCopy is a text editing software for creative writing from the American company Audobee Adobe. Adobe InCopy suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS8AI score0.00309EPSS
Exploits0References1
Gitee
Gitee
added 2025/08/03 4:27 a.m.87 views

pwn2exploit

pwn & exploit 这是些前段时间研究二进制的一些心得 Paper. 本来是希望能够从底层原理到全局把控的层次去整理. 这里只完成了部分的Paper, 还有很多的Paper只写了概要点. 个人有几篇 paper 还是很有参考价值的 linux进程动态so注入.md 这篇文章介绍了如何在目前的ELF下进行动态so注入, 介绍 gnu.hash 的结构和相关算法, 具体的代码可以参考evilELF, 代码设计规范. PWN之堆内存管理.md 这篇文章是我在阅读了很多参考资料和glibc后写的, 其中对于glibc分配算法中的各种缓存的设计有比较好的讲述以及对分配和释放算法有比价好的阐...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2025/06/22 12:0 a.m.4 views

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a stack buffer overflow vulnerability, which originates from the parameter subnet in the file /boafrm/formRoute failing to correctly validate the length and size of the input data, which...

9CVSS8.1AI score0.00776EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Microsoft Office Visio 安全漏洞

Microsoft Office is a widely used office software suite that contains a variety of applications such as Word, Excel, PowerPoint and Visio. A remote code execution vulnerability exists in Microsoft Office Visio, which arises due to the use of incompatible types when accessing resources type...

7.8CVSS8.4AI score0.00707EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.5 views

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google. It is the world's largest browser in terms of market share due to its speed, security, simplicity, multi-platform support and built-in privacy protection. Google Chrome suffers from a type confusion vulnerability that stems from the V8...

8.8CVSS6.8AI score0.04013EPSS
Exploits2References4
GithubExploit
GithubExploit
added 2024/11/22 2:55 a.m.118 views

Exploit for Improperly Implemented Security Check for Standard in Google Chrome

CVE-2024-7965-POC CVE-2024-7965 is a high-risk vulnerability...

8.8CVSS7.5AI score0.17227EPSS
Exploits2
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.5 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A post-release reuse vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by an attacker to potentially leverage heap corruption by corrupting the renderer process via a crafted Chrome...

8.8CVSS6.8AI score0.00327EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.7 views

Siemens Simcenter Nastran 2306、Siemens Simcenter Nastran 2312和Siemens Simcenter Nastran 2406 安全漏洞

Simcenter Nastran is a finite element method solver with computational performance, accuracy and reliability. A heap buffer overflow vulnerability exists in Siemens Simcenter Nastran, which can be exploited by an attacker to execute code in the context of the current process...

7.8CVSS7.7AI score0.00221EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A heap buffer overflow vulnerability exists in versions of Google Chrome prior to 128.0.6613.84, which can be exploited by an attacker to cause heap corruption via a crafted HTML page...

8.8CVSS7.1AI score0.00566EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/16 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a post-release reuse vulnerability, which can be exploited by an attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.9AI score0.00343EPSS
Exploits1References4
Rows per page
Query Builder