Lucene search
+L

53 matches found

Prion
Prion
added 2021/05/25 5:15 p.m.16 views

Design/Logic Flaw

Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions = v1.14.2, = v2.2.0 contain Improper Handling of Parameters CWE-233. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp...

3.3CVSS6.5AI score0.00381EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/05/24 9:40 p.m.50 views

CVE-2020-10069

CVE-2020-10069 affects Zephyr RTOS Bluetooth stack. The vulnerability allows denial of service due to unchecked packet data related to improper handling of parameters (CWE-233) in Zephyr versions v1.14.2 and newer (including v2.2.0+). The description in connected sources confirms the issue is roo...

6.5CVSS5.4AI score0.00381EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/05/24 9:40 p.m.25 views

CVE-2020-10069 Zephyr Bluetooth unchecked packet data results in denial of service

Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions = v1.14.2, = v2.2.0 contain Improper Handling of Parameters CWE-233. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp...

4.3CVSS6.5AI score0.00381EPSS
Exploits0References1
CVE
CVE
added 2019/08/05 12:40 p.m.50 views

CVE-2017-18469

CVE-2017-18469 affects cPanel prior to 62.0.17, where demo accounts can execute code via an NVData_fetchinc API call (SEC-233). Affected software: cPanel versions before 62.0.17. Root cause: exploitable API call allowing code execution. Impact: potential arbitrary code execution by unauthenticate...

6.5CVSS6.6AI score0.00947EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/21 12:0 a.m.14 views

Siemens CP 243-1 Detection

Binary data 233.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/10/25 12:0 a.m.19 views

OracleVM 3.2 : xen (OVMSA-2017-0159)

The remote OracleVM system is missing necessary patches to address critical security updates : - The code of OVM3.2.9 is quite old, there is no getpage/putpage pair to protect the ownership and references of page table page which is mapped in emulatemapdest. This patch fix it by adding getpage in...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/10/03 12:0 a.m.40 views

Fedora 25 : xen (2017-f7fd3fe7eb)

xen: various flaws 1490884 Missing NUMA node parameter verification XSA-231, CVE-2017-14316 Missing check for grant table XSA-232, CVE-2017-14318 cxenstored: Race in domain cleanup XSA-233, CVE-2017-14317 insufficient grant unmapping checks for x86 PV guests XSA-234, CVE-2017-14319 Note that...

8.8CVSS6.5AI score0.00422EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/09/19 12:0 a.m.47 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2519-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...

8.8CVSS6.8AI score0.00422EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.31 views

Fedora 26 : xen (2017-e399a9008c)

xen: various flaws 1490884 Missing NUMA node parameter verification XSA-231, CVE-2017-14316 Missing check for grant table XSA-232, CVE-2017-14318 cxenstored: Race in domain cleanup XSA-233, CVE-2017-14317 insufficient grant unmapping checks for x86 PV guests XSA-234, CVE-2017-14319 ---- update to...

8.8CVSS6.5AI score0.00422EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.26 views

openSUSE Security Update : xen (openSUSE-2017-1071)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...

8.8CVSS6.9AI score0.00422EPSS
Exploits0References11
CNVD
CNVD
added 2017/07/11 12:0 a.m.5 views

Systemd Local Elevation of Privilege Vulnerability

systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A security vulnerability exists in syste...

10CVSS6.1AI score0.03878EPSS
Exploits0References1
CVE
CVE
added 2017/06/28 6:0 a.m.107 views

CVE-2017-9445

The CVE-2017-9445 issue affects systemd up to version 233, where dns_packet_new in systemd-resolved may allocate a buffer that is too small when processing DNS responses. A malicious DNS server can craft a TCP payload to trigger an out-of-bounds write, potentially enabling remote code execution o...

7.5CVSS7.5AI score0.55116EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2017/06/28 12:0 a.m.5 views

Systemd Out-of-Bounds Write Remote Code Execution Vulnerability

systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. Security exists in systemd 233 and earli...

7.5CVSS7AI score0.55116EPSS
Exploits1References1
CVE
CVE
added 2017/06/21 8:0 p.m.49 views

CVE-2017-4989

CVE-2017-4989 affects EMC Avamar Server Software releases listed (7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401). Root cause: unauthenticated remote bypass of authentication to access the system maintenance page, enabling viewing of sensitive info and execution of maintenance tas...

9.8CVSS9.8AI score0.03286EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2017/05/24 12:0 a.m.4 views

PT-2017-18793 · Systemd +2 · Systemd-Resolved +2

Name of the Vulnerable Software and Affected Versions: systemd-resolved versions through 233 Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, via a crafted DNS response with an empty question section. Recommendations: For versions through...

10CVSS6.5AI score0.55116EPSS
Exploits1References53
NVD
NVD
added 2017/05/16 5:29 p.m.26 views

CVE-2017-6658

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...

7.5CVSS7.4AI score0.0106EPSS
Exploits0References3
OSV
OSV
added 2017/05/16 5:29 p.m.3 views

CVE-2017-6658

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...

7.5CVSS5.8AI score0.0106EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2016/10/31 10:28 a.m.24 views

dmm.co.jp XSS vulnerability

Vulnerable URL: http://www.dmm.co.jp/en/ppm/video/-/series/=/cid"%20onmouseover%3Dalert'OPENBUGBOUNTY'%20rest%3D"=ranking/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 233 VIP...

6.3AI score
Exploits0
OSV
OSV
added 2016/09/21 2:59 a.m.1 views

CVE-2016-0921

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program...

6.5CVSS5.8AI score0.00392EPSS
Exploits0References3
OSV
OSV
added 2016/09/21 2:59 a.m.3 views

CVE-2016-0920

Avamar Data Store ADS and Avamar Virtual Edition AVE in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration...

7.8CVSS5.8AI score0.00414EPSS
Exploits0References2
Rows per page
Query Builder