Lucene search
K

193 matches found

OSV
OSV
added 2021/09/29 4:15 p.m.1 views

CVE-2021-40697

Adobe Framemaker versions 2019 Update 8 and earlier and 2020 Release Update 2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

3.3CVSS7.2AI score0.01453EPSS
Exploits0References1
OSV
OSV
added 2021/08/08 8:15 p.m.10 views

AZL-6589 CVE-2021-38205 affecting package kernel for versions less than 5.10.78.1-1

drivers/net/ethernet/xilinx/xilinxemaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer i.e., the real IOMEM pointer...

3.3CVSS6.7AI score0.00328EPSS
Exploits0References1
Gitee
Gitee
added 2021/01/07 4:53 p.m.4 views

ctf-writeups

This is a PoC exploit for a double free vulnerability in a binary. The exploit creates overlapping chunks on the heap, manipulates heap metadata, and overwrites the mallochook with a one-gadget address to execute /bin/sh. The challenge is interesting because it does not allow the exploitation of...

7.2AI score
Exploits0
OSV
OSV
added 2020/11/05 8:15 p.m.1 views

CVE-2020-24426

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

3.3CVSS5.8AI score0.03023EPSS
Exploits0References2
OSV
OSV
added 2020/08/05 2:15 p.m.2 views

UBUNTU-CVE-2020-14347

A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable...

5.5CVSS6.7AI score0.00388EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/05/22 12:0 a.m.3 views

PT-2020-6251 · Sane +4 · Sane-Backends +4

Name of the Vulnerable Software and Affected Versions: SANE Backends versions prior to 1.0.30 Description: The issue is related to an out-of-bounds read in the SANE Backends interface, which provides access to scanning devices. This may allow a malicious device connected to the same local network...

8.8CVSS6.1AI score0.03044EPSS
Exploits7References90
OSV
OSV
added 2019/11/19 10:15 p.m.1 views

DEBIAN-CVE-2019-19126

On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for...

3.3CVSS6.5AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2019/06/04 10:55 p.m.7 views

USN-4007-2 linux-aws-hwe, linux-hwe, linux-oracle vulnerability

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address...

2.5CVSS6.7AI score0.00495EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2019/03/19 5:59 p.m.112 views

Android Q — Google Adds New Mobile Security and Privacy Features

Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements. Android Q, where Q has not yet been named, offers more control over installed apps, thei...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.2 views

kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

5.5CVSS6.7AI score0.00499EPSS
Exploits0References4
NVD
NVD
added 2018/09/20 1:29 p.m.23 views

CVE-2018-5837

In Snapdragon Automobile, Mobile, Wear in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710,...

7.5CVSS7.1AI score0.0063EPSS
Exploits0References2
Prion
Prion
added 2018/09/20 1:29 p.m.19 views

Code injection

In Snapdragon Automobile, Mobile, Wear in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710,...

5CVSS7.7AI score0.0063EPSS
Exploits0References2
CVE
CVE
added 2018/09/20 1:0 p.m.58 views

CVE-2018-5837

The CVE-2018-5837 entry concerns Snapdragon SoCs (IPQ8074, MDM9xxx, SD series, etc.) where MAC address randomization during probe requests is compromised by a flawed RNG that outputs repeating values far sooner than expected. The description covers the affected devices and the root cause, but the...

7.5CVSS7.1AI score0.0063EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/08/14 4:29 p.m.2 views

UBUNTU-CVE-2018-5392

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the "Dynamic base...

7.5CVSS7.3AI score0.01426EPSS
Exploits0References6
CNVD
CNVD
added 2018/06/26 12:0 a.m.1 views

Mozilla Firefox, Firefox ESR and Thunderbird Memory Corruption Vulnerability (CNVD-2018-12100)

Mozilla Firefox, Firefox ESR, and Thunderbird are products developed by the Mozilla Foundation.Firefox is an open source web browser, and Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client software...

9.8CVSS9AI score0.33434EPSS
Exploits13References1
OSV
OSV
added 2018/03/08 7:29 a.m.5 views

DEBIAN-CVE-2018-7755

An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discove...

5.5CVSS6.4AI score0.00694EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/03/07 12:0 a.m.7 views

PT-2018-3026 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15.8 Description: The issue is related to the fd locked ioctl function in the Linux kernel, specifically in the floppy driver. It allows an attacker to obtain a kernel pointer by sending the FDGETPRM ioctl,...

10CVSS7.2AI score0.9166EPSS
Exploits112References786
OSV
OSV
added 2018/02/21 12:29 a.m.1 views

DEBIAN-CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

5.5CVSS6.3AI score0.01794EPSS
Exploits3References1
OSV
OSV
added 2018/02/21 12:29 a.m.1 views

UBUNTU-CVE-2018-7273

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function showfloppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel...

5.5CVSS6.8AI score0.01794EPSS
Exploits3References3
OSV
OSV
added 2017/12/07 7:29 p.m.3 views

DEBIAN-CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS8AI score0.04252EPSS
Exploits0References1
Rows per page
Query Builder