Lucene search
+L

186 matches found

Vulnrichment
Vulnrichment
added 2022/09/02 12:15 p.m.7 views

CVE-2022-36078 Slice Memory Allocation with Excessive Size Value in binary

Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices in memory with arbitrary excessive size value, which can either exhaust available memory or crash the whole program. When using...

8.8CVSS8.8AI score0.00941EPSS
Exploits1References3
OSV
OSV
added 2022/09/02 12:15 p.m.30 views

CVE-2022-36078 Slice Memory Allocation with Excessive Size Value in binary

Binary provides encoding/decoding in Borsh and other formats. The vulnerability is a memory allocation vulnerability that can be exploited to allocate slices in memory with arbitrary excessive size value, which can either exhaust available memory or crash the whole program. When using...

8.8CVSS7.8AI score0.00941EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.5 views

PT-2022-23166 · Unknown · Github.Com/Gagliardetto/Binary

Name of the Vulnerable Software and Affected Versions: github.com/gagliardetto/binary versions prior to v0.7.1 Description: The issue is a memory allocation vulnerability that can be exploited to allocate slices in memory with excessive size values, potentially exhausting available memory or...

8.8CVSS7.4AI score0.00941EPSS
Exploits1References11
NVD
NVD
added 2022/05/21 12:15 a.m.15 views

CVE-2022-29210

TensorFlow is an open source platform for machine learning. In version 2.8.0, the TensorKey hash function used total estimated AllocatedBytes, which a is an estimate per tensor, and b is a very poor hash function for constants e.g. int32t. It also tried to access individual tensor bytes through...

5.5CVSS0.00225EPSS
Exploits0References5
OSV
OSV
added 2022/05/03 9:15 p.m.4 views

CVE-2021-27417

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc an implementation of malloc. The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow...

9.8CVSS6.2AI score0.0056EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/05/03 8:23 p.m.11 views

CVE-2021-27431 ARM CMSIS RTOS2 Integer Overflow or Wraparound

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...

7.3CVSS7.4AI score0.01048EPSS
Exploits0References1
OSV
OSV
added 2021/12/25 1:15 a.m.10 views

CVE-2021-45481

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889...

6.5CVSS8.5AI score
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.21 views

Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability

Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure...

6.2CVSS6AI score0.0052EPSS
In wildExploits0
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.5 views

AUVESY Versiondog 资源管理错误漏洞

AUVESY Versiondog is an automated production data and change management software solution from AUVESY Germany. a resource management error vulnerability exists in AUVESY Versiondog, which can be exploited by attackers to allocate unlimited memory buffers using API functions...

8.1CVSS5.6AI score0.00745EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2021/10/04 6:0 p.m.38 views

CVE-2021-32762

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis librar...

9CVSS8.2AI score0.02497EPSS
Exploits0
Debian
Debian
added 2021/07/20 12:53 p.m.130 views

[SECURITY] [DSA 4942-1] systemd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4942-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2021 https://www.debian.org/security/faq -...

4.9CVSS0.6AI score0.0865EPSS
Exploits2
NVD
NVD
added 2021/07/13 8:15 a.m.16 views

CVE-2021-35517

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package...

7.5CVSS0.10614EPSS
Exploits0References22
OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2021-2107)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.01291EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.32 views

EulerOS Virtualization 3.0.6.6 : netpbm (EulerOS-SA-2021-1500)

According to the versions of the netpbm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to...

5.5CVSS5.8AI score0.01926EPSS
Exploits1References3
OSV
OSV
added 2020/11/28 7:15 a.m.11 views

CVE-2020-29370

An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...

7CVSS9AI score
Exploits0References4
NVD
NVD
added 2020/11/24 11:15 a.m.25 views

CVE-2019-20925

An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB...

7.5CVSS7.4AI score0.01655EPSS
Exploits0References1
OSV
OSV
added 2020/11/21 12:21 p.m.6 views

MGASA-2020-0430 Updated tcpdump package fixes a security vulnerability

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037...

7.5CVSS7.5AI score0.03071EPSS
Exploits0References3
NVD
NVD
added 2020/01/24 3:15 p.m.26 views

CVE-2020-7226

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...

7.5CVSS8.4AI score0.03334EPSS
Exploits1References19
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2019-2426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.01926EPSS
Exploits2References2
Prion
Prion
added 2019/10/17 7:15 p.m.15 views

Information disclosure

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the...

4.9CVSS4.8AI score0.00323EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder