Lucene search
K

1406 matches found

Debian
Debian
added 2020/01/29 9:52 p.m.102 views

[SECURITY] [DLA 2085-1] zlib security update

Package : zlib Version : 1:1.2.8.dfsg-2+deb8u1 CVE ID : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Several issues have been found in zlib, a compression library. They are basically about improper big-endian CRC calculation, improper left shift of negative integers and improper pointe...

9.8CVSS10AI score0.07489EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.54 views

Ubuntu: Security Advisory (USN-4246-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.9AI score0.07489EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/01/22 7:0 p.m.367 views

USN-4246-1: zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

9.8CVSS7.8AI score0.07489EPSS
Exploits0
OSV
OSV
added 2020/01/22 7:0 p.m.9 views

USN-4246-1 zlib vulnerabilities

It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...

9.8CVSS7AI score0.07489EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2020/01/22 12:0 a.m.4 views

The vulnerability of the rds_tcp_kill_sock() function in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the rdstcpkillsock function in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.3AI score0.03638EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.6 views

The vulnerability in the `fs/btrfs/volumes.c` function of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the fs/btrfs/volumes.c function in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to incorrect processing of finddevice...

5.5CVSS6.7AI score0.01216EPSS
Exploits1References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/12/23 12:0 a.m.47 views

EulerOS 2.0 SP5 : zlib (EulerOS-SA-2019-2704)

According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.CVE-2016-984...

9.8CVSS7.6AI score0.07489EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/12/06 12:0 a.m.9 views

PT-2019-4482

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1 through 1.1.1d OpenSSL versions 1.0.2 through 1.0.2t Description The issue is related to an overflow bug in the x64 64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...

10CVSS8.6AI score0.99999EPSS
Exploits187References242
NVD
NVD
added 2019/10/31 9:15 p.m.37 views

CVE-2018-3983

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...

8.8CVSS8AI score0.01458EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.3 views

The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to cause a service failure.

The vulnerability of the sbrDecodeSingleFramePS function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the bounds of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a syste...

5.5CVSS5.5AI score0.01165EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.4 views

The vulnerability of the hf_assembly function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the hfassembly function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the boundaries of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a system failur...

5.5CVSS5.5AI score0.01207EPSS
Exploits1References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.5 views

The vulnerability of the nbd_genl_status function in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the nbdgenlstatus function drivers/block/nbd in the Linux kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure through a specially created application...

4.4CVSS5.5AI score0.00387EPSS
Exploits0References25Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/09/19 12:0 a.m.5 views

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems, related to pointer arithmetic errors, allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause service failures...

4.9CVSS5.5AI score0.00721EPSS
Exploits0References44Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.22 views

The vulnerability of the gpg data encryption tool from the gnupg package, related to errors in pointer arithmetic, allows a perpetrator to trigger a service failure.

The vulnerability of the gpg data encryption tool from the gnupg package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to trigger a service failure, by passing a specially crafted file as an argument to the command line...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.4 views

The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to cause a service failure.

The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:39 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...

6.2CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.4 views

The vulnerability in the implementation of the NFS protocol in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the NFS protocol implementation in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.3AI score0.02779EPSS
Exploits0References18Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.4 views

The vulnerability of the syntax analysis procedure for Python interpreter certificates allows attackers to trigger a service failure.

The vulnerability of the syntax analysis procedure for Python interpreter certificates is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...

7.5CVSS7AI score0.20743EPSS
Exploits1References12Affected Software13
BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.2 views

The vulnerability of Linux operating system kernels, related to pointer arithmetic that goes beyond the allowed values, allows attackers to execute attacks through side channels.

The vulnerability of Linux operating systems’ kernels kernel/bpf/verifyier.c is related to an offset out of bounds. Exploiting this vulnerability could allow an attacker to execute attacks through secondary channels...

5.6CVSS7.3AI score0.00543EPSS
Exploits0References33Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.4 views

The vulnerability of the lnstat network statistics collection program lies in the lack of checks for the correctness of mathematical operations, which allows a perpetrator to trigger a service failure.

The vulnerability of the lnstat network statistics collection program is related to the lack of checks for the correctness of mathematical operations. Exploiting this vulnerability could allow an attacker to cause the program to terminate abnormally due to a SIGFPE signal, caused by attempting to...

4CVSS5.5AI score
Exploits0
OSV
OSV
added 2019/05/30 9:45 p.m.4 views

USN-4001-1 libseccomp vulnerability

Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators LT, GT, LE, GE. An attacker could use this to bypass intended access restrictions for argument-filtered system calls...

9.8CVSS6.8AI score0.03041EPSS
Exploits0References2
Rows per page
Query Builder