Lucene search
K

1404 matches found

OSV
OSV
added 2017/04/28 10:59 a.m.10 views

CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and...

9.8CVSS8.8AI score
Exploits0References16
Cvelist
Cvelist
added 2017/04/28 10:0 a.m.32 views

CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and...

9.8AI score0.1081EPSS
Exploits0References16
CVE
CVE
added 2017/04/28 10:0 a.m.336 views

CVE-2017-7895

CVE-2017-7895 affects the Linux kernel NFSv2/v3 server (fs/nfsd/nfs3xdr.c, fs/nfsd/nfsxdr.c). A remote attacker can craft requests that bypass end-of-buffer checks, triggering pointer-arithmetic errors or other unspecified impacts. Affected kernels include up to 4.10.13; remediation is to upgrade...

10CVSS9.7AI score0.1081EPSS
Exploits0References16Affected Software1
Debian CVE
Debian CVE
added 2017/04/28 10:0 a.m.39 views

CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and...

10CVSS7.7AI score0.1081EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/04/28 12:0 a.m.78 views

CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and...

10CVSS6.8AI score0.1081EPSS
Exploits0References8
OSV
OSV
added 2017/04/28 12:0 a.m.6 views

UBUNTU-CVE-2017-7895

The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and...

9.8CVSS6.8AI score0.1081EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2017/04/25 12:0 a.m.4 views

PT-2017-1997 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.10.13 Description: The issue is related to an integer overflow in the NFSv2 and NFSv3 server implementations. It may allow a remote attacker to trigger pointer-arithmetic errors or have other unspecified impac...

10CVSS7.4AI score0.17827EPSS
Exploits39References279
OSV
OSV
added 2017/04/17 9:59 p.m.28 views

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

7.5CVSS6.3AI score
Exploits0References1
NVD
NVD
added 2017/04/17 9:59 p.m.20 views

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

7.5CVSS7AI score0.01287EPSS
Exploits0References1
Prion
Prion
added 2017/04/17 9:59 p.m.12 views

Out-of-bounds

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

5CVSS6.9AI score0.01287EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/04/17 9:0 p.m.21 views

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

7AI score0.01287EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/04/17 9:0 p.m.16 views

CVE-2017-7892

Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a compiler optimization. A remote attacker can trigger a segfault in a 32-bit libcapnp application because Cap'n Proto relies on pointer arithmetic calculations that overflow. An example compiler with optimization that elides a...

7.5CVSS7.1AI score0.01287EPSS
Exploits0
Huawei
Huawei
added 2017/03/22 12:0 a.m.136 views

Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products

Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session. Vulnerability ID: HWPSIRT-2016-09065 This vulnerability has been...

10CVSS8.1AI score0.95707EPSS
Exploits9Affected Software47
Talos
Talos
added 2017/02/24 12:0 a.m.55 views

Ichitaro Office JTD Figure handling Code Execution Vulnerability

Summary A vulnerability was discovered within the Ichitaro word processor. Ichitaro is published by JustSystems and is considered one of the more popular word processors used within Japan. Ichitaro’s proprietary file format is a Compound Document similar to .doc for Microsoft Word called .jtd. Wh...

9.8CVSS0.1AI score0.0234EPSS
Exploits1
OSV
OSV
added 2017/02/03 3:59 p.m.1 views

DEBIAN-CVE-2016-5241

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service arithmetic exception and application crash via a crafted svg file...

5.5CVSS6.7AI score0.01552EPSS
Exploits0References1
OSV
OSV
added 2017/02/03 3:59 p.m.9 views

CVE-2016-5241

magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service arithmetic exception and application crash via a crafted svg file...

5.5CVSS6.8AI score
Exploits0References8
Ubuntu
Ubuntu
added 2017/01/31 6:3 p.m.115 views

USN-3181-1: OpenSSL vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...

9.8CVSS7.5AI score0.57595EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2017/01/25 8:5 p.m.4 views

openssl: Possible integer overflow vulnerabilities in codebase

Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash...

9.8CVSS7.3AI score0.44505EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/01/25 8:4 p.m.7 views

openssl: Possible integer overflow vulnerabilities in codebase

Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash...

9.8CVSS7.3AI score0.44505EPSS
Exploits1References5
OSV
OSV
added 2017/01/19 5:59 a.m.3 views

CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

4.3CVSS6.7AI score0.01081EPSS
Exploits0References5
Rows per page
Query Builder