Lucene search
+L

121 matches found

RedHat Linux
RedHat Linux
added 2022/12/13 2:10 p.m.6 views

Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing

An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...

9.8CVSS7.2AI score0.02836EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2022/11/21 12:0 a.m.26 views

(Pwn2Own) Microsoft Teams electronSafeIpc Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization. The specific flaw exists within the communication API. The issue lies in the handling o...

8.8CVSS3.6AI score
Exploits0References1
Prion
Prion
added 2022/11/09 9:15 p.m.25 views

Design/Logic Flaw

Insufficient memory cleanup in the AMD Secure Processor ASP Trusted Execution Environment TEE may allow an authenticated attacker with privileges to generate a valid signed TA and potentially poison the contents of the process memory with attacker controlled data resulting in a loss of...

1.7CVSS5.9AI score0.00247EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.6 views

PT-2022-7285 · Apache +10 · Apache Commons Bcel +10

Name of the Vulnerable Software and Affected Versions: Apache Commons BCEL versions prior to 6.6.0 Description: The issue is related to an out-of-bounds writing problem in Apache Commons BCEL, which can be exploited to produce arbitrary bytecode. This could be abused in applications that pass...

10CVSS8.5AI score0.02836EPSS
Exploits0References62
Positive Technologies
Positive Technologies
added 2022/06/07 12:0 a.m.7 views

PT-2022-20661 · Laravel · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel version 9.1.8 Description: The issue allows Remote Code Execution RCE via an unserialized pop chain in destruct in IlluminateBroadcastingPendingBroadcast.php and call in FakerGenerator.php when processing attacker-controlled data for...

9.8CVSS6.7AI score
Exploits0References12
Packet Storm
Packet Storm
added 2021/05/10 12:0 a.m.149 views

AWS CloudShell Terminal Escape Injection / Remote Code Execution

Terminal escape injection in AWS CloudShell The javascript terminal emulator used by AWS CloudShell handles certain terminal escape codes incorrectly. This can lead to remote code execution if attacker controlled data is displayed in a CloudShell instance. The bug is in the handling of DCS escape...

0.2AI score
Exploits0
OSV
OSV
added 2021/02/08 5:58 p.m.10 views

MGASA-2021-0075 Updated wpa_supplicant packages fix a security vulnerability

A vulnerability was discovered in how wpasupplicant processing P2P Wi-Fi Direct group information from active group owners. The actual parsing of that information validates field lengths appropriately, but processing of the parsed information misses a length check when storing a copy of the...

7.9CVSS7.7AI score0.04707EPSS
Exploits1References3
Prion
Prion
added 2020/10/01 7:15 p.m.25 views

Design/Logic Flaw

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

4.3CVSS6.2AI score0.01594EPSS
Exploits0References9Affected Software5
Cvelist
Cvelist
added 2020/10/01 6:31 p.m.17 views

CVE-2020-15676

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

6.6AI score0.01594EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/10/01 1:22 p.m.5 views

Mozilla: XSS when pasting attacker-controlled data into a contenteditable element

The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/01 1:10 p.m.4 views

Mozilla: XSS when pasting attacker-controlled data into a contenteditable element

The Mozilla Foundation Security Advisory describes this flaw as: Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element...

6.1CVSS7.3AI score0.01594EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/09/25 12:0 a.m.29 views

CVE-2020-15676

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. This vulnerability affects Firefox 81, Thunderbird 78.3, and Firefox ESR 78.3...

6.1CVSS6.9AI score0.01594EPSS
Exploits0References5
NVD
NVD
added 2020/07/30 1:15 p.m.24 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS7.3AI score0.00482EPSS
Exploits0References6
OSV
OSV
added 2020/07/30 1:15 p.m.35 views

CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

6.7CVSS4AI score
Exploits0References6
NVD
NVD
added 2020/04/22 9:15 p.m.28 views

CVE-2020-10892

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.1AI score0.0217EPSS
Exploits0References2
Prion
Prion
added 2020/04/22 9:15 p.m.23 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.0217EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/04/22 9:15 p.m.21 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.0217EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/02/05 5:15 p.m.20 views

Heap overflow

An issue was discovered in the Bluetooth component of the Cypress formerly owned by Broadcom Wireless IoT codebase. Extended Inquiry Responses EIRs are improperly handled, which causes a heap-based buffer overflow during device inquiry. This overflow can be used to overwrite existing functions wi...

6.8CVSS8.2AI score0.00855EPSS
Exploits0References4
Prion
Prion
added 2019/11/26 5:15 p.m.40 views

Heap overflow

An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data...

7.5CVSS9.2AI score0.20251EPSS
Exploits0References9Affected Software5
Zero Day Initiative
Zero Day Initiative
added 2019/01/29 12:0 a.m.33 views

Bitdefender SafePay openFile Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

8.8CVSS2.3AI score0.03823EPSS
Exploits0
Rows per page
Query Builder