CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

155 matches found

BDU FSTEC•added 2020/04/23 12:0 a.m.•0 views

The vulnerability of the programmable user-programmable gate array (PPVM) for Xilinx Spartan, Artix, Kintex, and Virtex programmable integrated circuits lies in the possibility of intercepting/mocking the file containing the encrypted control bitstream, allowing a hacker to gain full control over the programmable integrated circuits.

The vulnerability of the programmable user-programmable gate array PPVM for Xilinx Spartan, Artix, Kintex, and Virtex programmable logic integrated circuits lies in the ability to intercept or replace the file containing the encrypted control bitstream. Exploiting this vulnerability can allow an...

9CVSS5.5AI score

Exploits0References4Affected Software4

The Hacker News•added 2020/04/21 9:55 a.m.•107 views

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and...

0.5AI score

Exploits0

The Hacker News•added 2020/04/21 9:55 a.m.•2 views

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

5.9AI score

Exploits0

CNVD•added 2020/03/25 12:0 a.m.•3 views

GPAC Heap Buffer Overflow Vulnerability

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A heap buffer overflow vulnerability exists in BSReadByte in utils/bitstream.c in libgpac.a in versions of GPAC prior to 0.8.0. An attacker can exploit this vulnerability to cause a denial of service via a...

5.5CVSS8.1AI score0.00324EPSS

Exploits1References1

OSV•added 2020/03/24 7:15 p.m.•3 views

DEBIAN-CVE-2019-20630

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BSReadByte called from gfbsreadbit in utils/bitstream.c that can cause a denial of service via a crafted MP4 file...

5.5CVSS6.9AI score0.00324EPSS

Exploits1References1

NVD•added 2019/06/14 5:29 p.m.•14 views

CVE-2019-2256

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

10CVSS9.6AI score0.00656EPSS

Exploits0References1

NVD•added 2019/06/14 5:29 p.m.•16 views

CVE-2019-2255

10CVSS9.6AI score0.00656EPSS

Exploits0References1

Prion•added 2019/06/14 5:29 p.m.•18 views

Code injection

10CVSS9.5AI score0.00656EPSS

Exploits0References1

Prion•added 2019/06/14 5:29 p.m.•13 views

Code injection

10CVSS9.5AI score0.00656EPSS

Exploits0References1

Cvelist•added 2019/06/14 5:2 p.m.•17 views

CVE-2019-2255

9.6AI score0.00656EPSS

Exploits0References1

Cvelist•added 2019/06/14 5:2 p.m.•17 views

CVE-2019-2256

9.6AI score0.00656EPSS

Exploits0References1

CVE•added 2019/06/14 5:2 p.m.•277 views

CVE-2019-2256

The CVE-2019-2256 entry concerns a vulnerability in Qualcomm closed‑source components affecting Snapdragon devices (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile, Wearables, IOT, and related variants listed in the Red Hat/Qualcomm advisories). An unprivileged user can craft a bits...

10CVSS9.5AI score0.00656EPSS

Exploits0References1Affected Software1

The Hacker News•added 2019/05/14 8:54 a.m.•2 views

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or 😾😾😾, the vulnerability, discovered by...

9CVSS7.9AI score0.00522EPSS

Exploits0

android•added 2019/05/01 12:0 a.m.•35 views

CVE-2019-2255

10CVSS2.4AI score0.00656EPSS

Exploits0References2

android•added 2019/05/01 12:0 a.m.•36 views

CVE-2019-2256

10CVSS2.5AI score0.00656EPSS

Exploits0References3

Veracode•added 2019/04/29 7:23 a.m.•15 views

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS. Failure to properly handle an integer sent via a request to the JPC bitstream code allows an attacker to crash the application...

7.5CVSS7.3AI score0.01218EPSS

Exploits0References1Affected Software2

UbuntuCve•added 2019/02/17 2:29 a.m.•13 views

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service...

8.8CVSS7.3AI score0.00402EPSS

Exploits1References3

OSV•added 2019/02/17 2:29 a.m.•0 views

UBUNTU-CVE-2019-8378

8.8CVSS7.5AI score0.00402EPSS

Exploits1References4

CNVD•added 2019/02/11 12:0 a.m.•1 views

Bento4 Buffer Over Read Vulnerability

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. A heap buffer over-read vulnerability exists in AP4BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 1.5.1-627, which can be exploited by remote attackers to cause a denial of service via specially crafted mp4...

6.5CVSS7AI score0.00388EPSS

Exploits1References1

OSV•added 2019/02/10 10:29 p.m.•0 views

UBUNTU-CVE-2019-7699

A heap-based buffer over-read occurs in AP4BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service...

6.5CVSS6AI score0.00388EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by