Lucene search
K

64 matches found

OSV
OSV
added 2023/10/16 8:56 p.m.12 views

CVE-2023-42459 Malformed DATA submessage leads to bad-free error in Fast-DDS

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. In affected versions specific DATA submessages can be sent to a discovery locator which may trigger a free error. This can remotely crash any Fast-DDS process. The call to free could...

8.6CVSS7.6AI score0.00826EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/08/21 12:0 a.m.32 views

Debian: Security Advisory (DSA-5481-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS9.4AI score0.00893EPSS
Exploits0References4
NVD
NVD
added 2023/08/11 2:15 p.m.24 views

CVE-2023-39945

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled BadParamException in fastcdr, which in turn crashes fastdds. Versions 2.11.0,...

8.2CVSS8.1AI score0.00808EPSS
Exploits0References4
Prion
Prion
added 2023/08/11 2:15 p.m.19 views

Heap overflow

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PIDPROPERTYLIST parameter that contains a CDR string with length larger than the size of...

5CVSS7.5AI score0.00776EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2023/08/11 1:55 p.m.35 views

CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions...

7.5CVSS7.9AI score0.00893EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/08/11 1:37 p.m.22 views

CVE-2023-39946

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PIDPROPERTYLIST parameter that contains a CDR string with length larger than the size of...

8.2CVSS7.6AI score0.00776EPSS
Exploits0
Cvelist
Cvelist
added 2023/03/27 8:43 p.m.39 views

CVE-2023-28638 Stack references to locations outside buffers may become invalid if they exist during a GC compaction in Snappier

Snappier is a high performance C implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change...

7CVSS7.2AI score0.00549EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.19 views

Debian: Security Advisory (DLA-231-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03375EPSS
Exploits0References2
Fedora
Fedora
added 2022/07/30 1:57 a.m.13 views

[SECURITY] Fedora 36 Update: golang-github-google-jsonnet-0.17.0-6.fc36

This an implementation of Jsonnet in pure Go. It is feature complete but is n ot as heavily exercised as the Jsonnet C++ implementation. Please try it out and give feedback...

7.3AI score
Exploits0
Fedora
Fedora
added 2022/07/17 1:15 a.m.17 views

[SECURITY] Fedora 35 Update: golang-github-google-jsonnet-0.17.0-5.fc35

This an implementation of Jsonnet in pure Go. It is feature complete but is n ot as heavily exercised as the Jsonnet C++ implementation. Please try it out and give feedback...

9.3CVSS8.1AI score0.05994EPSS
Exploits4
GithubExploit
GithubExploit
added 2022/05/31 3:28 a.m.586 views

Exploit for Path Traversal in Apache Http_Server

CVE-2021-42013 C implementation of the infamous Apache 2.4.50...

9.8CVSS9.2AI score0.99964EPSS
Exploits62
Github Security Blog
Github Security Blog
added 2022/05/17 4:14 a.m.24 views

Dulwich Buffer Overflow when handling pack files

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

7.5CVSS7.4AI score0.03375EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/17 4:14 a.m.17 views

GHSA-VJJF-3RVG-GV3V Dulwich Buffer Overflow when handling pack files

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

9.8CVSS9.5AI score0.03375EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2022/04/30 5:53 a.m.277 views

Exploit for Incorrect Authorization in Polkit_Project Polkit

PolicyKit CVE-2021-3560 Exploitation Authentication Agent ====...

7.8CVSS8.4AI score0.22193EPSS
Exploits37
Rockylinux
Rockylinux
added 2021/11/09 1:10 p.m.30 views

json-c security and bug fix update

An update is available for json-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list JSON-C implements a reference counting object model that allows users to easil...

7.8CVSS8AI score0.01888EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/04/12 12:0 a.m.24 views

Debian DSA-4887-1 : lib3mf - security update

A use-after-free was discovered in Lib3MF, a C++ implementation of the 3D Manufacturing Format, which could result in the execution of arbitrary code if a malformed file is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

8.1CVSS7.8AI score0.04339EPSS
Exploits1References5
Kitploit
Kitploit
added 2021/01/27 8:30 p.m.39 views

SharpEDRChecker - Checks Running Processes, Process Metadata, DLLs Loaded Into Your Current Process And The Each DLLs Metadata, Common Inst all Directories, Installed Services And Each Service Binaries Metadata, Installed Drivers And Each Drivers Metadata, All For The Presence Of Known Defensive Products Such As AV's, EDR's And Logging Tools

New and improved C Implementation of Invoke-EDRChecker. Checks running processes, process metadata, Dlls loaded into your current process and each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for...

7.1AI score
Exploits0References4
OpenVAS
OpenVAS
added 2020/12/14 12:0 a.m.7 views

Fedora: Security Advisory for libpri (FEDORA-2020-2f1ef40a96)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2020/12/13 2:35 a.m.25 views

[SECURITY] Fedora 32 Update: libpri-1.6.0-9.fc32

libpri is a C implementation of the Primary Rate ISDN specification. It was based on the Bellcore specification SR-NWT-002343 for National ISDN. As of May 12, 2001, it has been tested work to with NI-2, Nortel DMS-100, and Lucent 5E Custom protocols on switches from Nortel and Lucent...

1.8AI score
Exploits0
Fedora
Fedora
added 2020/12/13 2:10 a.m.18 views

[SECURITY] Fedora 33 Update: libpri-1.6.0-9.fc33

libpri is a C implementation of the Primary Rate ISDN specification. It was based on the Bellcore specification SR-NWT-002343 for National ISDN. As of May 12, 2001, it has been tested work to with NI-2, Nortel DMS-100, and Lucent 5E Custom protocols on switches from Nortel and Lucent...

1.8AI score
Exploits0
Rows per page
Query Builder