Lucene search
K

7654 matches found

OSV
OSV
added 2024/09/17 12:15 a.m.2 views

CVE-2024-40841

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination...

5.5CVSS5.8AI score
Exploits0References4
CVE
CVE
added 2024/09/16 11:22 p.m.53 views

CVE-2024-44161

CVE-2024-44161 is an out-of-bounds read vulnerability in macOS texture processing that could cause an application to terminate if a maliciously crafted texture is processed. The issue is mitigated by improved bounds checking and is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia...

5.5CVSS5.9AI score0.00259EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/16 11:22 p.m.11 views

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination...

6AI score0.00259EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/16 11:22 p.m.29 views

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

0.00259EPSS
Exploits0References3
CVE
CVE
added 2024/09/16 11:22 p.m.60 views

CVE-2024-44176

CVE-2024-44176 describes an out-of-bounds access leading to a denial-of-service when processing an image. Affected products include macOS Ventura 13.7; macOS Sequoia 15; macOS Sonoma 14.7; iOS 17.7 and iPadOS 17.7; iOS 18 and iPadOS 18; visionOS 2; watchOS 11; tvOS 18. Remediation is via software...

5.5CVSS7.1AI score0.07939EPSS
Exploits0References13Affected Software6
Cvelist
Cvelist
added 2024/09/16 11:22 p.m.18 views

CVE-2024-40841

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. Processing a maliciously crafted video file may lead to unexpected app termination...

0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/16 11:22 p.m.15 views

CVE-2024-40841

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination...

6.8AI score0.00317EPSS
Exploits0References2
CVE
CVE
added 2024/09/16 11:22 p.m.43 views

CVE-2024-40841

CVE-2024-40841 is an out-of-bounds write vulnerability affecting macOS components (notably Apple Graphics/AppleVA) where processing a maliciously crafted video can cause an app to terminate. The issue is fixed in macOS Sonoma 14.7 and macOS Sequoia 15 via improved bounds/memory handling. Root cau...

7.8CVSS7.1AI score0.00317EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2024/09/16 9:11 p.m.228 views

CVE-2024-45801

A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting XSS attacks. Mitigation Mitigation for this issue is either not available or the...

7CVSS5.5AI score0.00844EPSS
Exploits0References6
NVD
NVD
added 2024/09/16 7:16 p.m.42 views

CVE-2024-45801

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the...

7.3CVSS0.00844EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/16 6:25 p.m.24 views

CVE-2024-45801 Tampering by prototype polution in DOMPurify

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the...

7.3CVSS5.3AI score0.00844EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/09/16 6:25 p.m.28 views

CVE-2024-45801

DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the...

7.3CVSS6.6AI score0.00844EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/09/16 11:44 a.m.9 views

USN-7012-1: curl vulnerability

Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations...

6.5CVSS7AI score0.00729EPSS
Exploits1
CNVD
CNVD
added 2024/09/12 12:0 a.m.6 views

Google Android elevation of privilege vulnerability (CNVD-2024-45225)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a lack of privilege checking in CreateofSettingsHomepageActivity.java, which can be exploited by an attacker to gain elevated privileges on the...

7.8CVSS7AI score0.0008EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/09/12 12:0 a.m.194 views

MPlayer Lite r33064 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MPlayer Lite M3U Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in MPlayer Lite r33064,...

7.4AI score
Exploits0
NVD
NVD
added 2024/09/11 4:15 p.m.14 views

CVE-2024-45023

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix data corruption for degraded array with slow disk readbalance will avoid reading from slow disks as much as possible, however, if valid data only lands in slow disks, and a new normal disk is still in recovery,...

7.1CVSS0.00182EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/11 3:13 p.m.25 views

CVE-2024-45023 md/raid1: Fix data corruption for degraded array with slow disk

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix data corruption for degraded array with slow disk readbalance will avoid reading from slow disks as much as possible, however, if valid data only lands in slow disks, and a new normal disk is still in recovery,...

0.00182EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.8 views

usb: atm: cxacru: fix endpoint checking in cxacru_bind()

...

5.5CVSS7.3AI score0.00234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.3 views

comedi: vmk80xx: fix incomplete endpoint checking

...

5.5CVSS7.7AI score0.0028EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/11 4:3 a.m.14 views

CVE-2024-24972

Buffer Copy without Checking Size of Input CWE-120 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authorised and authenticated operator to reboot the Controller, causing a Denial of Service. Gallagher recommend the diagnostic web page is not enabled default is off...

6.5CVSS6.7AI score0.00324EPSS
Exploits0References1
Rows per page
Query Builder