Lucene search
K

2166 matches found

UbuntuCve
UbuntuCve
added 2017/03/20 4:59 p.m.19 views

CVE-2015-8954

The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request...

9.8CVSS7.3AI score0.03258EPSS
Exploits0References2
hackapp
hackapp
added 2017/03/12 2:53 p.m.12 views

Survival Craft: Exploration - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Survival Craft: Exploration published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2016/12/13 12:0 a.m.20 views

Microsoft Internet Explorer Information Disclosure (MS16-144: CVE-2016-7278)

An information disclosure vulnerability exists in Internet Explorer. The vulnerability is due to the way Internet Explorer do not properly handle objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted website...

2.6CVSS2.1AI score0.14665EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.14 views

pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384...

9.8CVSS7.8AI score0.09157EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2016/11/02 2:17 p.m.31 views

CVE-2016-8670

Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via...

9.8CVSS6.6AI score0.04786EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/10/12 4:57 p.m.5 views

openssl: Memory corruption in the ASN.1 encoder

A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...

10CVSS7.5AI score0.77906EPSS
Exploits1References5
OSV
OSV
added 2016/10/03 4:9 p.m.3 views

DEBIAN-CVE-2016-3622

The fpAcc function in tifpredict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero error via a crafted TIFF image...

6.5CVSS7.3AI score0.0389EPSS
Exploits1References1
exploitpack
exploitpack
added 2016/08/15 12:0 a.m.64 views

GitLab - impersonate Feature Privilege Escalation

GitLab - impersonate Feature Privilege Escalation Exploit Title: GitLab privilege escalation via "impersonate" feature Date: 02-05-2016 Software Link: https://about.gitlab.com/ Version: 8.2.0 - 8.2.4, 8.3.0 - 8.3.8, 8.4.0 - 8.4.9, 8.5.0 - 8.5.11, 8.6.0 - 8.6.7, 8.7.0 Exploit Author: Kaimi Website...

6.5CVSS0.4AI score0.10143EPSS
Exploits5
CNVD
CNVD
added 2016/08/05 12:0 a.m.5 views

Google Android Remote Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. There is a security vulnerability in the Android Shell, which can be exploited by remote attackers to build special applications, induce application parsing, and elevate privileges...

9.3CVSS7AI score0.00476EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/06 12:0 a.m.5 views

Android Qualcomm TrustZone elevation of privilege vulnerability

Android is an open source operating system based on Linux. A security vulnerability in Android Qualcomm TrustZone allows remote attackers to exploit the vulnerability to build malicious apps with elevated privileges...

9.3CVSS6.9AI score0.0039EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/06 12:0 a.m.5 views

Google Chrome V8 Information Disclosure Vulnerability (CNVD-2016-02824)

Google Chrome is a popular web browser. Google Chrome V8 suffers from an information disclosure vulnerability that allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be parsed by users and can be used to obtain sensitive information...

6.5CVSS8.7AI score0.0181EPSS
Exploits0References1
hackapp
hackapp
added 2016/04/03 7:31 a.m.20 views

Winter Craft 3: Mine Build - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Winter Craft 3: Mine Build published at the 'play' market has multiple vulnerabilities...

1.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:10 a.m.24 views

Mini Craft Mod - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Mini Craft Mod published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:10 a.m.9 views

Magic Craft - Base64 encoded String, Customized SSL, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Magic Craft published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:47 a.m.13 views

Western Craft: Wild West - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Western Craft: Wild West published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:46 a.m.11 views

Fairy Craft 2 - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Fairy Craft 2 published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:46 a.m.10 views

City Craft: Building - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application City Craft: Building published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:46 a.m.13 views

Fairy Craft - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Fairy Craft published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:46 a.m.21 views

Winter Craft 2: Survival - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Winter Craft 2: Survival published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:45 a.m.20 views

City Craft 3: TNT Edition - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application City Craft 3: TNT Edition published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder