Lucene search
K

73 matches found

NVD
NVD
added 2014/09/18 10:55 a.m.22 views

CVE-2014-4388

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...

9.3CVSS7.4AI score0.0167EPSS
Exploits0References11
Prion
Prion
added 2014/09/18 10:55 a.m.21 views

Code injection

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...

9.3CVSS7.2AI score0.0167EPSS
Exploits0References10Affected Software2
Cvelist
Cvelist
added 2014/09/18 10:0 a.m.30 views

CVE-2014-4388

IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fields, a different vulnerability than...

7.6AI score0.0167EPSS
Exploits0References11
Prion
Prion
added 2014/07/06 11:55 p.m.31 views

Type confusion

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...

2.6CVSS6.4AI score0.05868EPSS
Exploits1References14Affected Software2
Cvelist
Cvelist
added 2013/09/19 10:0 a.m.27 views

CVE-2013-5155

The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service infinite loop via an application that writes crafted values to /dev/random...

5.6AI score0.0155EPSS
Exploits0References3
NVD
NVD
added 2013/06/15 8:55 p.m.19 views

CVE-2013-1999

Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...

6.8CVSS9.7AI score0.02331EPSS
Exploits0References6
NVD
NVD
added 2013/06/15 8:55 p.m.26 views

CVE-2013-1998

Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XGetDeviceButtonMapping, 2 XIPassiveGrabDevice, and 3 XQueryDeviceState functions...

6.8CVSS8.3AI score0.02798EPSS
Exploits0References7
Prion
Prion
added 2013/06/15 8:55 p.m.16 views

Buffer overflow

Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XtResourceConfigurationEH function...

6.8CVSS8.2AI score0.03082EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2013/06/15 8:55 p.m.2 views

DEBIAN-CVE-2013-1998

Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XGetDeviceButtonMapping, 2 XIPassiveGrabDevice, and 3 XQueryDeviceState functions...

6.8CVSS7.8AI score0.02798EPSS
Exploits0References1
Prion
Prion
added 2013/06/15 8:55 p.m.22 views

Buffer overflow

Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function...

6.8CVSS8.2AI score0.02331EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2013/06/15 8:0 p.m.24 views

CVE-2013-2000

Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XDGAQueryModes and 2 XDGASetMode functions...

7.3AI score0.02109EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/06/15 8:0 p.m.26 views

CVE-2013-1999

Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...

7.4AI score0.02331EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2013/06/15 8:0 p.m.23 views

CVE-2013-1999

Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...

6.8CVSS9.8AI score0.02331EPSS
Exploits0
Debian CVE
Debian CVE
added 2013/06/15 8:0 p.m.30 views

CVE-2013-1997

Multiple buffer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the 1 XAllocColorCells, 2 XkbReadGetDeviceInfoReply, 3 XkbReadGeomShapes, 4 XkbReadGetGeometryReply...

6.8CVSS9.9AI score0.02109EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2013/05/23 3:0 p.m.27 views

CVE-2013-1999

Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function...

6.8CVSS7.5AI score0.02331EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2011/10/31 12:0 a.m.39 views

Mandriva Update for phpmyadmin MDVSA-2011:158 (phpmyadmin)

Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:158 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

5CVSS0.02326EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2010/12/06 10:30 p.m.166 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

9.8CVSS6.8AI score0.04242EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2010/12/06 9:5 p.m.65 views

CVE-2010-4252

OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol...

7.5CVSS7.2AI score0.08076EPSS
Exploits1References1
Prion
Prion
added 2010/12/06 9:5 p.m.44 views

Design/Logic Flaw

OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol...

7.5CVSS6.7AI score0.08076EPSS
Exploits1References16Affected Software1
ATTACKERKB
ATTACKERKB
added 2010/12/06 12:0 a.m.429 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

7.5CVSS5.5AI score0.08076EPSS
In wildExploits2References8
Rows per page
Query Builder