Lucene search
K

4371 matches found

seebug.org
seebug.org
added 2018/02/24 12:0 a.m.56 views

Windows Kernel double fetches in win32kfull!xxxImeWindowPosChanged and win32kfull!InternalRebuildHwndListForIMEClass( CVE-2018-0809)

We have noticed the following code in the win32kfull!xxxImeWindowPosChanged function on Windows 10 version 1709 32-bit listing from the IDA Pro disassembler: .text:000485A4 ; try // except at locF3502 .text:000485A4 mov ebp+msexc.registration.TryLevel, 0 .text:000485AB mov eax, ecx .text:000485AD...

6.8AI score0.01197EPSS
Exploits1
CNVD
CNVD
added 2018/02/08 12:0 a.m.1 views

ZZIPlib Denial of Service Vulnerability (CNVD-2018-05513)

ZZIPlib is a set of lightweight file compression tools. A security vulnerability exists in the 'zzipfetchdisktrailer' function of the zzip/zip.c file in ZZIPlib version 0.13.67. A remote attacker can exploit this vulnerability to cause a denial of service with a specially crafted zip file...

6.5CVSS6.8AI score0.02305EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2018/02/07 12:0 a.m.7 views

The vulnerability of the Fetch API interface in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a perpetrator to trigger a service failure.

The vulnerability of the Fetch API interface in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.6CVSS7.7AI score0.02344EPSS
Exploits0References15Affected Software10
Mageia
Mageia
added 2018/02/06 3:35 p.m.28 views

Updated php-smarty packages fix security vulnerability

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...

9.8CVSS1.4AI score0.03124EPSS
Exploits0References1
CVE
CVE
added 2018/02/01 9:0 p.m.77 views

CVE-2017-3160

CVE-2017-3160 affects Apache Cordova for Android, where on first add/build the Gradle tool is downloaded via an HTTP (not HTTPS) URI by default. This enables a man-in-the-middle (MiTM) attack that can tamper with the Gradle distribution, since the downloaded Gradle executable is immediately execu...

7.4CVSS7.2AI score0.03825EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/02/01 12:0 a.m.3 views

UBUNTU-CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

6.5CVSS6.5AI score0.02285EPSS
Exploits1References3
seebug.org
seebug.org
added 2018/01/29 12:0 a.m.15 views

chrome:Cross-origin object leak via fetch

VULNERABILITY DETAILS The promise returned by fetch.callcrossOriginWindow is created in the cross-origin context. Direct cross-origin scripting is not possible because cross-origin function constructors don't work anymore issue 541703 . But the attacker can e.g. call other functions of the...

6.7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/01/23 12:0 a.m.20 views

CVE-2018-5092

A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox 58...

9.8CVSS7.2AI score0.0184EPSS
Exploits0References3
OSV
OSV
added 2018/01/23 12:0 a.m.3 views

UBUNTU-CVE-2018-5092

A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox 58...

9.8CVSS7.3AI score0.0184EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/01/22 9:45 a.m.5 views

bind: Improper fetch cleanup sequencing in the resolver can cause named to crash

A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion...

7.5CVSS6.8AI score0.27725EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/01/22 9:31 a.m.4 views

bind: Improper fetch cleanup sequencing in the resolver can cause named to crash

A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion...

7.5CVSS6.8AI score0.27725EPSS
Exploits0References5
OSV
OSV
added 2018/01/17 12:28 p.m.2 views

USN-3535-1 bind9 vulnerability

Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.27725EPSS
Exploits0References2
seebug.org
seebug.org
added 2018/01/16 12:0 a.m.67 views

CODE EXECUTION (CVE-2018-5189) WALKTHROUGH ON JUNGO WINDRIVER 12.5.1

INTRODUCTION Windows kernel exploitation can be a daunting area to get into. There are tons of helpful tutorials out there and originally this post was going to add to that list. This is the story of how I found CVE-2018-5189 and a complete walkthrough of the exploit development cycle. The idea w...

8.5AI score0.01204EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2018/01/16 12:0 a.m.32 views

CVE-2017-3145

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1...

7.5CVSS6.9AI score0.27725EPSS
Exploits0References4
OSV
OSV
added 2018/01/16 12:0 a.m.3 views

UBUNTU-CVE-2017-3145

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1...

7.5CVSS6.9AI score0.27725EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.26 views

Fedora 27 : curl (2017-b25c8a7087)

fix buffer overflow while processing IMAP FETCH response CVE-2017-1000257 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

9.1CVSS7.2AI score0.06224EPSS
Exploits0References2
OSV
OSV
added 2018/01/11 4:29 p.m.2 views

CVE-2018-5189

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.8CVSS6AI score0.01204EPSS
Exploits3References2
NVD
NVD
added 2018/01/11 4:29 p.m.27 views

CVE-2018-5189

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.8CVSS7.5AI score0.01204EPSS
Exploits3References2
Prion
Prion
added 2018/01/11 4:29 p.m.18 views

Race condition

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.2CVSS7.5AI score0.01204EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2018/01/11 4:0 p.m.29 views

CVE-2018-5189

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.6AI score0.01204EPSS
Exploits3References2
Rows per page
Query Builder