Lucene search
K

1649 matches found

OSV
OSV
added 2017/12/20 6:29 p.m.4 views

CVE-2017-14969

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114...

7.8CVSS5.8AI score0.00414EPSS
Exploits1References1
OSV
OSV
added 2017/12/20 6:29 p.m.3 views

CVE-2017-14964

In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300005c...

7.8CVSS5.8AI score0.00414EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/20 12:0 a.m.5 views

TG Soft Vir.IT eXplorer Lite Denial of Service Vulnerability (CNVD-2017-37938)

TG Soft Vir.IT eXplorer Lite is a suite of virus protection software. The program features anti-virus, anti-spyware, malware and virus detection. A denial of service vulnerability exists in the VIRAGTLT.SYS file in TG Soft Vir.IT eXplorer Lite version 8.5.65, which originates when the program fai...

7.8CVSS6.5AI score0.00442EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2017/12/14 10:15 p.m.14 views

Qemu: qemu-nbd crashes due to undefined I/O coroutine

An assertion-failure flaw was found in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to...

7.5CVSS5.8AI score0.05529EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 6:26 p.m.7 views

undertow: IO thread DoS via unclean Websocket closing

It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

7.5CVSS7.3AI score0.03662EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:31 p.m.11 views

undertow: IO thread DoS via unclean Websocket closing

It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

7.5CVSS7.3AI score0.03662EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/11/16 7:52 p.m.6 views

undertow: IO thread DoS via unclean Websocket closing

It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

7.5CVSS7.3AI score0.03662EPSS
Exploits0References4
CNVD
CNVD
added 2017/11/01 12:0 a.m.6 views

Apple macOS High Sierra ImageIO Memory Corruption Vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers. imageIO is one of the static methods used to perform common image I/O operations. A security vulnerability exists in the ImageIO component of Apple macOS High Sierra versions prior to 10.13.1. A remote...

7.8CVSS7.6AI score0.01467EPSS
Exploits0References1
OSV
OSV
added 2017/10/27 3:19 p.m.6 views

SUSE-SU-2017:2873-1 Security update for xen

This update for xen fixes several issues: These security issues were fixed: - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host bsc10597...

8.8CVSS7.5AI score0.01547EPSS
Exploits1References19
OSV
OSV
added 2017/10/18 8:29 a.m.4 views

ALPINE-CVE-2017-15589

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS or an arbitrary guest OS because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack memory...

6.5CVSS6.6AI score0.00407EPSS
Exploits0References1
OSV
OSV
added 2017/10/10 11:39 p.m.8 views

USN-3444-2 linux-lts-xenial vulnerabilities

USN-3444-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jan H. Schönherr discovered that the Xen subsystem did not properly handle block IO...

8.8CVSS6.7AI score0.00497EPSS
Exploits0References4
CNVD
CNVD
added 2017/09/19 12:0 a.m.5 views

Sophos HitmanPro.Alert solution and Sophos Clean SurfRight HitmanPro denial of service vulnerabilities

Sophos HitmanPro.Alert solution and Sophos Clean are both virus protection software from Sophos UK.SurfRight HitmanPro is one of the malware scanning tools available. A security vulnerability exists in hitmanpro37.sys in versions prior to SurfRight HitmanPro 3.7.20 Build 286 in Sophos...

5.5CVSS6.5AI score0.00401EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.7 views

The vulnerability of the Android operating system’s IOCTL handler from the SAF repository, which allows a attacker to trigger a numerical overflow and write beyond the memory boundaries.

The vulnerability of the Android operating system’s IOCTL handler from the CAF repository arises due to synchronization errors when using a shared resource during a race condition. Exploiting this vulnerability can allow an attacker to trigger a full memory overflow and write beyond the memory...

7.6CVSS7.1AI score0.00362EPSS
Exploits0References3
OSV
OSV
added 2017/09/13 8:29 a.m.4 views

CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...

7.8CVSS5.9AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2017/09/11 5:29 p.m.6 views

CVE-2017-14075

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...

7.8CVSS6.2AI score0.01821EPSS
Exploits6References2
RedHat Linux
RedHat Linux
added 2017/09/06 8:36 p.m.8 views

kernel: race condition between direct and memory-mapped I/O in fs/xfs/xfs_aops.c

It was found that the Linux kernel can hit a BUGON statement in the xfsgetblocks in the fs/xfs/xfsaops.c because of a race condition between direct and memory-mapped I/O associated with a hole in a file that is handled with BUGON instead of an I/O failure. This allows a local unprivileged attacke...

4.7CVSS7.1AI score0.00308EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.5 views

A vulnerability exists in the ioctl handler of the Android-based mobile application, allowing an attacker to gain access beyond the memory boundaries.

The vulnerability in the ioctl handler of the Android mobile application for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access beyond the memory boundaries due to the lack of...

9.3CVSS7.2AI score0.0055EPSS
Exploits0References4
OSV
OSV
added 2017/08/30 9:29 a.m.2 views

ALPINE-CVE-2017-13766

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation...

7.5CVSS6.8AI score0.02012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/08/29 12:0 a.m.34 views

openSUSE Security Update : freeradius-server (openSUSE-2017-972)

This update for freeradius-server fixes the following issues : - update to 3.0.15 bsc1049086 - Bind the lifetime of program name and python path to the module - CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 - CVE-2017-10983: FR-GV-206: Fix read overflow when...

9.8CVSS8.1AI score0.06015EPSS
Exploits0References8
CNVD
CNVD
added 2017/08/11 12:0 a.m.6 views

Adiscon rsyslog zmq3 input and output module string vulnerability

Adiscon rsyslog is a multithreaded enhancement of syslogd from Adiscon Germany, which is mainly used to collect system logs. zmq3 input and output modules is one of the input and output modules. A security vulnerability exists in the zmq3 input and output module in versions of Adiscon rsyslog pri...

9.8CVSS9.1AI score0.02834EPSS
Exploits0References1
Rows per page
Query Builder