Lucene search
K

1307 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.8 views

SUSE CVE-2016-3158

The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOT...

3.8CVSS6.1AI score0.0041EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.5 views

SUSE CVE-2016-3159

The fpufxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits...

3.8CVSS6.1AI score0.00399EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.3 views

SUSE CVE-2016-7170

The vmsvgafiforun function in hw/display/vmwarevga.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via vectors related to cursor.mask and cursor.image array sizes when processing a DEFINECURSOR svga command...

4.4CVSS8.5AI score0.00402EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.4 views

SUSE CVE-2017-3073

Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution...

8.8CVSS7.8AI score0.0486EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.3 views

SUSE CVE-2017-3081

Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution...

10CVSS7.9AI score0.14425EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.2 views

SUSE CVE-2017-5406

A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox 52 and Thunderbird 52...

7.5CVSS6.4AI score0.01808EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:32 a.m.4 views

SUSE CVE-2018-4190

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote...

8.8CVSS5.6AI score0.03582EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.7 views

SUSE CVE-2018-5174

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

7.5CVSS8.8AI score0.01871EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.6 views

SUSE CVE-2018-5685

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function coders/bmp.c. Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value...

7.5CVSS6.6AI score0.01938EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6115

Inappropriate setting of the SEEMASKFLAGNOUI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page...

6.5CVSS8.7AI score0.0106EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.1 views

SUSE CVE-2018-15862

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers...

3.3CVSS6.6AI score0.00433EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0137

A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries...

7.5CVSS6.7AI score0.00555EPSS
Exploits1References3
OSV
OSV
added 2023/02/03 6:15 p.m.5 views

CVE-2021-36432

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via josetmask function in jocms/apps/mask/mask.php...

7.5CVSS6AI score0.00854EPSS
Exploits1References1
OSV
OSV
added 2023/02/03 6:15 p.m.4 views

CVE-2021-36433

SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jodeletemask function in jocms/apps/mask/mask.php...

9.1CVSS6AI score0.00864EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.4 views

jocms SQL注入漏洞

jocms is mxgbr individual developers an easy to edit simple CMS. A security vulnerability exists in jocms version 0.8, which is caused by SQL injection, and can be exploited by remote attackers to run arbitrary SQL commands and view sensitive information via the josetmask function in...

7.5CVSS7.8AI score0.00854EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/01/27 12:0 a.m.6 views

D-Link DIR-878 操作系统命令注入漏洞

The D-Link DIR-878 is a wireless router from China-based AUO D-Link. The D-Link DIR-878 DIR878FW1.30B08 firmware version suffers from an operating system command injection vulnerability that stems from its /SetNetworkSettings/SubnetMask component that allows attackers to achieve command injection...

9.8CVSS8.4AI score0.03113EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.3 views

PT-2025-38050

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to inter-processor interrupts IPIs. Specifically, a NULL pointer dereference can occur in the irq data get affinity mask function when ipi send...

5.5CVSS5.5AI score0.00134EPSS
Exploits0
CNNVD
CNNVD
added 2022/11/18 12:0 a.m.3 views

WordPress plugin Better Messages 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

6.5CVSS6.5AI score0.00447EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2022/11/15 12:0 a.m.43 views

Moderate: dhcp security and enhancement update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

6.8CVSS7.2AI score0.0325EPSS
Exploits0References4
OSV
OSV
added 2022/11/14 6:15 p.m.1 views

UBUNTU-CVE-2022-0137

A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries...

7.5CVSS6.8AI score0.00555EPSS
Exploits1References3
Rows per page
Query Builder