Lucene search
K

108 matches found

BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.8 views

The vulnerability of the RPMB process in the Android operating system allows a hacker to bypass certificate verification.

The vulnerability of the RPMB process in the Android operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to bypass certificate verification...

9.3CVSS7.2AI score0.00578EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/03/11 12:0 a.m.11 views

mbed TLS (PolarSSL) -- multiple vulnerabilities

Janos Follath reports: If a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an attacker can cause the server or client to attempt to free block of memory held on stack. Depending on the platform, this could result in a Denial of Service client crash or...

3AI score
Exploits0References1
Hacker One
Hacker One
added 2017/03/10 11:35 a.m.36 views

shopify-scripts: sprintf gem - format string combined attack

In the sprintf gem, NOT included in mruby-engine, there are severe vulnerabilities, including information leak, and heap buffer overflow. Here are the technical details. Technical Error 1: ============== The CHECKl macro can sometimes receive negative values, that will bypass the size checks, sin...

7.3AI score
Exploits0
Debian CVE
Debian CVE
added 2017/01/30 9:0 p.m.39 views

CVE-2016-9939

Crypto++ aka cryptopp and libcrypto++ 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the memory block will b...

7.5CVSS7.6AI score0.04202EPSS
Exploits0
Exploit DB
Exploit DB
added 2016/11/21 12:0 a.m.50 views

Microsoft Edge - 'CText­Extractor::Get­Block­Text' Out-of-Bounds Read (MS16-104)

::first-letter border: 0; white-space: pre-line; Aalert;&x­D;&x­D;B Description Though I did not investigate thoroughly, I did find out the following: The root cause appears to be an integer underflow in a 32-bit variable used in CText­Extractor..Get­Block­Text as an index to read a WCHAR in a...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/11/10 12:0 a.m.37 views

VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read Exploit

Exploit for windows platform in category dos / poc !-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/09 12:0 a.m.51 views

VBScript RegExpComp::PnodeParse Out-Of-Bounds Read

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the sixth entry in that series. The below information is available in more detail on my blog at http://blog.skylined.nl/20161108001.html. There you can find a repro th...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/09 12:0 a.m.38 views

VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

!-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able t...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/10/18 2:31 p.m.4 views

kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path

A flaw was found in the Linux kernel's keyring handling code: the keyrejectandlink function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation...

5.5CVSS6.7AI score0.00582EPSS
Exploits0References4
NVD
NVD
added 2016/09/26 7:59 p.m.17 views

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

10CVSS9.7AI score0.70223EPSS
Exploits0References14
Prion
Prion
added 2016/09/26 7:59 p.m.30 views

Design/Logic Flaw

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

10CVSS8.3AI score0.70223EPSS
Exploits0References14Affected Software1
UbuntuCve
UbuntuCve
added 2016/09/26 7:59 p.m.29 views

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

10CVSS7.7AI score0.70223EPSS
Exploits0References2
CVE
CVE
added 2016/09/26 7:0 p.m.137 views

CVE-2016-6309

CVE-2016-6309 concerns OpenSSL 1.1.0a and describes a use-after-free due to memory-block handling after realloc during TLS session processing, enabling a remote attacker to cause a denial of service or possibly execute arbitrary code. The provided documents include multiple IBM advisories that re...

10CVSS8.8AI score0.70223EPSS
Exploits0References14Affected Software1
Cvelist
Cvelist
added 2016/09/26 7:0 p.m.23 views

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

8.9AI score0.70223EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2016/09/26 7:0 p.m.37 views

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

10CVSS9.8AI score0.70223EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2016/09/26 10:42 a.m.38 views

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

10CVSS7.8AI score0.70223EPSS
Exploits0References2
Mageia
Mageia
added 2016/09/21 8:38 p.m.16 views

Updated libksba packages fix security vulnerability

It was found that an unproportionate amount of memory is allocated when parsing crafted certificates in libskba, which may lead to DoS. Moreover in libksba 1.3.4, allocated memory is uninitialized and could potentially contain sensitive data left in freed memory block...

4.5AI score
Exploits0References4
seebug.org
seebug.org
added 2016/06/07 12:0 a.m.13 views

Cisco Unified IP phones 内存块设备弱权限漏洞

No description provided by source...

7.1AI score
Exploits0
Cisco
Cisco
added 2016/05/17 2:0 p.m.32 views

Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability

A vulnerability in the IPsec code of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service DoS condition. The vulnerability is d...

6.3CVSS6.7AI score0.01155EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2015/09/07 12:0 a.m.29 views

PHP 5.6 GMP unserialize() Use-After-Free

Use After Free Vulnerability in unserialize with GMP Taoguang Chen - Write Date: 2015.8.17 - Release Date: 2015.9.4 A use-after-free vulnerability was discovered in unserialize with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code...

0.2AI score
Exploits0
Rows per page
Query Builder