CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GitLab Advisory Database•added 2022/05/13 12:0 a.m.•22 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...

7.5CVSS2AI score0.00609EPSS

GitLab Advisory Database•added 2022/05/13 12:0 a.m.•52 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...

7.5CVSS2.8AI score0.00693EPSS

GitLab Advisory Database•added 2022/05/13 12:0 a.m.•25 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

7.5CVSS2.8AI score0.00693EPSS

ICS•added 2022/05/10 12:0 a.m.•43 views

Siemens Industrial Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS7.8AI score0.00499EPSS

Exploits0References10

BDU FSTEC•added 2022/05/06 12:0 a.m.•2 views

Vulnerability of the Cluster component: The general database management system of Oracle MySQL Cluster allows a hacker to gain full control over the application.

Vulnerability of the Cluster component: The general database management system for Oracle MySQL Cluster is vulnerable when operations are performed outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain full control over the application through various network...

6.5CVSS6.8AI score0.09199EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2022/05/05 12:0 a.m.•5 views

CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

8.1CVSS8.6AI score0.00509EPSS

Exploits0References6

BDU FSTEC•added 2022/05/04 12:0 a.m.•4 views

The vulnerability of the NanoSSL library in microprogramming software for ERS3500, ERS3600, ERS4900, and ERS5900 switches allows a hacker to execute arbitrary code.

The vulnerability of the NanoSSL library software for ERS3500, ERS3600, ERS4900, and ERS5900 switches is caused by buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted POST request...

10CVSS6.4AI score

Exploits0References2

Tenable Nessus•added 2022/04/28 12:0 a.m.•53 views

Siemens SIMATIC S7-400 Improper Restriction of Operations Within the Bounds of a Memory Buffer (CVE-2021-40368)

A vulnerability has been identified in SIMATIC S7-400 H V6 CPU family incl. SIPLUS variants All versions V6.0.10, SIMATIC S7-400 PN/DP V7 CPU family incl. SIPLUS variants All versions, SIMATIC S7-410 V10 CPU family incl. SIPLUS variants All versions V10.1, SIMATIC S7-410 V8 CPU family incl. SIPLU...

7.5CVSS7.1AI score0.00444EPSS

Exploits0References3

NVD•added 2022/04/27 6:15 p.m.•14 views

CVE-2022-28196

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blobdecompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and...

4.6CVSS0.00242EPSS

NVD•added 2022/04/27 6:15 p.m.•12 views

CVE-2022-28193

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial ...

5.6CVSS0.00195EPSS

NVD•added 2022/04/27 6:15 p.m.•14 views

CVE-2022-28194

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrablcbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to...

7.3CVSS0.00083EPSS

Prion•added 2022/04/27 6:15 p.m.•24 views

Buffer overflow

4.4CVSS5.7AI score0.00083EPSS

Prion•added 2022/04/27 6:15 p.m.•22 views

Buffer overflow

4.6CVSS5.7AI score0.00195EPSS

Prion•added 2022/04/27 6:15 p.m.•16 views

Buffer overflow

3.6CVSS5.1AI score0.00242EPSS

Cvelist•added 2022/04/27 5:57 p.m.•21 views

CVE-2022-28196

4.6CVSS5.9AI score0.00242EPSS

Cvelist•added 2022/04/27 5:57 p.m.•15 views

CVE-2022-28194

7.3CVSS7.4AI score0.00083EPSS

CVE•added 2022/04/27 5:57 p.m.•82 views

CVE-2022-28194

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, potentially leading to code execution, loss of integrity, limited denial of service, and confident...

7.3CVSS5.7AI score0.00083EPSS

CVE•added 2022/04/27 5:57 p.m.•79 views

CVE-2022-28193

The CVE-2022-28193 entry concerns NVIDIA Jetson Linux Driver Package. A vulnerability in the Cboot module tegrabl_cbo.c arises from insufficient validation of untrusted data, which can permit a local attacker with elevated privileges to cause a memory buffer overflow. Claimed impacts include code...

5.6CVSS5.7AI score0.00195EPSS

Cvelist•added 2022/04/27 5:57 p.m.•21 views

CVE-2022-28193

5.6CVSS6.5AI score0.00195EPSS