Lucene search
+L

211 matches found

CNVD
CNVD
added 2023/12/15 12:0 a.m.41 views

Unspecified Vulnerability in Adobe Illustrator (CNVD-2023-9999285)

Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Illustrator, which can be exploited by an attacker to cause a read beyond the end of an allocated memory structure...

7.8CVSS6.6AI score0.00421EPSS
Exploits0References1
Atlassian
Atlassian
added 2023/11/14 3:45 a.m.42 views

DoS (Denial of Service) json-java in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.1 and 9.3.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS6.7AI score0.01449EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.5 views

The vulnerability of the dwarf2.c component in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the dwarf2.c component in the GNU Binutils development environment is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to cause a service failure...

7.8CVSS7.5AI score0.04726EPSS
Exploits0References7Affected Software2
Vulnrichment
Vulnrichment
added 2023/11/07 3:28 p.m.12 views

CVE-2023-3889 Mali GPU Kernel Driver exposes sensitive data from freed memory

A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory...

7.1AI score0.00183EPSS
Exploits0References1
Veracode
Veracode
added 2023/08/06 12:7 p.m.30 views

Arbitrary Code Execution

firefox and thunderbird are vulnerable to Arbitrary Code Execution. An attacker could exploit the vulnerability by creating a specially crafted web page that would cause Firefox to crash. When Firefox crashes, it would leave behind some residual memory that could be exploited by the attacker to...

9.8CVSS7.5AI score0.00732EPSS
Exploits0References5Affected Software3
Redos
Redos
added 2023/06/15 12:0 a.m.8 views

ROS-20230615-05

Vulnerability in Thunderbird email client is related to incorrect processing of user data in the error page for sites with invalid TLS certificates. displaying certificate exceptions, on the error page for sites with invalid TLS certificates. Exploitation of the vulnerability could allow an...

9.8CVSS7.5AI score0.0093EPSS
Exploits0
NVD
NVD
added 2023/05/30 9:15 p.m.20 views

CVE-2023-0779

At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...

7.7CVSS6.8AI score0.00518EPSS
Exploits0References1
Prion
Prion
added 2023/05/30 9:15 p.m.17 views

Design/Logic Flaw

At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...

5.1CVSS7.6AI score0.00518EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 12:0 a.m.8 views

CVE-2023-0779 net: shell: Improper input validation

At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible...

6.7CVSS7.6AI score0.00518EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/12 10:9 a.m.10 views

CVE-2023-2512 Buffer under-read in workerd

Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a...

6.5CVSS8.1AI score0.00617EPSS
Exploits0References2
Redos
Redos
added 2023/04/20 12:0 a.m.10 views

ROS-20230420-04

Vulnerability in Mozilla Firefox, Firefox ESR browsers and Thunderbird mail client of the operating systems Windows operating systems is related to insufficient protection of service data when processing a request to save files via the "Save As" dialog box. via the "Save As" dialog box...

8.8CVSS8.2AI score0.00798EPSS
Exploits0
CNVD
CNVD
added 2023/04/16 12:0 a.m.4 views

Adobe Substance 3D Stager Out-of-Bounds Read Vulnerability

Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Substance 3D Stager 2.0.1 and prior versions, which can be exploited by an attacker to read beyond the end of an allocated memory structure...

5.5CVSS6.5AI score0.00325EPSS
Exploits0References1
Prion
Prion
added 2023/03/27 9:15 p.m.20 views

Design/Logic Flaw

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...

4.3CVSS7.8AI score0.00899EPSS
Exploits0References4Affected Software18
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.8 views

CVE-2022-48293

The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality...

7.2AI score0.00202EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2022/12/22 12:0 a.m.29 views

CVE-2022-42932

Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

8.8CVSS9.4AI score0.00712EPSS
Exploits0
CloudLinux
CloudLinux
added 2022/11/23 8:55 p.m.50 views

vim: Fix of CVE-2022-3352

CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory...

7.8CVSS3AI score0.00492EPSS
Exploits1
CNVD
CNVD
added 2022/10/13 12:0 a.m.62 views

SAP 3D Visual Enterprise Viewer .obj Buffer Overflow Vulnerability

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable program and ActiveX space. A buffer overflow vulnerability...

7.8CVSS8AI score0.00553EPSS
Exploits0References1
Prion
Prion
added 2022/09/16 6:15 p.m.21 views

Double free

Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...

7.5CVSS9.3AI score0.00551EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2022/09/16 12:0 a.m.59 views

CVE-2022-39002

CVE-2022-39002 describes a double free in the storage module, causing memory to be freed twice. NVD assigns CVSS 3.1 base 9.8 (CRITICAL, NETWORK/LOW complexity, no user interaction). Connected sources corroborate a storage-module double-free vulnerability; one document lists affected Huawei EMUI ...

9.8CVSS9.3AI score0.00551EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.6 views

PT-2022-6968 · Autodesk · Autodesk Fbx-Sdk

Name of the Vulnerable Software and Affected Versions: Autodesk FBX SDK version 2020 Description: The issue is related to a use-after-free vulnerability that can be exploited by tricking a user into opening a malicious FBX file. This may cause the application to reference a memory location...

7.8CVSS8.1AI score0.00351EPSS
Exploits0References6
Rows per page
Query Builder