Lucene search
K

128 matches found

OSV
OSV
added 2022/05/26 4:15 p.m.3 views

DEBIAN-CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS7.2AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2022/05/26 4:15 p.m.3 views

ALPINE-CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS7.1AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/05/03 9:24 p.m.49 views

CVE-2021-3839

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. Mitigation Mitigation for this issu...

7.5CVSS1.6AI score0.01259EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.4 views

3S-Smart Software Solutions CODESYS Control 安全漏洞

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3S-Smart Software Solutions 3s-smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS Control that allows any system user to read and...

7.8CVSS7.4AI score0.00253EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/12/07 8:42 p.m.21 views

CVE-2021-36133

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral...

7.1CVSS7AI score0.0026EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

SAP Netweaver 缓冲区错误漏洞

SAP Netweaver is a service oriented, integrated application platform from SAP Germany that provides a development and runtime environment for SAP applications. SAP Netweaver is vulnerable to an input validation error that results from a network system or product that does not properly validate da...

7.5CVSS6AI score0.01325EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.5 views

3S-Smart Software Solutions CODESYS V2 Web-Server 安全漏洞

3S-Smart Software Solutions CODESYS V2 Web-Server is an application from 3S-Smart Software Solutions, Germany. A web server. A buffer overflow vulnerability exists in 3S-Smart Software Solutions CODESYS V2 Web-Server versions prior to 1.1.9.20, which can be exploited by an attacker with the help ...

7.5CVSS6AI score0.01017EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.6 views

QNAP NAS devices buffer error vulnerability

A buffer error vulnerability exists in QNAP NAS devices that originates when a network system or product performs an operation in memory without properly validating data boundaries, resulting in an incorrect read or write operation being performed to an associated other memory location. An attack...

9.8CVSS7.7AI score0.02942EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/10 12:0 a.m.8 views

Intel XTU Security Vulnerability

A buffer error vulnerability exists in Intel XTU that originates when a networked system or product performs an operation in memory without properly validating the data boundaries, resulting in incorrect read and write operations being performed to other memory locations in the association. An...

4.4CVSS6AI score0.00486EPSS
Exploits0References3
OSV
OSV
added 2020/11/16 9:15 p.m.4 views

CVE-2020-27485

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...

9.9CVSS7.3AI score0.01625EPSS
Exploits1References1
OSV
OSV
added 2020/11/08 5:15 a.m.1 views

CVE-2020-28343

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 Exynos 980, 9820, and 9830 chipsets software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 November 2020...

7.8CVSS7.4AI score0.0024EPSS
Exploits0References1
Metasploit
Metasploit
added 2020/10/01 5:41 p.m.62 views

Safari in Operator Side Effect Exploit

This module exploits an incorrect side-effect modeling of the 'in' operator. The DFG compiler assumes that the 'in' operator is side-effect free, however the element with the PDF plugin provides a callback that can trigger side-effects leading to type confusion CVE-2020-9850. The type confusion c...

9.8CVSS7.3AI score0.77246EPSS
Exploits3
GoogleProjectZero
GoogleProjectZero
added 2020/09/01 12:0 a.m.218 views

JITSploitation II: Getting Read/Write

Posted by Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed i...

8.8CVSS9.4AI score0.08207EPSS
Exploits4
NVD
NVD
added 2020/08/12 6:15 p.m.29 views

CVE-2020-17360

An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...

7.8CVSS7.7AI score0.01159EPSS
Exploits8References5
OSV
OSV
added 2020/08/12 6:15 p.m.15 views

CVE-2020-17360

An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...

7.8CVSS7AI score
Exploits0References5
Prion
Prion
added 2020/08/12 6:15 p.m.9 views

Integer overflow

An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...

6.8CVSS8.7AI score0.01159EPSS
Exploits8References5Affected Software1
CNVD
CNVD
added 2020/06/01 12:0 a.m.1 views

FreeRDP Input Validation Error Vulnerability (CNVD-2020-31432)

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. An input validation error vulnerability exists in the USB redirection channel in FreeRDP 2.0.0 and prior versions. An attacker can exploit this vulnerability to read or write arbitrary memory...

8CVSS9.4AI score0.01268EPSS
Exploits0References1
OSV
OSV
added 2020/05/29 7:15 p.m.0 views

DEBIAN-CVE-2020-11039

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled nearly arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0...

6.8CVSS7.6AI score0.01268EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/04/28 3:43 p.m.3 views

kernel: malicious USB devices can lead to multiple out-of-bounds write

An out-of-bounds write flaw was found in the Linux kernel’s HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address...

6.8CVSS6.8AI score0.00504EPSS
Exploits0References4
OSV
OSV
added 2020/03/14 1:15 a.m.4 views

CVE-2020-10565

grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...

7.8CVSS6.2AI score0.0041EPSS
Exploits0References1
Rows per page
Query Builder