Lucene search
K

102 matches found

BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.14 views

The vulnerability of the qla2x00_mem_alloc() function in the drivers/scsi/qla2xxx/qla_os.c module of the QLogic QLA2XXX kernel driver for the Linux operating system allows a hacker to cause service failure or exert other adverse effects.

The vulnerability of the qla2x00memalloc function in the drivers/scsi/qla2xxx/qlaos.c file of the QLogic QLA2XXX kernel in the Linux operating system is related to the reallocation of previously released memory. Exploiting this vulnerability could allow an attacker to cause a service failure or...

7.8CVSS6.6AI score0.00239EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.10 views

The vulnerability of the cdns3_gadget_giveback() function in the drivers/usb/cdns3/cdns3-gadget.c file of the USB Cadence driver for the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cdns3gadgetgiveback function in the drivers/usb/cdns3/cdns3-gadget.c file of the USB Cadence driver for the Linux operating system is related to the reallocation of allocated memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

4.6CVSS6.3AI score0.00242EPSS
Exploits0References21Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/26 12:0 a.m.4 views

The vulnerability of the QEMU hardware emulation software, related to a memory rerelease error, allows a hacker to execute arbitrary code.

The vulnerability of the QEMU hardware emulation software is related to a memory reallocation error. Exploiting this vulnerability allows an attacker to execute arbitrary code by performing repeated DMA transfers...

8.2CVSS7.7AI score0.00278EPSS
Exploits0References17Affected Software7
Veracode
Veracode
added 2024/04/16 8:59 a.m.26 views

Use-After-Free

gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper handling of memory reallocation in the VCD getvartoken function when triggered via the vcd2vzt conversion utility. It allows a specially crafted .vcd file can lead to arbitrary code execution...

7.8CVSS7.7AI score0.00403EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2024/04/16 8:59 a.m.23 views

Use-After-Free

gtkwave is vulnerable to Use-After-Free. The vulnerability is due to improper handling of memory reallocation in the VCD getvartoken function when triggered via the GUI's interactive VCD parsing code. It allows a specially crafted .vcd file can lead to arbitrary code execution...

7.8CVSS7.7AI score0.00403EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2024/04/16 7:50 a.m.23 views

Out-of-Bounds-Read

gtkwave is vulnerable to Out-of-Bounds-Read. The vulnerability is due to improper handling of memory reallocation in the VCD var definition section functionality via the vcd2lxt conversion utility. It allows a specially crafted .vcd file can lead to arbitrary code execution...

7.8CVSS7.7AI score0.00432EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/11 12:0 a.m.6 views

The vulnerability of the v4l2_async_unregister_subdev() function in the drivers/media/v4l2-core/v4l2-async.c file of the Linux kernel’s video subsystem driver allows a attacker to compromise the integrity and accessibility of protected information.

The vulnerability of the v4l2asyncunregistersubdev function in the drivers/media/v4l2-core/v4l2-async.c file of the Linux kernel’s video subsystem driver is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility o...

6.2CVSS5.9AI score0.00224EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/13 12:0 a.m.4 views

The vulnerability of the `nft_setelem_catchall_deactivate()` function in the `net/netfilter/nf_tables_api.c` module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, thereby enhancing their privileges.

The vulnerability of the nftsetelemcatchalldeactivate function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to the reallocation of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS6.4AI score0.00284EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/09 12:0 a.m.8 views

The vulnerability of the bt_sock_recvmsg() function in the net/bluetooth/af_bluetooth.c module of the Linux kernel’s Bluetooth driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the btsockrecvmsg function in the net/bluetooth/afbluetooth.c module of the Linux kernel’s Bluetooth driver is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

10CVSS6.6AI score0.0026EPSS
Exploits0References15Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.6 views

The vulnerability of the gsm_cleanup_mux() function in the N_GSM driver for Linux operating systems allows attackers to increase their privileges.

The vulnerability of the gsmcleanupmux function in the NGSM driver for Linux operating systems is related to the reallocation of previously released memory due to competitive access to resources a “race condition”. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS6.5AI score0.00767EPSS
Exploits0References15Affected Software5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: bpf, verifier: Fix memory leak in array reallocation for stack state

A flaw was found in the eBPF subsystem in the Linux kernel. An incorrect logic in a helper function for memory reallocation can cause memory leaks when a memory allocation error occurs, potentially leading to system instability and a denial of service...

5.5CVSS6.8AI score0.00164EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.4 views

SUSE CVE-2013-1723

The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service application crash by leveraging incorrect event usage after...

4.3CVSS8.5AI score0.01795EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/15 12:7 p.m.2 views

yajl: heap-based buffer overflow when handling large inputs due to an integer overflow

A flaw was found in the YAJL library in the way it reallocates a memory buffer to store more data. A very large input causes the value used to calculate the buffer size to overflow, resulting in a heap-based buffer overflow...

7.5CVSS7.5AI score0.03472EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.8 views

The vulnerability of the CODESYS Runtime Toolkit execution environment arises from overflowing buffers in dynamic memory, allowing attackers to trigger a service failure or reallocate memory areas.

The vulnerability of the CODESYS Runtime Toolkit execution environment is due to an overflow in the buffer of dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure or reallocate memory by sending a specially crafted request...

9CVSS8.1AI score0.01323EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/09 12:0 a.m.5 views

The vulnerability of the `package_set_ring` function in the `net/packet/af_packet.c` component of the Linux kernel allows a hacker to increase their privileges within the system or cause a service failure.

The vulnerability of the packagesetring function in the net/packet/afpacket.c component of the Linux kernel is related to the reallocation of memory. Exploiting this vulnerability could allow a remote attacker to increase their privileges within the system or cause service failures...

9CVSS6.9AI score0.05918EPSS
Exploits2References28Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.7 views

The vulnerability of the libxslt library in iOS, iPadOS, tvOS, watchOS, and macOS allows attackers to execute arbitrary code on the target system.

The vulnerability of the libxslt library in iOS, iPadOS, tvOS, watchOS, and macOS relates to the reallocation of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system using a specially created malicious file...

7.8CVSS7.7AI score0.00911EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.5 views

The vulnerability of the OpenLDAP protocol, related to the reallocation of memory, allows a hacker to perform a denial-of-service attack.

The vulnerability of the OpenLDAP protocol is related to the reclamation of memory. Exploiting this vulnerability allows a malicious actor to perform a service denial by sending a specially crafted request to slapd...

7.8CVSS6.9AI score0.043EPSS
Exploits0References16Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/12/28 12:0 a.m.8 views

The vulnerability of the OpenLDAP protocol, related to the reallocation of memory, allows a hacker to perform a denial-of-service attack.

The vulnerability of the OpenLDAP protocol lies in the repeated memory release that occurs during the processing of control elements involving value return filters. Exploiting this vulnerability allows a malicious actor to perform a denial-of-service attack by sending a specially crafted request ...

7.8CVSS6.8AI score0.043EPSS
Exploits0References13Affected Software7
BDU FSTEC
BDU FSTEC
added 2021/04/16 12:0 a.m.6 views

The vulnerability of the IPv4 tunneling implementation in the Trace TCP/IP protocol stack, related to the repeated memory release, allows a attacker to cause a service failure.

The vulnerability of the IPv4 tunneling implementation in the Trace TCP/IP protocol stack is related to the reallocation of memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

8.5CVSS8.1AI score0.1285EPSS
Exploits1References4Affected Software146
OSV
OSV
added 2020/09/11 7:15 p.m.7 views

CVE-2013-7491

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...

5.3CVSS5.5AI score
Exploits0References4
Rows per page
Query Builder