Lucene search
K

925 matches found

Prion
Prion
added 2017/08/04 3:29 p.m.22 views

Input validation

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

6.8CVSS8.7AI score0.01989EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/08/04 3:0 p.m.28 views

CVE-2017-12448

The bfdcacheclose function in bfd/cache.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because...

7.8CVSS7.9AI score0.01989EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/07/06 12:0 a.m.8 views

The vulnerability of the `gdImageWebPtr` function in the GD Graphics Library allows attackers to exert undefined effects.

The vulnerability of the gdImageWebPtr function in the GD Graphics Library is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker, operating remotely, to cause unpredictable effects by using large values for width and height...

7.5CVSS7.7AI score0.04449EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2017/06/13 12:0 a.m.4 views

Huawei P10 Plus Mobile Touchscreen Driver Memory Repeatedly Released Vulnerability

Huawei P10 Plus is a smartphone device from Chinese company Huawei Huawei. A memory duplicate release vulnerability exists in the touchscreen driver of the Huawei P10 Plus phone. An attacker who has gained root access to Android induces the user to install a malicious mobile application, which ca...

9.3CVSS7.3AI score0.01015EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.4 views

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the console-based graphic editor ImageMagick is related to the repeated release of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure termination of the application through the use of a specially created tga forma...

4.3CVSS6.8AI score0.01439EPSS
Exploits0References4
myhack58
myhack58
added 2017/01/10 12:0 a.m.31 views

Reverse Safety series: Use After Free vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Thinking the next step is to write a use after free small summary, just happened to be the nearest Lake Gordon Cup 2016 the one.---- game Use the use after free can be out. This title is their first in more formal competitions, make pwn title, do this question of time spent a lot, t...

7.5AI score
Exploits0
myhack58
myhack58
added 2016/12/16 12:0 a.m.73 views

unsorted bin attack analysis-vulnerability warning-the black bar safety net

One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...

1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Firefox browser, which allows a remote attacker to trigger a service failure

The vulnerability of Firefox’s browser in the webrtc::VPMContentAnalysis::Release function of the WebRTC component lies in the use of incompatible methods for releasing memory allocated for storing simple-type arrays. Exploiting this vulnerability allows a malicious actor to trigger a service...

5CVSS7.7AI score0.0281EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Cisco Wireless LAN Controller 2000 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Cisco Wireless LAN Controller 2100 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

The vulnerability of the Cisco Wireless LAN Controller 4100 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Cisco Wireless LAN Controller 2500 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Cisco Wireless LAN Controller 5500 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Cisco Wireless LAN Controller 4400 software allows a malicious individual to cause service failure.

Vulnerability exists in Cisco Wireless LAN Controller WLC devices due to improper memory release. This allows malicious actors operating remotely to trigger a service failure by sending frequent WebAuth authorization requests...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2015/12/17 7:0 p.m.32 views

CVE-2015-8340

The memoryexchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service deadlock or host crash via unspecified vectors, related to XENMEMexchange error handling...

4.7CVSS8AI score0.00383EPSS
Exploits0
CNVD
CNVD
added 2015/12/06 12:0 a.m.5 views

OpenSSL Competitive Conditional Denial of Service Vulnerability

OpenSSL is an open source implementation of SSL for strong encryption of network communications. A security vulnerability exists in OpenSSL, which can be exploited by a remote attacker to send a special PSK identity that triggers a contention condition and then triggers two releases of memory,...

4.3CVSS8.6AI score0.12814EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2015/07/14 12:0 a.m.11 views

Microsoft Excel ASLR Bypass (MS15-070; CVE-2015-2375)

A security feature bypass vulnerability exists in Microsoft Excel. The vulnerability is caused when memory is released in an unintended manner. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Excel file...

4.3CVSS6.1AI score0.1385EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.4 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.10378EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.3 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.95184EPSS
Exploits4References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.5 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software arises from the repeated release of memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.95184EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder