Lucene search
+L

2234 matches found

BDU FSTEC
BDU FSTEC
added 2021/01/19 12:0 a.m.5 views

The vulnerability of Adobe Illustrator’s graphic editor lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator’s graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

9.3CVSS8AI score0.02533EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/01/19 12:0 a.m.6 views

The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user...

9.3CVSS7.8AI score0.02138EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/01/18 12:0 a.m.6 views

Open Design Alliance Drawings SDK 安全漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

7.8CVSS7.1AI score0.02286EPSS
Exploits0References11
OSV
OSV
added 2021/01/16 10:6 a.m.10 views

OPENSUSE-SU-2021:0075-1 Security update for the Linux Kernel

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-29568: An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the event...

9.8CVSS8.2AI score0.06563EPSS
Exploits7References97
BDU FSTEC
BDU FSTEC
added 2021/01/14 12:0 a.m.4 views

The vulnerability of the Mozilla Firefox browser, related to the use of memory after its release, allows a hacker to trigger a service failure.

The vulnerability of the Mozilla Firefox browser is related to the use of a memory area after it is freed. Exploiting this vulnerability can allow an attacker, working remotely, to cause a service failure...

7.5CVSS7.4AI score0.02025EPSS
Exploits1References9Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.6 views

The vulnerability in the memory of Firefox web browsers, Firefox ESR, and the Thunderbird email client involves an operation that goes beyond the allowed limits of the data buffer. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the memory of Firefox web browsers, Firefox ESR, and the Thunderbird email client relates to the execution of operations beyond the allowed boundaries of the data buffer. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its...

9.3CVSS7.8AI score0.02401EPSS
Exploits0References19Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.5 views

The vulnerability of Firefox browsers, Firefox ESR, and the Thunderbird email client relates to the issue of operations beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Firefox browsers, Firefox ESR, and the email client Thunderbird is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to information and compromise its integrity and...

10CVSS8.1AI score0.02484EPSS
Exploits0References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/01/13 12:0 a.m.4 views

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software lies in the use of memory after it is freed. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

9.3CVSS7.6AI score0.02322EPSS
Exploits0References17Affected Software7
CVE
CVE
added 2021/01/12 2:40 p.m.45 views

CVE-2021-21448

CVE-2021-21448 affects SAP GUI for Windows (version 7.60). The issue allows an attacker with local access and at least OS user privileges to spoof logon credentials for Application Server ABAP backend systems by manipulating client memory, potentially accessing restricted information. Exploitatio...

6.5CVSS6.3AI score0.00287EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/01/04 3:15 p.m.22 views

Design/Logic Flaw

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils...

5.8CVSS6AI score0.01074EPSS
Exploits1References4Affected Software2
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.8 views

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. ws crate through 2020-09-25 for Rust A security vulnerability exists that stems from the outgoing buffer not being properly constrained, leading to a remote memory consumption attack...

7.5CVSS5.9AI score0.01336EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/12/22 12:0 a.m.9 views

The vulnerability in the implementation of the alloc_pool function of the ProFTPD server allows a hacker to execute arbitrary code.

The vulnerability of the ProFTPD FTP-server’s allocpool function relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.7AI score0.12045EPSS
Exploits1References10Affected Software5
NVD
NVD
added 2020/12/16 2:15 p.m.20 views

CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

5.3CVSS6.4AI score0.02261EPSS
Exploits0References4
OSV
OSV
added 2020/12/16 2:15 p.m.8 views

DEBIAN-CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

5.3CVSS6.7AI score0.02261EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/12/16 2:15 p.m.33 views

CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

5.3CVSS6.7AI score0.02261EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2020/12/16 1:32 p.m.31 views

CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

5.3CVSS6.6AI score0.02261EPSS
Exploits0
NVD
NVD
added 2020/12/15 3:15 p.m.23 views

CVE-2020-8935

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecallrestore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/15 2:55 p.m.27 views

CVE-2020-8943 Unchecked buffer overrun in enc_untrusted_recvfrom

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to encuntrustedrecvfrom whose return size was not validated against the requested size. The parameter size is unchecked allowing the attacker to read memory locations outside of the...

5.3CVSS5.5AI score0.0013EPSS
Exploits0References1
Apple
Apple
added 2020/12/15 5:33 a.m.68 views

About the security content of watchOS 7.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

9.3CVSS0.08491EPSS
Exploits3Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/15 12:0 a.m.5 views

The vulnerability of the Adobe Media Encoder application, related to reading beyond the buffer in memory, allows an attacker to disclose protected information or cause service failures.

The vulnerability of the Adobe Media Encoder application relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service failures...

8.8CVSS7.2AI score0.02244EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder