Lucene search
K

2315 matches found

Veracode
Veracode
added 2022/11/30 8:22 a.m.39 views

Heap Buffer Overflow

Chromium and Electron are vulnerable to a Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write which can result in an application crash...

9.6CVSS8.8AI score0.31864EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/11/15 10:15 p.m.6 views

CVE-2022-29277

Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.00...

8.8CVSS5.9AI score0.00194EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/11/15 3:20 p.m.9 views

samba: server memory information leak via SMB1

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...

4.3CVSS6.6AI score0.00999EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/15 10:13 a.m.5 views

protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory...

6.5CVSS7.3AI score0.0266EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.7 views

Insyde InsydeH2O 缓冲区错误漏洞

Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from incorrect pointer...

8.8CVSS8AI score0.00194EPSS
Exploits0References3
NVD
NVD
added 2022/11/14 5:15 p.m.25 views

CVE-2022-0324

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...

8.1CVSS0.01108EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/14 4:8 p.m.10 views

CVE-2022-0324 Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC)

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...

8.1CVSS7.6AI score0.01108EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.26 views

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2022-0087)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...

8.3CVSS7.3AI score0.12205EPSS
Exploits17References39
OpenVAS
OpenVAS
added 2022/11/14 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2743)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.01105EPSS
Exploits1References2
OSV
OSV
added 2022/11/09 4:15 p.m.4 views

CVE-2021-34569

In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory...

9.8CVSS5.8AI score0.00802EPSS
Exploits0References1
OSV
OSV
added 2022/11/09 4:15 p.m.3 views

CVE-2021-34566

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS...

9.1CVSS5.8AI score0.01036EPSS
Exploits0References1
Prion
Prion
added 2022/11/09 4:15 p.m.17 views

Design/Logic Flaw

In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS...

6.4CVSS9.2AI score0.01036EPSS
Exploits0References1Affected Software49
Prion
Prion
added 2022/11/09 4:15 p.m.15 views

Design/Logic Flaw

In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory...

7.5CVSS9.3AI score0.00802EPSS
Exploits0References1Affected Software49
Positive Technologies
Positive Technologies
added 2022/11/09 12:0 a.m.7 views

PT-2022-10356 · Wago · Wago I/O-Check Service

Name of the Vulnerable Software and Affected Versions: WAGO I/O-Check Service affected versions not specified Description: The issue allows an attacker to send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. Recommendations: At the moment, there is...

9.8CVSS9.3AI score0.00802EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.3 views

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is designed for use in industrial environments as an electronic system for the operation of digital algorithms. A security vulnerability exists in the WAGO I/O-Check Service that originates from an unauthenticat...

9.1CVSS8.6AI score0.01036EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/09 12:0 a.m.5 views

WAGO 缓冲区错误漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is a digital algorithmic operating electronics system designed specifically for applications in industrial environments. A buffer error vulnerability exists in the WAGO I/O-Check Service, which originates from a...

9.8CVSS8.8AI score0.00802EPSS
Exploits0References3
OSV
OSV
added 2022/11/01 3:15 a.m.21 views

CVE-2022-3373

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score
Exploits0References2
OSV
OSV
added 2022/11/01 3:15 a.m.3 views

DEBIAN-CVE-2022-3373

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.4AI score0.00713EPSS
Exploits0References1
Prion
Prion
added 2022/11/01 3:15 a.m.24 views

Out-of-bounds

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

6.8CVSS8.1AI score0.00713EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/11/01 3:15 a.m.26 views

CVE-2022-3373

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00713EPSS
Exploits0References1
Rows per page
Query Builder