Lucene search
K

109 matches found

Prion
Prion
added 2024/03/05 11:15 p.m.23 views

Design/Logic Flaw

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

6.7AI score0.01042EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/03/05 10:22 p.m.24 views

CVE-2024-24784

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS7.1AI score0.01042EPSS
Exploits0
OSV
OSV
added 2024/03/05 10:15 p.m.17 views

GO-2024-2609 Comments in display names are incorrectly handled in net/mail

The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers...

7.5CVSS6.9AI score0.01042EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/28 9:15 a.m.17 views

CVE-2021-46976

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...

5.5CVSS6.3AI score0.00232EPSS
Exploits0References6
Schneier on Security
Schneier on Security
added 2023/12/01 12:3 p.m.9 views

AI Decides to Engage in Insider Trading

A stock-trading AI a simulated experiment engaged in insider trading, even though it "knew" it was wrong. The agent is put under pressure in three ways. First, it receives a email from its "manager" that the company is not doing well and needs better performance in the next quarter. Second, the...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.3 views

SUSE CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

5.5CVSS7.2AI score0.00328EPSS
Exploits0References23
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.5 views

SUSE CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

5.5CVSS7.2AI score0.00328EPSS
Exploits0References22
OSV
OSV
added 2022/11/23 12:0 p.m.4 views

RUSTSEC-2022-0094 Mimalloc Can Allocate Memory with Bad Alignment

This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...

7AI score
Exploits0References3
Qualys Blog
Qualys Blog
added 2022/09/20 9:8 p.m.22 views

Why Organizations Struggle with Patch Management (and What to Do about It)

The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, classifying, prioritizing, and remediating vulnerabilities has become...

0.3AI score
Exploits0
OSV
OSV
added 2022/07/27 12:0 a.m.1 views

UBUNTU-CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

7.5CVSS7.2AI score0.00694EPSS
Exploits0References6
OSV
OSV
added 2022/07/06 11:36 a.m.7 views

SUSE-SU-2022:2301-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2022-32545: Fixed an outside the range of representable values of type. bsc1200388 - CVE-2022-32546: Fixed an outside the range of representable values of type. bsc1200389 - CVE-2022-32547: Fixed a load of misaligned address at...

7.8CVSS7.6AI score0.01339EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/06/16 6:15 p.m.4 views

CVE-2022-32547

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...

7.8CVSS6.8AI score0.01327EPSS
Exploits0References5
OSV
OSV
added 2022/06/16 6:15 p.m.1 views

DEBIAN-CVE-2022-32547

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...

7.8CVSS7AI score0.01327EPSS
Exploits0References1
Prion
Prion
added 2022/06/16 6:15 p.m.30 views

Design/Logic Flaw

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application...

6.8CVSS7.4AI score0.01327EPSS
Exploits0References4Affected Software3
UbuntuCve
UbuntuCve
added 2022/02/15 7:15 p.m.41 views

CVE-2022-23639

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

8.1CVSS7AI score0.0122EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/11/24 1:15 a.m.4 views

CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS5.5AI score0.00348EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/12 12:0 a.m.5 views

PT-2024-11085 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel version 5.4.105-13595-g3cd84167b2df Description: The retire logic in the Linux kernel's drm/i915 module uses the 2 lower bits of the pointer to the retire function to store flags. However, the auto retire function is not guarante...

7.8CVSS6.8AI score0.01549EPSS
Exploits5References812
RustSec
RustSec
added 2020/08/25 12:0 p.m.20 views

Chunk API does not respect align requirement

Chunk API does not respect the align requirement of types. Unaligned reference can be created with the API, which is an undefined behavior...

7.5CVSS1.8AI score0.00915EPSS
Exploits0
CNVD
CNVD
added 2019/07/05 12:0 a.m.2 views

ImageMagick stack buffer overflow vulnerability (CNVD-2019-29232)

ImageMagick Studio ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A stack buffer overflow vulnerability exists in WritePNMImage in coders/pnm.c in ImageMagick 7.0.8-50 Q16. The vulnerability stems from a strncpy misalignment and the...

7.8CVSS7.2AI score0.02082EPSS
Exploits1References1
Veracode
Veracode
added 2019/05/16 2:50 a.m.24 views

Denial Of Service (DoS)

Linux Kernel is vulnerable to denial of service DoS attacks. This occurs when an application punches a hole in a file that doesn't end aligned to a page boundary. A non-privileged user could mount a fuse filesystem on RHEL causing an application crash...

5.5CVSS6.1AI score0.00452EPSS
Exploits0References25Affected Software2
Rows per page
Query Builder