Lucene search
K

1171 matches found

BDU FSTEC
BDU FSTEC
added 2024/04/24 12:0 a.m.4 views

The vulnerability of the ODBC driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ODBC driver for SQL Server on Windows operating systems is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user is connected to the malicious SQL server via ODBC, and the malicious actor send...

10CVSS8.2AI score0.02399EPSS
Exploits0References2Affected Software3
RedHat Linux
RedHat Linux
added 2024/04/23 4:44 p.m.2 views

kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.8AI score0.00344EPSS
Exploits0References5
Talos
Talos
added 2024/04/18 12:0 a.m.32 views

Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability

Talos Vulnerability Report TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability April 18, 2024 CVE Number CVE-2023-51391 SUMMARY An invalid pointer dereference vulnerability exists in the HTTP server header parsing functionality of Silic...

7.5CVSS7.5AI score0.00794EPSS
Exploits0
CVE
CVE
added 2024/04/10 5:6 p.m.95 views

CVE-2024-3388

CVE-2024-3388 affects Palo Alto Networks PAN-OS GlobalProtect Gateway. An authenticated attacker can impersonate another user and send network packets to internal assets, though they cannot receive responses. The issue is discussed across multiple sources (NVD, CVE List, CNVD/CNNVD entries) and P...

5CVSS6.5AI score0.00349EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/04/10 3:16 p.m.1 views

DEBIAN-CVE-2024-3567

A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition...

5.5CVSS6.3AI score0.00445EPSS
Exploits1References1
Talos Blog
Talos Blog
added 2024/04/09 6:23 p.m.41 views

April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution

In one of the largest Patch Tuesdays in years, Microsoft disclosed 150 vulnerabilities across its software and product portfolio this week, including more than 60 that could lead to remote code execution. Though Aprils monthly security update from Microsoft is the largest since at least the start...

6.5CVSS8.6AI score0.03199EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/14 12:0 a.m.41 views

RHEL 7 : kpatch-patch (RHSA-2024:1323)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1323 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

8.8CVSS7.4AI score0.02014EPSS
Exploits1References10
Gentoo Linux
Gentoo Linux
added 2024/03/03 12:0 a.m.32 views

Tox: Remote Code Execution

Background Tox is easy-to-use software that connects you with friends and family without anyone else listening in. Description A vulnerability has been discovered in btrbk. Please review the CVE identifier referenced below for details. Impact A stack-based buffer overflow allows remote attackers ...

9.8CVSS8.4AI score0.03954EPSS
Exploits1
NVD
NVD
added 2024/02/28 6:15 p.m.8 views

CVE-2024-26342

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

7.5CVSS6.7AI score0.00874EPSS
Exploits1References1
OSV
OSV
added 2024/02/28 6:15 p.m.6 views

CVE-2024-26342

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

7.5CVSS5.8AI score0.00874EPSS
Exploits1References1
Prion
Prion
added 2024/02/28 6:15 p.m.16 views

Null pointer dereference

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

6.9AI score0.00874EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/28 12:0 a.m.16 views

CVE-2024-26342

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

6.9AI score0.00874EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/28 12:0 a.m.18 views

CVE-2024-26342

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet...

7AI score0.00874EPSS
Exploits1References1
CVE
CVE
added 2024/02/28 12:0 a.m.105 views

CVE-2024-26342

CVE-2024-26342 affects ASUS AC68U firmware version 3.0.0.4.384.82230. The vulnerability is a null pointer dereference in usr/sbin/httpd that allows remote attackers to trigger a denial of service via a network packet. Documented impact: availability loss (I: N; A: H) with network access and no re...

7.5CVSS6.9AI score0.00874EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/02/20 3:15 p.m.19 views

CVE-2023-45318

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

10CVSS9.8AI score0.01746EPSS
Exploits1References2
NVD
NVD
added 2024/02/20 3:15 p.m.17 views

CVE-2023-39540

A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...

5.9CVSS5.6AI score0.00811EPSS
Exploits1References2
NVD
NVD
added 2024/02/20 3:15 p.m.14 views

CVE-2023-39541

A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...

5.9CVSS5.6AI score0.00811EPSS
Exploits1References2
Prion
Prion
added 2024/02/20 3:15 p.m.32 views

Heap overflow

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS8.4AI score0.01746EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/02/20 2:45 p.m.25 views

CVE-2023-45318

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

10CVSS8.1AI score0.01746EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/20 2:45 p.m.20 views

CVE-2023-45318

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability...

10CVSS9.9AI score0.01746EPSS
Exploits1References1
Rows per page
Query Builder