Lucene search
K

206 matches found

OSV
OSV
added 2021/04/22 9:15 p.m.3 views

CVE-2020-27009

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...

8.1CVSS7.3AI score0.07194EPSS
Exploits0References2
OSV
OSV
added 2021/03/10 4:15 p.m.2 views

UBUNTU-CVE-2020-1921

In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions...

7.5CVSS6AI score0.01211EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/12/11 10:25 p.m.17 views

CVE-2020-17438

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...

9.8AI score0.1854EPSS
Exploits0References2
OSV
OSV
added 2020/03/20 6:15 p.m.5 views

CVE-2019-15662

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120444 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary read primitive that can be used as part of a chain to escalate privileges...

2.7CVSS5.9AI score0.00936EPSS
Exploits0References3
PyPA
PyPA
added 2019/10/09 7:15 p.m.7 views

PYSEC-2019-247

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...

6.5CVSS6.8AI score0.01851EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2018/07/19 2:29 a.m.20 views

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

7.5CVSS7.3AI score0.03515EPSS
Exploits0References7
OSV
OSV
added 2018/07/19 2:29 a.m.2 views

UBUNTU-CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

7.5CVSS7.1AI score0.03515EPSS
Exploits0References5
OSV
OSV
added 2018/07/19 2:29 a.m.23 views

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

7.5CVSS6.4AI score
Exploits0References7
OSV
OSV
added 2018/07/19 2:29 a.m.1 views

DEBIAN-CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

7.5CVSS8.8AI score0.03515EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/17 12:0 a.m.4 views

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34502)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the pebfdreadbuildid function in peicode.h in the...

7.8CVSS7.1AI score0.01792EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/08/30 2:20 p.m.31 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS5AI score0.01632EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/08/23 3:29 a.m.49 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS6.9AI score0.01632EPSS
Exploits0References1
OSV
OSV
added 2017/08/23 3:29 a.m.9 views

UBUNTU-CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

6.5CVSS7.2AI score0.01632EPSS
Exploits0References2
OSV
OSV
added 2017/08/23 3:29 a.m.1 views

DEBIAN-CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

6.5CVSS6.7AI score0.01632EPSS
Exploits0References1
Prion
Prion
added 2017/08/23 3:29 a.m.24 views

Design/Logic Flaw

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS7.1AI score0.01632EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2017/08/23 3:0 a.m.68 views

CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

7.1CVSS6.7AI score0.01632EPSS
Exploits0
OSV
OSV
added 2017/06/19 4:29 a.m.3 views

UBUNTU-CVE-2017-9754

The processotr function in bfd/versados.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified...

7.8CVSS7.1AI score0.02639EPSS
Exploits0References3
OSV
OSV
added 2016/08/13 1:59 a.m.4 views

DEBIAN-CVE-2016-5384

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file...

7.8CVSS6.6AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/08/12 4:0 p.m.20 views

CVE-2016-5384

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file...

7.6AI score0.00403EPSS
Exploits0References8
OSV
OSV
added 2016/08/08 12:0 a.m.3 views

UBUNTU-CVE-2016-5384

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file...

7.8CVSS6.1AI score0.00403EPSS
Exploits0References4
Rows per page
Query Builder