Lucene search
+L

46 matches found

CNVD
CNVD
added 2021/09/23 12:0 a.m.27 views

libiff buffer overflow vulnerability

libiff is a portable and extensible parser library for EA-IFF 85 implemented in ANSI C. A global buffer overflow vulnerability exists in the IFFerrorId function in error.c in libiff 20190123 and earlier versions. An attacker could exploit this vulnerability to execute code...

8.8CVSS7.1AI score0.01513EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.7 views

The vulnerability of the ua-parser-js library in the Avrora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the ua-parser-js library in Avrora Application Software, related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.5CVSS7.2AI score0.03366EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.7 views

The vulnerability of the ua-parser-js library in the Avrora Application Software, related to uncontrolled resource consumption, allows attackers to cause service failures.

The vulnerability of the ua-parser-js library in Avrora Application Software, related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.5CVSS7.2AI score0.03878EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/05/07 4:18 p.m.2 views

GHSA-662X-FHQG-9P8V Regular Expression Denial of Service in ua-parser-js

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service ReDoS via the regex for Redmi Phones and Mi Pad Tablets UA...

7.5CVSS7.2AI score0.04483EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2019/10/01 12:0 a.m.5 views

The vulnerability of the Astra Linux operating system’s parser library, which allows a hacker to trigger a service failure.

The vulnerability of the Astra Linux operating system’s parser library is related to incorrect handling of the configuration file. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.5AI score
Exploits0References1
NVD
NVD
added 2019/06/11 9:29 p.m.25 views

CVE-2019-12154

XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...

9.1CVSS8.8AI score0.02305EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2019/06/03 12:0 a.m.5 views

VulnCheck KEV: CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server HFS or HttpFileServer allows remote attackers to execute arbitrary programs...

10CVSS7.5AI score0.99323EPSS
Exploits23References1
Fedora
Fedora
added 2018/11/22 2:55 a.m.28 views

[SECURITY] Fedora 27 Update: libconfuse-3.2.2-1.fc27

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and lists of values strings, integers, floats, booleans or other sections, as well as some other features such as single/double-quoted strings, environment variab...

8.8CVSS2.3AI score0.01762EPSS
Exploits1
OSV
OSV
added 2018/06/14 12:29 p.m.4 views

CVE-2018-8169

An elevation of privilege vulnerability exists when the Human Interface Device HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

7CVSS5.8AI score0.01089EPSS
Exploits0References3
Prion
Prion
added 2018/06/14 12:29 p.m.18 views

Privilege escalation

An elevation of privilege vulnerability exists when the Human Interface Device HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

6.9CVSS7AI score0.01089EPSS
Exploits0References3Affected Software5
Cvelist
Cvelist
added 2018/06/14 12:0 p.m.28 views

CVE-2018-8169

An elevation of privilege vulnerability exists when the Human Interface Device HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

7.4AI score0.01089EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.66 views

Microsoft Windows Multiple Vulnerabilities (KB4284874)

This host is missing a critical security update according to Microsoft KB4284874 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.7131EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.100 views

Microsoft Windows Multiple Vulnerabilities (KB4284835)

This host is missing a critical security update according to Microsoft KB4284835 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.7131EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.171 views

Microsoft Windows Multiple Vulnerabilities (KB4284826)

This host is missing a critical security update according to Microsoft KB4284826 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.22257EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.293 views

Microsoft Windows Multiple Vulnerabilities (KB4284815)

This host is missing an important security update according to Microsoft KB4284815 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.3CVSS6.6AI score0.24706EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.100 views

Microsoft Windows Multiple Vulnerabilities (KB4284860)

This host is missing a critical security update according to Microsoft KB4284860 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.7131EPSS
Exploits3References1
Microsoft CVE
Microsoft CVE
added 2018/06/12 7:0 a.m.34 views

HIDParser Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Human Interface Device HID Parser Library driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would firs...

7CVSS4.1AI score0.01089EPSS
Exploits0
CVE
CVE
added 2017/07/25 8:0 p.m.274 views

CVE-2017-9233

CVE-2017-9233: XML External Entity DoS in libexpat 2.2.0 and earlier via malformed external entity in an external DTD. Affected: libexpat (Expat XML Parser Library). Impact: parser denial-of-service (infinite loop). Remediation: update to libexpat 2.2.1 (fixes addressed in advisories). If impleme...

7.5CVSS8.4AI score0.09051EPSS
Exploits1References13Affected Software1
OpenVAS
OpenVAS
added 2016/06/28 12:0 a.m.30 views

Debian: Security Advisory (DSA-3610-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.14138EPSS
Exploits0References3
OSV
OSV
added 2016/05/20 10:59 a.m.5 views

DEBIAN-CVE-2016-1839

The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...

5.5CVSS6.8AI score0.07347EPSS
Exploits2References1
Rows per page
Query Builder