Lucene search
K

1085 matches found

Prion
Prion
added 2019/09/10 5:15 p.m.35 views

Design/Logic Flaw

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5CVSS5AI score0.06232EPSS
Exploits0References15Affected Software1
UbuntuCve
UbuntuCve
added 2019/09/10 5:15 p.m.32 views

CVE-2019-1549

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.3CVSS6.8AI score0.06232EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/09/10 4:58 p.m.22 views

CVE-2019-1549 Fork Protection

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.1AI score0.06232EPSS
Exploits0References15
OSV
OSV
added 2019/09/04 12:15 p.m.2 views

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

9.8CVSS7.3AI score
Exploits0References2
NVD
NVD
added 2019/09/04 12:15 p.m.24 views

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

9.8CVSS9.5AI score0.11536EPSS
Exploits5References2
Prion
Prion
added 2019/09/04 12:15 p.m.16 views

Design/Logic Flaw

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

7.5CVSS9.4AI score0.11536EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2019/09/04 11:14 a.m.98 views

CVE-2019-10709

CVE-2019-10709 affects Asus Precision TouchPad driver 11.0.0.25. A pool overflow in the AsusPTPFilter.sys/AsusTP device handling via DeviceIoControl (IOCTL 0x221408) with crafted input can trigger DoS and may enable elevation of privilege. Exploit samples show sending a 12048-byte payload to the ...

9.8CVSS9.4AI score0.11536EPSS
Exploits5References2Affected Software1
CNVD
CNVD
added 2019/09/02 12:0 a.m.3 views

ASUS Asus Precision TouchPad Privilege Permission and Access Control Issues Vulnerability

ASUS Asus Precision TouchPad is a touchpad driver from Asus Taiwan, China. A security vulnerability exists in ASUS Asus Precision TouchPad version 11.0.0.25. The vulnerability can be exploited by an attacker to cause a denial of service and elevation of privilege...

9.8CVSS6.7AI score0.11536EPSS
Exploits5References1
0day.today
0day.today
added 2019/08/30 12:0 a.m.52 views

Asus Precision TouchPad 11.0.0.25 - Denial of Service Exploit

!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter: @telspacesystems Greets ...

9.8CVSS9.7AI score0.11536EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/08/30 12:0 a.m.255 views

Asus Precision TouchPad 11.0.0.25 Denial Of Service / Privilege Escalation

!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter:...

1AI score0.11536EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.42 views

Asus Precision TouchPad 11.0.0.25 - Denial of Service

Asus Precision TouchPad 11.0.0.25 - Denial of Service !/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link :...

7.5CVSS0.3AI score0.11536EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/30 12:0 a.m.236 views

Asus Precision TouchPad 11.0.0.25 - Denial of Service

!/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link : https://www.asus.com Contact: [email protected] Twitter:...

9.8CVSS9.8AI score0.11536EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2019/07/30 12:0 a.m.3 views

The vulnerability of the Precision Time Protocol (PTP) implementation in the Cisco IOS operating system allows a hacker to trigger a service failure.

The vulnerability of the Precision Time Protocol PTP implementation in the Cisco IOS operating system is related to errors in processing PTP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted PTP packets...

8.6CVSS5.5AI score0.03519EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:41 a.m.37 views

Insufficient Entropy In Key Generation Algorithm

The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by...

7.5CVSS7AI score0.06135EPSS
Exploits0References31Affected Software1
0day.today
0day.today
added 2019/02/07 12:0 a.m.52 views

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows Exploit

I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...

Exploits0
exploitpack
exploitpack
added 2019/02/06 12:0 a.m.35 views

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.104 views

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows

I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...

7.4AI score
Exploits0
Veracode
Veracode
added 2019/01/15 9:0 a.m.25 views

Authentication Bypass

openstack-keystone is vulnerable to authentication bypass. Remote authenticated users are able to retain access via an expired token due to the token driver storing timestamps with incorrect precision, which causes timestamp expiration time comparisons for tokens to fail...

4.9CVSS6.3AI score0.01592EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2019/01/09 7:29 p.m.15 views

CVE-2018-6153

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

8.8CVSS8.2AI score0.01588EPSS
Exploits0References6
NVD
NVD
added 2019/01/09 7:29 p.m.16 views

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

8.8CVSS6.8AI score0.07666EPSS
Exploits1References13
Rows per page
Query Builder