Lucene search
K

119 matches found

Prion
Prion
added 2022/08/12 3:15 p.m.17 views

Null pointer dereference

In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552...

3.3CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2022/08/01 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-2199)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.69803EPSS
Exploits0References2
Prion
Prion
added 2022/06/28 5:15 p.m.19 views

Design/Logic Flaw

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

3.5CVSS6.4AI score0.01578EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/05/31 12:0 a.m.56 views

Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities

According to it's self reported version, the installed version of Nginx Plus is R1 built on Open Source version 1.5.3-1 prior to R15-P2 or R16 built on Open Source version 1.15.2 prior to R16-P1. It is, therefore, affected by the following issues : - An unspecified error exists related to the...

8.2CVSS6.7AI score0.47057EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/04/25 12:0 a.m.41 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2022-1569)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.69803EPSS
Exploits0References2
Prion
Prion
added 2021/11/10 11:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Softing Industrial Automation OPC UA C++ SDK before 5.66. Remote attackers to cause a denial of service DoS by sending crafted messages to a OPC/UA client. The client process may crash unexpectedly because of a wrong type cast, and must be restarted...

5CVSS7.4AI score0.01267EPSS
Exploits0References2Affected Software4
NVD
NVD
added 2021/06/16 8:15 p.m.18 views

CVE-2021-34201

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...

7.1CVSS0.0054EPSS
Exploits1References2
Prion
Prion
added 2021/06/16 8:15 p.m.11 views

Buffer overflow

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...

3.6CVSS7AI score0.0054EPSS
Exploits1References4Affected Software1
AlpineLinux
AlpineLinux
added 2021/06/11 3:15 p.m.23 views

CVE-2021-28687

HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...

5.5CVSS6.2AI score0.00314EPSS
Exploits0
NVD
NVD
added 2020/10/16 11:15 p.m.20 views

CVE-2020-16895

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have...

7.8CVSS0.01013EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/10/13 7:0 a.m.40 views

Windows Error Reporting Manager Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have...

7.8CVSS2.8AI score0.01013EPSS
Exploits0
Cvelist
Cvelist
added 2020/08/27 3:40 p.m.15 views

CVE-2020-3517 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service DoS condition on an affected device. The attack vector is configuration dependent and...

8.6CVSS8.5AI score0.01371EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/17 12:0 a.m.2 views

Microsoft Windows Error Reporting Manager Elevation of Privilege Vulnerability (CNVD-2020-52921)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows Error Reporting Manage...

7.8CVSS7.1AI score0.00901EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2020/07/14 7:0 a.m.30 views

Windows Error Reporting Manager Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have...

7.8CVSS2.8AI score0.00901EPSS
Exploits0
CNVD
CNVD
added 2020/06/10 12:0 a.m.3 views

Microsoft Windows Error Reporting Manager Elevation of Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows Error Reporting Manage...

7.8CVSS6.9AI score0.00821EPSS
Exploits1References1
CVE
CVE
added 2020/04/29 1:59 a.m.104 views

CVE-2020-8485

CVE-2020-8485 affects ABB System 800xA MOD 300; the inter-process communication protections are insufficient, allowing a locally authenticated attacker to inject data and enable reads/writes to controllers or crash Windows processes. Affected: System 800xA MOD 300 (all published versions). Impact...

7.8CVSS7.5AI score0.00326EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/07 2:43 p.m.21 views

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L5.0/5.1, M6.0, and N7.x software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 May 2017...

7.6AI score0.00415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2019/10/09 11:45 a.m.64 views

CVE-2017-9798

A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash...

7.5CVSS0.1AI score0.94999EPSS
Exploits9References2
Prion
Prion
added 2019/08/28 7:15 p.m.10 views

Input validation

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service DoS condition on an affected system. The vulnerability is due to insufficient validation of TCP packets...

7.8CVSS7.5AI score0.01928EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/08/28 6:50 p.m.8 views

CVE-2019-1962 Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service DoS condition on an affected system. The vulnerability is due to insufficient validation of TCP packets...

8.6CVSS7.4AI score0.01928EPSS
Exploits0References1
Rows per page
Query Builder