Lucene search
K

118 matches found

RedhatCVE
RedhatCVE
added 2025/06/08 4:1 p.m.21 views

CVE-2024-56805

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...

5.4CVSS7.2AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2025/06/06 4:15 p.m.2 views

CVE-2024-56805

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...

5.4CVSS6.1AI score
Exploits0References1
CVE
CVE
added 2025/06/06 3:53 p.m.77 views

CVE-2024-56805

Summary (CVE-2024-56805): A buffer overflow occurs in QNAP QTS and QuTS hero related to a buffer copy without proper input size checking. This can allow remote attackers who have limited user access to modify memory or crash processes. Affected products/components: QTS and QuTS hero. Root cause: ...

5.4CVSS7.5AI score0.00361EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:39 p.m.7 views

CVE-2021-34201

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...

7.1CVSS7.1AI score0.00593EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/22 12:0 a.m.1 views

GNOME Remote desktop 资源管理错误漏洞

GNOME Remote desktop is a remote desktop software from GNOME open source. A resource management error vulnerability exists in GNOME Remote desktop, which stems from resource exhaustion during an RDP connection, and could lead to process crashes and resource leaks...

7.4CVSS7.2AI score0.00822EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/05/19 1:25 a.m.8 views

CVE-2025-23166

The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary...

7.5CVSS7.8AI score0.00763EPSS
Exploits0
OSV
OSV
added 2025/03/07 5:15 p.m.3 views

CVE-2024-53695

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

9.1CVSS6AI score0.00483EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/13 3:29 p.m.17 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS7.2AI score0.0104EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 16.7.9 and iPadOS prior to version 16.7.9, which stems from...

6.5CVSS6.9AI score0.00994EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.4 views

PT-2024-10763 · Abb +1 · Advant Mod 300 Advabuild +1

Name of the Vulnerable Software and Affected Versions: Advant MOD 300 AdvaBuild versions 3.0 through 3.7 SP2 Description: An attacker could exploit the issue by injecting specially crafted data, potentially causing a denial-of-service attack through process crashes or communication issues on the...

7.8CVSS6.6AI score0.00127EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/10 5:0 a.m.18 views

CVE-2024-21523

All versions of the package images are vulnerable to Denial of Service DoS due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash. Note: By providing some specific integer values like 0 to the size...

7.5CVSS0.00597EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.23 views

Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service (CVE-2020-3517)

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service DoS condition on an affected device. The attack vector is configuration dependent and...

8.6CVSS7.8AI score0.01371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.16 views

Cisco NX-OS Software Cisco Fabric Services Denial of Service (CVE-2019-1616)

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An...

8.6CVSS7.8AI score0.02416EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.13 views

Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service (CVE-2019-1962)

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service DoS condition on an affected system. The vulnerability is due to insufficient validation of TCP packets...

8.6CVSS7.8AI score0.01928EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/18 12:0 a.m.27 views

Ubuntu 16.04 ESM / 18.04 ESM : YAJL vulnerabilities (USN-6233-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6233-1 advisory. It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated...

7.5CVSS6.8AI score0.03735EPSS
Exploits3References4
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.4 views

Mozilla Firefox ESR 缓冲区错误漏洞

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR. An attacker could exploit the vulnerability to cause out-of-bounds memory access using the WebGL API, which could lea...

9.8CVSS6.7AI score0.00974EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.4 views

Rocket Software UniData 和 UniVerse 缓冲区错误漏洞

Rocket Software UniVerse and Rocket Software UniData are both products of Rocket Software, Inc. Rocket Software UniVerse is a suite of database management and support software now owned by Rocket Software. Software UniData is a MultiValue application platform. Rocket Software UniData is a...

8.8CVSS8.7AI score0.00897EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.23 views

ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8484)

Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash. This plugin only works wi...

7.8CVSS7.4AI score0.00326EPSS
Exploits0References3
NVD
NVD
added 2022/08/12 3:15 p.m.13 views

CVE-2022-20334

In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552...

6.5CVSS0.00218EPSS
Exploits0References1
Prion
Prion
added 2022/08/12 3:15 p.m.17 views

Null pointer dereference

In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552...

3.3CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder