Lucene search
K

80 matches found

ATTACKERKB
ATTACKERKB
added 2023/08/22 7:16 p.m.1 views

CVE-2022-40090

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file...

6.5CVSS6.9AI score0.00805EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.1 views

kernel: NFSD: Protect against send buffer overflow in NFSv2 READDIR

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack...

7.8CVSS6.9AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: NFSD: Protect against send buffer overflow in NFSv3 READDIR

A buffer management flaw was found in the Linux kernel's NFS server implementation in the NFSv3 READDIR operation handling. A remote client can trigger this issue by crafting an RPC call with an oversized RPC record header, which forces the server to shrink its response buffer allocation. This...

7.3AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.7 views

kernel: NFSD: Protect against send buffer overflow in NFSv3 READDIR

A buffer management flaw was found in the Linux kernel's NFS server implementation in the NFSv3 READDIR operation handling. A remote client can trigger this issue by crafting an RPC call with an oversized RPC record header, which forces the server to shrink its response buffer allocation. This...

7.3AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: NFSD: Protect against send buffer overflow in NFSv2 READDIR

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack...

7.8CVSS6.9AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/21 9:26 a.m.3 views

kernel: NFSD: Protect against send buffer overflow in NFSv2 READDIR

In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack...

7.8CVSS6.9AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/02/21 9:26 a.m.3 views

kernel: NFSD: Protect against send buffer overflow in NFSv3 READDIR

A buffer management flaw was found in the Linux kernel's NFS server implementation in the NFSv3 READDIR operation handling. A remote client can trigger this issue by crafting an RPC call with an oversized RPC record header, which forces the server to shrink its response buffer allocation. This...

7.3AI score
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.4 views

SUSE CVE-2012-2088

Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...

7.5CVSS8.1AI score0.06459EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.3 views

SUSE CVE-2021-3178

fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attac...

6.5CVSS6.5AI score0.02417EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.5 views

SUSE CVE-2022-0562

Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...

5.5CVSS7.1AI score0.0125EPSS
Exploits1References8
GitLab Advisory Database
GitLab Advisory Database
added 2022/12/28 12:0 a.m.36 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory...

7.5CVSS5.6AI score0.0141EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/15 3:17 p.m.4 views

libtiff: Null source pointer lead to Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFReadDirectory in tifdirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service...

5.5CVSS7.3AI score0.0125EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.3 views

PT-2022-35389 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue concerns a send buffer overflow in NFSv3 READDIR. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v5.15.75,...

7.7AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/11/08 9:33 a.m.5 views

libtiff: Null source pointer lead to Denial of Service via crafted TIFF file

A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the TIFFReadDirectory in tifdirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service...

5.5CVSS7.3AI score0.0125EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.3 views

kernel: NFSD: Fix READDIR buffer overflow

CVE-2021-47107 is a flaw in the Linux system that runs file-sharing services NFS. The problem happened because the system did not properly check how much data it should handle when someone asked to list the contents of a folder. If that request was made with a very small value, the system could...

7.8CVSS6.6AI score0.00379EPSS
Exploits1References5
OSV
OSV
added 2022/10/19 12:0 p.m.35 views

GHSA-CM22-88QR-7FFH Lavalite vulnerable to Arbitrary File Read via Directory Traversal

In Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server...

7.5CVSS7.3AI score0.00935EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/09/16 12:0 a.m.6 views

The vulnerability of the TIFFReadDirectory() function in the tif_dirread.c component of the LibTIFF library allows a attacker to cause a service failure.

The vulnerability of the TIFFReadDirectory function in the tifdirread.c component of the LibTIFF library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially created TIFF file...

7.1CVSS6.2AI score0.0125EPSS
Exploits1References14Affected Software6
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.6 views

Tauri 后置链接漏洞

Tauri is a Tauri open source for building smaller, faster, and more secure desktop applications using a web front end. Tauri versions prior to 1.0.6 have a backlink vulnerability that stems from a lack of normalization when calling readDir recursively, potentially displaying directory listings...

8.3CVSS6AI score0.00773EPSS
Exploits1References5
OSV
OSV
added 2022/03/07 11:3 a.m.4 views

OESA-2022-1551 libtiff security update

TIFF Library and Utilities. Security Fixes: Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is...

5.5CVSS6.8AI score0.0125EPSS
Exploits2References3
Microsoft CVE
Microsoft CVE
added 2022/02/18 8:0 a.m.4 views

Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources a fix is available with commit 561599c.

...

5.5CVSS6.8AI score0.0125EPSS
Exploits1
Rows per page
Query Builder