Lucene search
+L

323 matches found

ATTACKERKB
ATTACKERKB
added 2023/10/28 9:15 p.m.3 views

CVE-2023-45897

exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in readfiledentryset...

5.5CVSS5.8AI score0.00381EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/10/05 1:8 p.m.6 views

libeconf: Stack overflow in function read_file at libeconf/lib/getfilecontents.c

A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow that results in a denial of service...

6.1AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.7 views

The vulnerability of the read_file() function in the libeconf library for analyzing and managing configuration files allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the readfile function in the libeconf library for analyzing and managing configuration files is related to the situation where the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures or...

10CVSS8.1AI score
Exploits0References9Affected Software4
ATTACKERKB
ATTACKERKB
added 2023/07/25 7:15 p.m.4 views

CVE-2023-39130

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function peas16 at /gdb/coff-pe-read.c...

5.5CVSS6.6AI score0.00226EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/07/15 2:18 a.m.3 views

SUSE CVE-2023-29450

JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

8.5CVSS7AI score0.01262EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/07/12 12:0 a.m.13 views

CVE-2023-26563

The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On...

7AI score0.01886EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.6 views

Syncfusion ej2-filemanager-node-filesystem 路径遍历漏洞

Syncfusion ej2-filemanager-node-filesystem is an application from Syncfusion, Inc. Syncfusion ej2-filemanager-node-filesystem has a security vulnerability that stems from filesystem-server.js being vulnerable to a directory traversal attack, which can be exploited by an attacker to list any file ...

9.8CVSS8.2AI score0.01886EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 5:15 a.m.3 views

CVE-2023-2161

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause unauthorized read access to the file system when a malicious configuration file is loaded on to the software by a local user...

5.5CVSS6.1AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/16 12:0 a.m.6 views

PT-2023-5283 · Libeconf +3 · Libeconf +3

Name of the Vulnerable Software and Affected Versions: libeconf version 0.5.1 Description: The issue is related to a stack overflow vulnerability in the read file function of the libeconf library, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code...

10CVSS7.6AI score0.00636EPSS
Exploits0References45
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.2 views

PT-2023-35698 · Mosquitto · Mosquitto

Name of the Vulnerable Software and Affected Versions: mosquitto affected versions not specified Description: A heap buffer overflow read issue has been identified. The crash occurs in the mosquitto strdup function, which is called by config read file core and config read file. Recommendations: A...

7.5AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.8 views

SUSE CVE-2018-16424

A double free when handling responses in readfile in tools/egk-tool.c aka the eGK card tool in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

4.6CVSS7.9AI score0.00654EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.5 views

SUSE CVE-2019-8980

A memory leak in the kernelreadfile function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service memory consumption by triggering vfsread failures...

3.3CVSS7.2AI score0.05845EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.6 views

SUSE CVE-2021-32549

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users...

7.3CVSS6.7AI score0.00289EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.3 views

SUSE CVE-2021-32554

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users...

7.3CVSS6.7AI score0.00289EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.5 views

SUSE CVE-2021-32552

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users...

7.3CVSS6.7AI score0.00289EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.4 views

SUSE CVE-2021-32553

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users...

7.3CVSS6.7AI score0.00322EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:41 a.m.3 views

SUSE CVE-2021-32555

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users...

7.3CVSS6.7AI score0.00289EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.11 views

The vulnerability of the ext4_read_file function in the Cboot module of the NVIDIA Jetson computing platform’s driver suite allows a malicious actor to execute arbitrary code, gain elevated privileges, or cause partial service failure.

The vulnerability of the ext4readfile function in the Cboot module of the NVIDIA Jetson computing platform’s driver suite is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code, gain elevated privileges, or cause partial...

5.7CVSS6.5AI score0.00232EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2022/04/27 6:15 p.m.6 views

CVE-2022-28195

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4readfile function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of...

5.7CVSS6.3AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/17 5:15 p.m.8 views

CVE-2022-24683

HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec or job-submit capabilities to read arbitrary files on the host filesystem as root...

7.8CVSS7.2AI score0.01539EPSS
Exploits0References4
Rows per page
Query Builder