Lucene search
K

199 matches found

Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.5 views

PT-2024-40689 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to an unknown read issue. The crash occurred in the ndpi detection process packet function, which is located in the fuzz process...

6.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/04/03 12:2 a.m.30 views

CVE-2023-52636

In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from the socket. Later, when the socket is ready for another read, the messenger invokes all readpartial...

5.5CVSS6.9AI score0.00225EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/02 12:0 a.m.10 views

PT-2024-14673 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the libceph component. The issue occurs when a short read happens while reading the message footer from the socket...

8.4CVSS6.5AI score0.08555EPSS
Exploits8References1911
CVE
CVE
added 2024/03/11 7:38 p.m.106 views

CVE-2024-28198

OpenOLAT contains an XXE/SSRF vulnerability in the draw.io integration that allows an attacker to read arbitrary files as the system user by manipulating HTTP requests. Affected versions are OpenOLAT prior to 18.1.6 and prior to 18.2.2. The issue is fixed in 18.1.6 and 18.2.2; users should upgrad...

7.5CVSS4.7AI score0.00431EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/03/02 9:52 p.m.16 views

CVE-2023-52501 ring-buffer: Do not attempt to read past "commit"

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit" When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There's barriers to help detect this and handle it, but that code missed th...

7.7AI score0.0023EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.4 views

c-ares security breach

c-ares is a C library for asynchronous DNS requests from the individual developer of c-ares. A security vulnerability exists in c-ares, which stems from the fact that if a configuration file has a "NULL" character embedded as the first character in a new line, it may result in an attempt to read...

5.5CVSS7AI score0.00349EPSS
Exploits0References4
OSV
OSV
added 2024/02/21 11:57 a.m.8 views

SUSE-SU-2024:0580-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR MFSA 2024-06 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548:...

8.1CVSS7.4AI score0.00937EPSS
Exploits1References11
Amazon
Amazon
added 2024/02/19 12:0 a.m.5 views

Medium: nerdctl

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

5.3CVSS6.7AI score0.01208EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.3 views

PT-2024-40555 · Git +1 · Icu

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A heap-buffer-overflow read issue was identified, potentially causing a crash. The crash type is specified as Heap-buffer-overflow READ 2, with the crash state involving a string...

6.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/02 8:46 a.m.2 views

xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty

A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information...

7.6CVSS5.8AI score0.01631EPSS
Exploits0References6
RustSec
RustSec
added 2023/09/03 12:0 p.m.6 views

Multiple soundness issues

RUSTSEC-2024-0377 contains multiple soundness issues: 1. Bytes::read allows creating instances of types with invalid bit patterns 1. BytesIter::read advances iterators out of bounds 1. The BytesIter trait has safety invariants but is public and not marked unsafe 1. writefloat calls...

7.3AI score
Exploits0Affected Software1
OSV
OSV
added 2023/08/31 9:15 p.m.4 views

UBUNTU-CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

9.1CVSS7.3AI score0.01529EPSS
Exploits1References8
OSV
OSV
added 2023/08/29 4:15 a.m.4 views

UBUNTU-CVE-2023-41360

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...

9.1CVSS6.7AI score0.0096EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/28 12:0 a.m.3 views

PT-2023-35981 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified, which can cause a crash. The crash occurs in the following functions: H5O chunk protect, H5O chunk delete, H5O cont delete...

7.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.6 views

PT-2023-35870 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue was identified, potentially causing a crash. The crash occurs in the NetworkInterface::dissectPacket function, as...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.1 views

PT-2023-35824 · Git +1 · Wireshark

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to an unknown read issue. The crash state involves several functions: wmem tree lookup32 array le, dissect btl2cap, and call dissect...

6.9AI score
Exploits0References2
OSV
OSV
added 2023/04/14 2:2 p.m.6 views

OSV-2023-312 UNKNOWN READ in udev_rule_parse_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57950 Crash type: UNKNOWN READ Crash state: udevruleparsevalue fuzz-udev-rule-parse-value.c centipede::RunOneInput...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/13 12:0 a.m.4 views

PT-2023-35774 · Git +1 · Systemd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to an unknown read issue. The crash state includes a reference to memdup suffix0 and fuzz-efi-string.c, indicating a potential...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/13 12:0 a.m.5 views

PT-2023-35764 · Git +1 · Systemd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash was reported due to an unknown read issue. The crash occurred in the sd event new function, within the fuzz-lldp-rx.c file, and was triggered by...

6.9AI score
Exploits0References2
CNNVD
CNNVD
added 2023/04/12 12:0 a.m.13 views

Adobe Dimension 缓冲区错误漏洞

Adobe Dimension is a suite of 2D and 3D compositing design tools from Adobe. A buffer error vulnerability exists in Adobe Dimension version 3.4.8, which stems from an out-of-bounds read issue...

5.5CVSS5.9AI score0.00325EPSS
Exploits0References2
Rows per page
Query Builder