Lucene search
K

910 matches found

BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.8 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.22046EPSS
Exploits1References3
OSV
OSV
added 2017/03/17 12:59 a.m.2 views

CVE-2017-0092

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0111,...

4.3CVSS5.8AI score0.22471EPSS
Exploits1References4
OSV
OSV
added 2017/03/17 12:59 a.m.3 views

CVE-2017-0060

The Graphics Device Interface GDI in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a...

5.5CVSS5.8AI score0.15939EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/08/16 10:31 a.m.10 views

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...

7.8CVSS6.8AI score0.00483EPSS
Exploits0References4
CNVD
CNVD
added 2016/06/21 12:0 a.m.3 views

mDNSResponder Buffer Overflow Vulnerability (CNVD-2016-04181)

mDNSResponder is a product that provides unicast and multicast mDNS services for UNIX-like operating systems. A buffer overflow vulnerability exists in mDNSResponder version 379.27 and versions prior to 625.41.2 that stems from multiple functions GetValueForIPv4Addr, GetValueForMACAddr,...

9.8CVSS7.3AI score0.02513EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/01/22 12:0 a.m.60 views

SUSE SLED11 / SLES11 Security Update : libxml2 (SUSE-SU-2016:0187-1)

This update for libxml2 fixes the following security issue : - CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application bsc960674 Note that Tenable Network...

9.8CVSS8AI score0.04925EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/07/31 12:0 a.m.9 views

The vulnerability of the Firefox ESR browser, which allows a hacker to influence the operation of the program

The vulnerability of the nsZipArchive::BuildFileList function, which allows access to arbitrary memory cells, is related to code errors in Firefox ESR browsers. Exploiting this vulnerability could enable a malicious actor to manipulate the program’s behavior remotely by using a specially crafted...

9.3CVSS6AI score0.03767EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2015/07/03 5:12 a.m.7 views

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive...

9.3CVSS7.5AI score0.03767EPSS
Exploits0References5
OSV
OSV
added 2014/04/14 11:55 p.m.5 views

UBUNTU-CVE-2014-2739

The cmareqhandler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet aka RoCE address that is properly resolved within a different module, which allows remote attackers to cause a denial of service incorrect...

4.6CVSS5.8AI score0.01604EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2010/08/04 9:0 p.m.6 views

CVE-2010-2965

The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via...

6AI score0.57544EPSS
Exploits1References6
Rows per page
Query Builder