Lucene search
K

249 matches found

CVE
CVE
added 2021/04/29 6:50 p.m.67 views

CVE-2021-1086

CVE-2021-1086 affects NVIDIA vGPU software/driver — the Virtual GPU Manager (vGPU plugin). The vulnerability allows guests to control unauthorized resources, potentially compromising integrity and confidentiality. Affected versions are vGPU 12.x (before 12.2), 11.x (before 11.4), and 8.x (before ...

7.1CVSS6.6AI score0.00219EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/04/07 11:2 a.m.4 views

OESA-2021-1132 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Wireshark, formerly known as Ethereal, can be used to examine the details of traffic at a variety of levels ranging...

7.5CVSS8.9AI score0.06079EPSS
Exploits3References5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.12 views

The vulnerability of the dockerd daemon, a deployment and application management automation tool in Docker-enabled environments, relates to a resource consumption control mechanism error. This vulnerability allows attackers to trigger service failures.

The vulnerability of the dockerd daemon, a tool for automating the deployment and management of applications in Docker containerized environments, is related to improper handling of the image manifest file. Exploiting this vulnerability allows an attacker to cause service interruptions...

6.5CVSS6.8AI score0.03287EPSS
Exploits0References10Affected Software5
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.5 views

Qualcomm 芯片 安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products that...

7.8CVSS7.3AI score0.00709EPSS
Exploits0References4
CVE
CVE
added 2020/05/07 4:5 p.m.41 views

CVE-2020-5743

This entry documents CVE-2020-5743 affecting TCExam 14.2.2. The vulnerability is described as improper access control (improper control of resource identifiers) that lets a remote, authenticated attacker access test metadata they should not be able to view. The connected records consistently iden...

4.3CVSS4.5AI score0.00821EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/04/27 12:0 a.m.9 views

The vulnerability of Google Chrome, related to improper control of access to critical resources, allows a violator to gain unauthorized access.

The vulnerability of Google Chrome relates to improper control of access to a critical resource. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information through a specially created HTML page...

7.1CVSS7.2AI score0.00766EPSS
Exploits0References9Affected Software4
NVD
NVD
added 2020/03/05 9:15 a.m.22 views

CVE-2019-14032

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017,...

7.8CVSS7.8AI score0.00202EPSS
Exploits0References1
Prion
Prion
added 2020/03/05 9:15 a.m.23 views

Memory corruption

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017,...

7.2CVSS7.9AI score0.00202EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/05 8:56 a.m.32 views

CVE-2019-14032

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017,...

7.8AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2020/03/05 8:56 a.m.53 views

CVE-2019-14032

CVE-2019-14032 describes a memory use-after-free issue in the audio stack affecting Qualcomm Snapdragon platforms (various APQ, MDM, and SM/SD series) due to lack of resource control. The impact is described in public records as memory corruption with potential high-severity effects for affected ...

7.8CVSS7.8AI score0.00202EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/02/28 12:0 a.m.3 views

Wireshark LTE RRC Parser Memory Leak Vulnerability

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.LTE RRC is one of the LTE RRC protocol parsers. A security vulnerability exists in the LTE RRC...

7.5CVSS7.6AI score0.02713EPSS
Exploits1References1
OSV
OSV
added 2020/02/27 11:15 p.m.3 views

UBUNTU-CVE-2020-9431

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations...

7.5CVSS5.8AI score0.02713EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.5 views

The vulnerability of the HTTP/2 web server protocol of the Apache Traffic Server, a Node.js-based software platform, stems from a lack of resource consumption control mechanisms. This allows attackers to trigger service interruptions.

The vulnerability of the HTTP/2 web server protocol of the Apache Traffic Server, a Node.js-based software platform, is related to errors in the resource consumption control mechanism. Exploiting this vulnerability can allow an attacker to cause service interruptions through a specially crafted...

7.8CVSS5.5AI score0.27004EPSS
Exploits0References16Affected Software6
ATTACKERKB
ATTACKERKB
added 2018/09/26 7:29 p.m.5 views

CVE-2018-8850

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result ...

9.8CVSS6AI score0.03834EPSS
Exploits0References4
Prion
Prion
added 2018/09/26 7:29 p.m.9 views

Design/Logic Flaw

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended input, which may result ...

7.5CVSS9.4AI score0.03834EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/08/15 12:0 a.m.1 views

Redha redhat-certification denial of service vulnerability

Redhat redhat-certification is a certification service from Red Hat, an American company. A denial of service vulnerability exists in the way documents are loaded in Redha redhat-certification, which stems from the program's failure to control resource consumption and can be exploited by a remote...

6.2CVSS6AI score0.01232EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/23 12:0 a.m.2 views

Wireshark Null Pointer Dereference Vulnerability

Wireshark is a network packet analyzer. Wireshark is a network packet analyzer that captures network packets and displays the most detailed network packet information possible.Wireshark uses WinPCAP as an interface to exchange data packets directly with the network card. A null pointer dereferenc...

7.5CVSS7.5AI score0.02858EPSS
Exploits0References1
OSV
OSV
added 2018/05/22 9:29 p.m.2 views

DEBIAN-CVE-2018-11359

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference...

7.5CVSS6.5AI score0.02858EPSS
Exploits0References1
OSV
OSV
added 2018/05/22 9:29 p.m.0 views

ALPINE-CVE-2018-11359

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference...

7.5CVSS6.8AI score0.02858EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/11/18 4:24 p.m.18 views

Mail.ru: XSS on account.mail.ru/login

Уязвимость на станице https://account.mail.ru/login и подготовка файлов для атаки --------------------- В процессе исследования заметил, что на странице https://account.mail.ru/login не валидируется значение параметра v. Значение выводится на странице как есть и используется в пути до скрипта...

6.8AI score
Exploits0
Rows per page
Query Builder