Lucene search
+L

153 matches found

RedHat Linux
RedHat Linux
added 2024/03/04 2:3 a.m.5 views

edk2: Buffer overflow in the DHCPv6 client via a long Server ID option

A security flaw was identified in EDK2, the open-source reference implementation of the UEFI specification, involving a buffer overflow vulnerability. This particular weakness enables an unauthorized attacker within the vicinity of the network to transmit a specifically crafted DHCPv6 message...

8.8CVSS6.3AI score0.01223EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.8 views

The vulnerability of the __vsyslog_internal function in the glibc library, which allows a hacker to cause a service failure

The vulnerability of the vsysloginternal function in the glibc library is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.9AI score0.03153EPSS
Exploits2References11Affected Software4
OSV
OSV
added 2024/01/18 3:48 p.m.23 views

GHSA-M24X-R6Q3-2VP9 Uncaught Exception processing HTTP Headers in SurrealDB

The ID, DB and NS headers accepted by the SurrealDB HTTP REST API would fail to parse when containing some special characters. This would cause a panic which would crash the SurrealDB server, leading to denial of service. This issue only affects the SurrealDB binary; it does not affect the...

7.5CVSS7.2AI score
Exploits0References4
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.6 views

Hex Workshop Buffer Error Vulnerability

Hex Workshop is a suite of hexadecimal development tools for Microsoft Windows that combines advanced binary editing with the ease of use and flexibility of a word processor. A buffer error vulnerability exists in Hex Workshop version 6.7, which stems from the presence of a denial of service DOS...

7.3CVSS6.9AI score0.00201EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.7 views

PT-2024-12364 · Unknown · Modem Ims Stack

Name of the Vulnerable Software and Affected Versions: Modem IMS Stack affected versions not specified Description: In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User...

7.5CVSS7.4AI score0.00948EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.10 views

The vulnerability of the stb_image.h component in the C/C++ Libstb library allows a hacker to cause a service failure.

The vulnerability of the stbimage.h component in the C/C++ Libstb library relates to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created HDR file...

7.8CVSS6.4AI score0.01213EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/11/14 12:0 a.m.8 views

The vulnerability of the coffgen.c component in the GNU Binutils development environment allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the coffgen.c component in the GNU Binutils development environment is related to integer overflow. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures using a specially created PE file...

10CVSS6.9AI score0.01792EPSS
Exploits1References6Affected Software2
RedHat Linux
RedHat Linux
added 2023/10/18 4:32 p.m.5 views

OpenJDK: certificate path validation issue during client authentication (8309966)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

5.3CVSS7.3AI score0.014EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/14 12:0 a.m.7 views

The vulnerability of the library for serializing and deserializing YAML documents in SnakeYAML, related to buffer overflow in the stack, allows attackers to cause a service failure.

The vulnerability of the YAML serialization and deserialization library SnakeYAML lies in buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.8CVSS6.7AI score0.01642EPSS
Exploits0References7Affected Software10
BDU FSTEC
BDU FSTEC
added 2023/09/12 12:0 a.m.7 views

The vulnerability of the image.cpp component in the Exiv2 media metadata management library allows a attacker to cause a service failure.

The vulnerability of the image.cpp component in the Exiv2 metadata management library involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

9.4CVSS7.7AI score0.019EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/09/11 12:0 a.m.10 views

The vulnerability of the _TIFFmemcpy function in the libtiff library, which allows a hacker to cause a service failure

The vulnerability of the TIFFmemcpy function in the libtiff library is related to writing beyond the buffer boundaries into memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure remotely...

7.8CVSS6.9AI score0.01016EPSS
Exploits1References14Affected Software6
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.9 views

The vulnerability of the function cxgb4_cleanup_tc_flower() in the driver drivers/net/ethernet/chelsio/cxgb4/cxgb4_tc_flower.c of the Chelsio cxgb4 driver for the Linux operating system, which allows a hacker to cause a service failure.

The vulnerability of the cxgb4cleanuptcflower function in the drivers/net/ethernet/chelsio/cxgb4/cxgb4tcflower.c file of the Chelsio cxgb4 driver for Linux operating systems is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause ...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.8 views

The vulnerability of the MP4SdpAtom::Read() function in the atom_sdp.cpp component of the library for creating, modifying, and reading MP4 files, mp4v2, allows a malicious actor to cause a service failure.

The vulnerability of the MP4SdpAtom::Read function in the atomsdp.cpp component of the library for creating, modifying, and reading MP4 files in mp4v2 is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00344EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.9 views

PT-2023-6652 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 21.4 through 21.4R3-S3 Juniper Networks Junos OS versions 22.1 through 22.1R3-S3 Juniper Networks Junos OS versions 22.2 through 22.2R2-S1, 22.2R3 Juniper Networks Junos OS versions 22.3 through 22.3R2 Junip...

6.5CVSS6.5AI score0.00303EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.7 views

PT-2023-12611 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns incomplete read and write permission verification in the GPU module. Successful exploitation may affect service confidentiality,...

9.8CVSS9.4AI score0.0045EPSS
Exploits0References5
OSV
OSV
added 2023/06/19 5:15 p.m.5 views

CVE-2023-34162

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/05 12:0 a.m.7 views

Huawei HarmonyOS 访问控制错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a broadcast receive unauthenticated type vulnerability in the background proxy alert...

7.5CVSS7.3AI score0.00452EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/05/04 12:0 a.m.6 views

The vulnerability of the Radare2 reverse-engineering framework lies in its memory management mechanism after objects are freed. This allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the reverse-engineering framework Radare2 relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

7.5CVSS7.7AI score0.01227EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/12 12:0 a.m.14 views

The vulnerability of the HTTP-based client profiling function in Cisco IOS XE allows a hacker to trigger a service failure.

The vulnerability of the HTTP-based client profiling function in Cisco IOS XE exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.4CVSS6.5AI score0.00303EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.7 views

The vulnerability of the _hss_attval_style function in the HTML-StripScripts module, which is used to delete scripts from HTML documents, allows a hacker to trigger a service failure.

The vulnerability of the hssattvalstyle function in the HTML-StripScripts module, which is used to delete scripts from HTML documents, is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service...

7.8CVSS7.1AI score0.01116EPSS
Exploits1References6Affected Software2
Rows per page
Query Builder