Lucene search
K

554 matches found

Kitploit
Kitploit
added 2022/04/22 9:30 p.m.16 views

Spock SLAF - A Shared Library Application Firewall "SLAF"

Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XXE and SQL...

8.9AI score
Exploits0References3
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.24 views

Slackware: Security Advisory (SSA:2018-142-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.09081EPSS
Exploits9References3
Talos
Talos
added 2022/02/28 12:0 a.m.37 views

Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit d7f42a9a. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a...

9.3CVSS7.6AI score0.01318EPSS
Exploits1
GithubExploit
GithubExploit
added 2022/01/29 8:24 p.m.168 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

ez-pwnkit A pure-Go implementation of the CVE-2021-4034 Pwn...

7.8CVSS7.8AI score0.94921EPSS
Exploits151
GithubExploit
GithubExploit
added 2022/01/29 8:24 p.m.322 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

ez-pwnkit A pure-Go implementation of the CVE-2021-4034 Pwn...

7.8CVSS7.8AI score0.94921EPSS
Exploits151
NVD
NVD
added 2021/10/06 8:15 p.m.12 views

CVE-2021-34788

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture HostScan Module is installed on the AnyConnect...

7CVSS0.00171EPSS
Exploits0References1
Prion
Prion
added 2021/10/06 8:15 p.m.16 views

Race condition

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture HostScan Module is installed on the AnyConnect...

6.9CVSS7AI score0.00171EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/06 7:40 p.m.19 views

CVE-2021-34788 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture HostScan Module is installed on the AnyConnect...

7CVSS7.2AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/10/06 7:40 p.m.8 views

CVE-2021-34788 Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking Vulnerability

A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility Client for Linux and Mac OS could allow an authenticated, local attacker to perform a shared library hijacking attack on an affected device if the VPN Posture HostScan Module is installed on the AnyConnect...

7CVSS7.5AI score0.00171EPSS
Exploits0References1
CVE
CVE
added 2021/08/13 3:42 p.m.55 views

CVE-2021-34398

CVE-2021-34398 affects NVIDIA DCGM (all versions before 2.2.9) with a vulnerability in the DIAG module that allows a user to inject shared libraries into the DCGM server, which typically runs with root privileges. This can lead to privilege escalation, complete loss of confidentiality and integri...

7.8CVSS7.4AI score0.00261EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/06/24 2:15 p.m.17 views

CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS0.00316EPSS
Exploits0References2
OSV
OSV
added 2021/06/24 2:15 p.m.0 views

DEBIAN-CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS6.8AI score0.00316EPSS
Exploits0References1
Prion
Prion
added 2021/06/24 2:15 p.m.20 views

Design/Logic Flaw

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

4.4CVSS7.2AI score0.00316EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/24 1:18 p.m.17 views

CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

8AI score0.00316EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/06/24 1:18 p.m.24 views

CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS7.5AI score0.00316EPSS
Exploits0
Veracode
Veracode
added 2021/04/23 12:4 p.m.28 views

Remote Code Execution (RCE)

thunderbird is vulnerable to remote code execution. The vulnerability exists due to the system attempting to open a shared library that provides OTR protocol implementation using a filename that is not distributed by Thunderbird...

7.8CVSS3.6AI score0.00316EPSS
Exploits0References3Affected Software6
UbuntuCve
UbuntuCve
added 2021/04/22 2:54 p.m.32 views

CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS6.7AI score0.00316EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/04/21 3:13 a.m.30 views

CVE-2021-29949

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS3AI score0.00316EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/04/14 11:14 a.m.11 views

Mozilla: Thunderbird might execute an alternative OTR library

When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, and the malicious...

7.8CVSS7.3AI score0.00316EPSS
Exploits0References4
Fedora
Fedora
added 2021/04/06 1:4 a.m.27 views

[SECURITY] Fedora 33 Update: libmediainfo-21.03-1.fc33

This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio:...

7.5CVSS3AI score0.04238EPSS
Exploits1
Rows per page
Query Builder