Lucene search
K

147 matches found

CNNVD
CNNVD
added 2023/12/13 12:0 a.m.3 views

xorg-server buffer error vulnerability

xorg-x11-server is an X Window System display server from the X.org Foundation. A security vulnerability exists in xorg-server versions prior to 21.1.10, xwayland versions prior to 23.2.3, which stems from a memory read/write overrun that may be caused by querying or changing an XKB button...

7.8CVSS7.9AI score0.01587EPSS
Exploits0References37
Positive Technologies
Positive Technologies
added 2023/10/25 12:0 a.m.3 views

PT-2023-6642

Name of the Vulnerable Software and Affected Versions xorg-x11-server affected versions not specified Description A use-after-free flaw was found in the xorg-x11-server, which can cause an X server crash in a very specific and legacy configuration, known as Zaphod mode, where a multi-screen setup...

4.7CVSS6.6AI score0.00715EPSS
Exploits0References121
OSV
OSV
added 2023/10/01 12:0 a.m.43 views

ASB-A-274058082

In androidviewInputDevicecreate of androidviewInputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS8AI score0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/08 9:57 p.m.6 views

CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core

DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...

5CVSS5AI score0.004EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/11/04 7:15 p.m.6 views

CVE-2022-43945

The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call RPC into a single array of pages. A client can force the send...

7.5CVSS7.6AI score0.21314EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2022/05/10 1:59 p.m.6 views

xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access

A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SProcScreenSaverSuspend function...

7.8CVSS5.7AI score0.00571EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/12/02 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability in the vold incremental-fs APIs of Google Android could cause systemserver to trigger a mount on a directory that should not be under the control of systemserver...

7.8CVSS7.4AI score0.00098EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/09/29 12:0 a.m.6 views

The vulnerability of the DNS Server component of the Windows operating system, related to improper code generation, allows a hacker to trigger a service failure.

The vulnerability of the DNS Server component of the Windows operating system is related to improper code generation. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS6.9AI score0.02654EPSS
Exploits0References4
Gitee
Gitee
added 2021/07/03 10:44 a.m.4 views

Exploit for Improper Input Validation in Microsoft

This is a PoC Proof of Concept exploit for CVE-2020-1350, also known as SigRed. The exploit is designed to target DNS servers and allows for remote code execution. The exploit is written in Python and consists of several files: configure.py: This script is used to set up the payload and Apache HT...

10CVSS9.2AI score0.92178EPSS
Exploits21
NVD
NVD
added 2020/06/11 3:15 p.m.25 views

CVE-2020-0136

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00246EPSS
Exploits0References1
Prion
Prion
added 2020/06/11 3:15 p.m.15 views

Integer overflow

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.6CVSS7.8AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/11 2:43 p.m.22 views

CVE-2020-0136

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

8.5AI score0.00246EPSS
Exploits0References1
OSV
OSV
added 2020/04/17 7:15 p.m.1 views

CVE-2020-0082

In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to systemserver with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00409EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:47 a.m.33 views

Privilege Escalation

kernel is vulnerable to privilege escalation. The vulnerability exists when an application has a stack overflow, the stack could silently overwrite another memory mapped area instead of a segmentation fault occurring, which could cause an application to execute arbitrary code, possibly leading to...

7.2CVSS4.4AI score0.00716EPSS
Exploits1References31Affected Software2
OSV
OSV
added 2020/04/07 4:15 p.m.3 views

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2020/04/07 2:15 p.m.3 views

CVE-2016-11031

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. AntService allows a systemserver crash and reboot. The Samsung ID is SVE-2016-7044 November 2016...

7.5CVSS5.8AI score0.00422EPSS
Exploits0References1
Prion
Prion
added 2020/01/15 6:15 p.m.17 views

Code injection

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the imageid parameter...

4CVSS6.7AI score0.01681EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/01/15 6:15 p.m.21 views

Code injection

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the report parameter of the BIRT viewer servlet...

4CVSS6.9AI score0.01776EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/09/27 7:15 p.m.1 views

CVE-2019-9386

In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

7.3CVSS5.9AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2019/02/28 5:29 p.m.5 views

CVE-2019-1988

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in systemserver with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0...

8.8CVSS8.1AI score0.0191EPSS
Exploits0References2
Rows per page
Query Builder