Lucene search
K

612 matches found

CNVD
CNVD
added 2018/04/04 12:0 a.m.5 views

Wireshark ui/failure_message.c file memory leak vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the ui/failuremessage.c file in Wireshark versions...

7.5CVSS6.7AI score0.02165EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/04 12:0 a.m.5 views

Wireshark epan/dissectors/packet-isup.c file memory leak vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A security vulnerability exists in the epan/dissectors/packet-isup.c file in Wireshark...

7.5CVSS6.7AI score0.0206EPSS
Exploits1References1
CNVD
CNVD
added 2018/03/27 12:0 a.m.5 views

Jenkins Mercurial Plugin Security Bypass Vulnerability

Jenkins is an open source software project , is based on Java development of a continuous integration tool . A security vulnerability exists in the MercurialStatus.java file in Jenkins Mercurial Plugin 2.2 and earlier versions. An attacker can exploit the vulnerability to obtain a list of nodes a...

5.3CVSS6.8AI score0.0098EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/03 12:0 a.m.3 views

Code execution vulnerability in LaySNS v2.2.0 System.php page

LaySNS Light Community is a comprehensive website system based on ThinkPHP5+LayUI that integrates content publishing and community exchange. A code execution vulnerability exists in the program implementation of the LaySNS v2.2.0 System.php page, which is due to the system's failure to strictly...

8AI score
Exploits0
CNVD
CNVD
added 2018/02/24 12:0 a.m.3 views

Wireshark FCP Protocol Parser Denial of Service Vulnerability

Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.FCP protocol dissector is one of the FCP mesh channel protocol parsers. A securi...

7.5CVSS6.7AI score0.02721EPSS
Exploits0References1
OSV
OSV
added 2018/02/23 10:29 p.m.1 views

DEBIAN-CVE-2018-7332

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length...

7.5CVSS7.4AI score0.02385EPSS
Exploits0References1
OSV
OSV
added 2018/02/23 10:29 p.m.3 views

UBUNTU-CVE-2018-7322

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound...

7.5CVSS6.7AI score0.02454EPSS
Exploits0References5
OSV
OSV
added 2017/12/22 2:29 p.m.2 views

DEBIAN-CVE-2017-10869

Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors...

7.5CVSS7.2AI score0.02625EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/13 12:0 a.m.4 views

IBM Sterling File Gateway Security Bypass Vulnerability

IBM Sterling File Gateway is a suite of file transfer software from IBM in the United States. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. A security bypass vulnerability exists in IBM Sterling File...

6.5CVSS6.7AI score0.01228EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/07 12:0 a.m.4 views

IBM Sterling File Gateway Cross-Site Scripting Vulnerability

IBM Sterling File Gateway is a suite of file transfer software from IBM in the United States. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. A cross-site scripting vulnerability exists in IBM Sterling...

5.4CVSS6.4AI score0.00777EPSS
Exploits0References1
OSV
OSV
added 2017/10/10 9:29 p.m.1 views

DEBIAN-CVE-2017-15193

In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach...

7.5CVSS7.4AI score0.02655EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/10 12:0 a.m.5 views

YADIFA DNS Packet Parser Denial of Service Vulnerability

YADIFA is a lightweight authoritative name server with DNSSEC capabilities.DNS packet parser is one of the Domain Name System DNS resolvers. A security vulnerability exists in the DNS packet parser in versions of YADIFA prior to 2.2.6, which stems from the program failing to detect the presence o...

7.8CVSS7.3AI score0.02528EPSS
Exploits1References1
OSV
OSV
added 2017/09/06 6:29 p.m.2 views

ALPINE-CVE-2017-14164

A size-validation issue was discovered in opjj2kwritesot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service heap-based buffer overflow affecting opjwritebytesLE in lib/openjp2/cio.c or possibly remote code execution...

8.8CVSS8.6AI score0.05437EPSS
Exploits1References1
CNVD
CNVD
added 2017/08/31 12:0 a.m.18 views

OpenJPEG heap buffer overflow vulnerability (CNVD-2017-24325)

OpenJPEG is a C-based open source JPEG 2000 codec . A heap buffer overflow vulnerability exists in the 'opjmqcbyteout' function of the mqc.c file in versions of OpenJPEG prior to 2.2.0. A remote attacker can exploit this vulnerability to cause a denial of service application crash with the help o...

6.5CVSS7.3AI score0.08253EPSS
Exploits1References1
OSV
OSV
added 2017/08/30 9:29 a.m.2 views

DEBIAN-CVE-2016-10507

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted bmp file...

6.5CVSS7.1AI score0.02112EPSS
Exploits0References1
OSV
OSV
added 2017/07/18 9:29 p.m.1 views

ALPINE-CVE-2017-11408

In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection...

7.5CVSS6.8AI score0.0206EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/18 12:0 a.m.4 views

FreeRADIUS Denial of Service Vulnerability (CNVD-2017-16975)

FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...

7.5CVSS6.8AI score0.03352EPSS
Exploits0References1
OSV
OSV
added 2017/07/04 12:29 a.m.1 views

CVE-2017-6725

A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCuw65833 CSCuw65837. Known Affected Releases: 2.22...

6.1CVSS5.8AI score
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2017/06/20 12:0 a.m.6 views

VulnCheck KEV: CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

7.2CVSS5.8AI score0.01584EPSS
Exploits5References1
OSV
OSV
added 2017/06/14 12:0 a.m.5 views

UBUNTU-CVE-2017-7758

An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

9.1CVSS6.9AI score0.03146EPSS
Exploits1References5
Rows per page
Query Builder