Lucene search
+L

1549 matches found

OSV
OSV
added 2016/01/04 5:59 a.m.3 views

UBUNTU-CVE-2015-8714

The dissectdcomOBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.5CVSS6.4AI score0.01539EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/12/17 12:0 a.m.63 views

F5 Networks BIG-IP : Linux kernel vulnerability (K90230486)

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c. CVE-2015-7613 C Tenable Network Security,...

6.9CVSS6.5AI score0.00412EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2015/11/19 6:3 a.m.8 views

wireshark: The WCP dissector could crash while decompressing data (wnpa-sec-2015-07)

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...

5CVSS5.9AI score0.04422EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/11/19 6:3 a.m.12 views

wireshark: NCP dissector crashes (wnpa-sec-2014-22)

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS7.2AI score0.03101EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2015/10/30 9:53 a.m.26 views

CVE-2011-1173

The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...

5CVSS6.8AI score0.02608EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2015/10/19 10:0 a.m.40 views

CVE-2015-7613

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c...

6.9CVSS6.7AI score0.00412EPSS
Exploits1
OSV
OSV
added 2015/10/02 12:0 a.m.3 views

UBUNTU-CVE-2015-7613

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c...

6.9CVSS6.7AI score0.00412EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2015/07/21 10:14 a.m.8 views

wireshark: NCP dissector crashes (wnpa-sec-2014-22)

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS7.2AI score0.03101EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2015/06/11 12:0 a.m.33 views

(Pwn2Own) Microsoft Internet Explorer mergeAttributes Uninitialized Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.23758EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.33 views

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150305)

It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM- allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. CVE-2014-8106 An uninitialized data structure use flaw was fou...

7.5CVSS7.1AI score0.04115EPSS
Exploits0References5
CNVD
CNVD
added 2015/03/12 12:0 a.m.2 views

Wireshark WCP Dissector Denial of Service Vulnerability

Wireshark is an open source network protocol analysis tool. The Wireshark WCP parser epan/dissectors/packet-wcp.c fails to properly initialize data structures, allowing an attacker to exploit the vulnerability by submitting special messages to crash the application...

5CVSS7AI score0.04422EPSS
Exploits0References1
OSV
OSV
added 2015/03/08 2:59 a.m.3 views

UBUNTU-CVE-2015-2188

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted packet that is improperly...

5CVSS6.4AI score0.04422EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.39 views

RedHat Update for qemu-kvm RHSA-2015:0349-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04115EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.5 views

qemu: vnc: insufficient bits_per_pixel from the client sanitization

An uninitialized data structure use flaw was found in the way the setpixelformat function sanitized the value of bitsperpixel. An attacker able to access a guest's VNC console could use this flaw to crash the guest...

5CVSS7.3AI score0.03742EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/05 9:37 a.m.36 views

Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...

7.5CVSS7.4AI score0.04115EPSS
Exploits0References96
OSV
OSV
added 2015/02/19 11:59 a.m.8 views

CVE-2014-9423

The svcauthgssacceptseccontext function in lib/rpc/svcauthgss.c in MIT Kerberos 5 aka krb5 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap...

5.9AI score
Exploits0References13
OSV
OSV
added 2015/02/03 12:0 a.m.1 views

UBUNTU-CVE-2014-9423

The svcauthgssacceptseccontext function in lib/rpc/svcauthgss.c in MIT Kerberos 5 aka krb5 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap...

5CVSS7.2AI score0.0389EPSS
Exploits0References4
OSV
OSV
added 2015/01/10 2:59 a.m.2 views

DEBIAN-CVE-2015-0560

The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service application crash via a crafted...

5CVSS7.2AI score0.01578EPSS
Exploits0References1
OSV
OSV
added 2015/01/10 2:59 a.m.5 views

UBUNTU-CVE-2015-0560

The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service application crash via a crafted...

5CVSS7.2AI score0.01578EPSS
Exploits0References3
OSV
OSV
added 2014/11/23 2:59 a.m.2 views

DEBIAN-CVE-2014-8712

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS7.2AI score0.03101EPSS
Exploits0References1
Rows per page
Query Builder