Lucene search
K

197 matches found

Openbugbounty
Openbugbounty
added 2020/06/04 1:12 p.m.19 views

valgrind.10908.n7.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1183808 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/19 12:0 a.m.27 views

FreeBSD : Dovecot -- Multiple vulnerabilities (37d106a8-15a4-483e-8247-fcb68b16eaf8)

Aki Tuomi reports : Vulnerability Details : Sending malformed NOOP command causes crash in submission, submission-login or lmtp service. Risk : Remote attacker can keep submission-login service down, causing denial of service attack. For lmtp the risk is neglible, as lmtp is usually behind a...

7.5CVSS6.6AI score0.08153EPSS
Exploits5References5
RedHat Linux
RedHat Linux
added 2020/04/28 3:49 p.m.4 views

sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.3AI score0.03244EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2020/04/06 12:0 a.m.57 views

wireshark security and bug fix update

1.10.14-24.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-24 - Related: 1613034 - Typo in the previous patch discovered by covscan 1.10.14-23 - Related: 1613034 - Fixing an infinite loop created by previous update 1.10.14-22 - Related: 1633330 - fixing a...

7.8CVSS0.6AI score0.03773EPSS
Exploits3
Hacker One
Hacker One
added 2020/04/04 7:29 a.m.183 views

Internet Bug Bounty: Use of uninitialized value in ftp_getrc_msg method of mod_proxy_ftp.c

This is a Security Bug Report for modproxyftp. This bug is present in ftpgetrcmsg method of modules/proxy/modproxyftp.c file. This is the line which causes this bug. c ... mb = aprcpystrnmb, response + 4, me - mb; ... If ftp server returns a response like "\r\n", which has 3 characters with...

5CVSS6.8AI score0.51951EPSS
Exploits0
OSV
OSV
added 2020/03/24 12:0 p.m.44 views

RUSTSEC-2020-0006 Flaw in `realloc` allows reading unknown memory

When reallocing, if we allocate new space, we need to copy the old allocation's bytes into the new space. There are oldsize number of bytes in the old allocation, but we were accidentally copying newsize number of bytes, which could lead to copying bytes into the realloc'd space from past the chu...

7.5CVSS7.3AI score0.0149EPSS
Exploits1References3
RustSec
RustSec
added 2020/03/24 12:0 p.m.28 views

Flaw in `realloc` allows reading unknown memory

When reallocing, if we allocate new space, we need to copy the old allocation's bytes into the new space. There are oldsize number of bytes in the old allocation, but we were accidentally copying newsize number of bytes, which could lead to copying bytes into the realloc'd space from past the chu...

7.5CVSS0.9AI score0.0149EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/02/12 2:15 p.m.8 views

AZL-40776 CVE-2014-4607 affecting package valgrind 3.22.0-1

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

8.8CVSS7.2AI score0.05315EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2020/01/09 10:5 p.m.32 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.4AI score0.03244EPSS
Exploits0References3
NVD
NVD
added 2020/01/03 10:15 p.m.25 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.8AI score0.03244EPSS
Exploits0References5
OSV
OSV
added 2020/01/03 10:15 p.m.20 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS9.3AI score
Exploits0References5
Prion
Prion
added 2020/01/03 10:15 p.m.25 views

Code injection

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

5CVSS7.3AI score0.03244EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2020/01/03 10:15 p.m.32 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.1AI score0.03244EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2020/01/03 10:15 p.m.55 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS2.9AI score0.03244EPSS
Exploits0
OSV
OSV
added 2020/01/03 10:15 p.m.7 views

UBUNTU-CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.1AI score0.03244EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/01/03 9:37 p.m.32 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

8.4AI score0.03244EPSS
Exploits0References5
CVE
CVE
added 2020/01/03 9:37 p.m.333 views

CVE-2019-19959

CVE-2019-19959 affects SQLite 3.30.1. The issue occurs in ext/misc/zipfile.c when using INSERT INTO with embedded '\0' characters in filenames, causing a memory-management error (detectable by tools like valgrind). The Astra Linux security bulletin confirms the same SQLite 3.30.1 ZIP/file handlin...

7.5CVSS8.2AI score0.03244EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2020/01/03 9:37 p.m.29 views

CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

7.5CVSS7.7AI score0.03244EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/11/20 12:0 a.m.39 views

openssl security update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...

1.1AI score
Exploits0
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.54 views

openssl security, bug fix, and enhancement update

1.1.1c-2 - do not try to use EC groups disallowed in FIPS mode in TLS - fix Valgrind regression with constant-time code 1.1.1c-1 - update to the 1.1.1c release 1.1.1b-6 - adjust the default cert pbe algorithm for pkcs12 -export in the FIPS mode 1.1.1b-5 - Fix small regressions related to the reba...

7.4CVSS1AI score0.12154EPSS
Exploits0
Rows per page
Query Builder