Lucene search
K

53 matches found

ATTACKERKB
ATTACKERKB
added 2025/08/20 3:36 p.m.5 views

CVE-2011-10021

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler SEH. By crafting a...

8.4CVSS6.4AI score0.00322EPSS
Exploits0References6
CVE
CVE
added 2025/08/20 3:36 p.m.27 views

CVE-2011-10021

Magix Musik Maker 16 is affected by a stack-based buffer overflow when processing .mmm files due to an unsafe strcpy() that fails to validate input length, allowing an attacker to overwrite the Structured Exception Handler (SEH). Exploitation is triggered by opening a crafted .mmm file and can le...

8.4CVSS7.6AI score0.00322EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/03/03 4:24 p.m.10 views

CVE-2025-0289 CVE-2025-0289

Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service...

7.6AI score0.00318EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/01/21 12:0 a.m.32 views

Amazon Corretto Java 17.x < 17.0.14.7.1 Vulnerability

The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.14.7.1. It is, therefore, affected by a vulnerability as referenced in the corretto-17-2025-Jan-21 advisory. - hotspot/compiler CVE-2025-21502 Note that Nessus has not tested for this issue but has instead relied only...

4.8CVSS6.6AI score0.00971EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.9 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql, postgresql16, postgresql17 (SUSE-SU-2024:4173-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4173-1 advisory. This update ships postgresql17 , and fixes security issues with postgresql16: - bsc1230423: Rela...

8.8CVSS7.2AI score0.04422EPSS
Exploits1References15
SUSE Linux
SUSE Linux
added 2024/11/25 4:10 p.m.1 views

Security update for postgresql, postgresql16, postgresql17

This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: bsc1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirme...

8.8CVSS7.4AI score0.04422EPSS
Exploits1References22
Vulnrichment
Vulnrichment
added 2024/11/14 1:2 p.m.20 views

CVE-2024-7404 Improper Restriction of Rendered UI Layers or Frames in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow...

6.8CVSS6.5AI score0.00538EPSS
Exploits0References3
OSV
OSV
added 2024/08/08 10:31 a.m.15 views

CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into...

5.3CVSS6.5AI score0.00301EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.9 views

PT-2023-9571

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23 Oracle GraalVM for JDK versions 17.0.12, 21.0.4, 23 Oracle GraalVM Enterprise Edition versions 20.3.15, 21.3.11 Description The issue is related to the Serialization...

4.8CVSS6.8AI score0.01157EPSS
Exploits0References433
Microsoft Security Update
Microsoft Security Update
added 2023/12/04 6:0 p.m.12 views

Azure File Sync Agent v17.0 Release – December 2023 (KB5023053)

Update for Azure File Sync agent version 17.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2023/10/27 12:0 a.m.31 views

Apple Safari Security Update (HT213941)

Apple Safari is multiple vulnerabilities SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

9.8CVSS8AI score0.29179EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-3038

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling...

6.8CVSS9.6AI score0.0201EPSS
Exploits1References4
OSV
OSV
added 2023/02/01 12:0 a.m.29 views

DSA-5335-1 openjdk-17 - security update

Bulletin has no description...

5.3CVSS5.8AI score0.02376EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/07/20 12:0 a.m.15 views

Oracle OpenJDK Unspecified Vulnerability (Jul 2022)

Oracle OpenJDK is prone to an unspecified vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

5.3CVSS6.2AI score0.01804EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.7 views

Trend Micro Security 缓冲区错误漏洞

Trend Micro Security Consumer is an antivirus software from Trend Micro. A buffer error vulnerability exists in Trend Micro Security Consumer versions 17 through 17.7.1130 that originates from a boundary condition. A local attacker could exploit the vulnerability to access potentially sensitive...

5.5CVSS6.6AI score0.00333EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/04/19 12:0 a.m.205 views

Amazon Corretto Java 17.x < 17.0.3.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Apr-17 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has...

7.5CVSS7.6AI score0.52063EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.24 views

Mitsubishi Electric MELSEC iQ-R Series C Controller Module Uncontrolled Resource Consumption (CVE-2021-20600)

Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all versions allows a remote unauthenticated attacker to cause a denial-of-service DoS condition by sending a large number of packets in a short time while the module starting up. System reset is required for...

7.1CVSS6.1AI score0.02242EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/10/25 12:0 a.m.22 views

Oracle Java SE Security Update (oct2021) 02 - Windows

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.06218EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/18 12:0 a.m.7 views

Digium Asterisk Security Vulnerability

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in Digium Asterisk. The vulnerability stems from allowing a...

5.9CVSS6.3AI score0.02547EPSS
Exploits0References9
Cvelist
Cvelist
added 2019/11/14 12:0 a.m.24 views

CVE-2019-14818

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhostuser socket, can send specially crafted VRINGSETNUM messages, resulting in a memory leak including file...

7.5CVSS7.2AI score0.02815EPSS
Exploits0References8
Rows per page
Query Builder