761 matches found
CVE-2015-9115
CVE-2015-9115 affects Android on Qualcomm Snapdragon platforms (Automotive and Mobile MDM9625 and several Snapdragon 410/12/425/430/450/615/16/415/617/625/650/52/820/820A). The root cause is missing validation of the address argument in the qsee_prng_getdata syscall, enabling potential misuse. Re...
CVE-2018-6879
The CVE-2018-6879 entry concerns PHP Scripts Mall Website Seller Script 2.0.3 where client-side validation is used to enforce email format. The vulnerability arises because the validation can be bypassed by removing the client-side validation code, enabling a remote attacker to modify a registere...
CVE-2017-14913
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD 650/52, SD 835, SD 845, DDR address input validation is being improperly truncated...
SUSE SLES11 Security Update : xen (SUSE-SU-2018:0638-1) (Meltdown) (Spectre)
This update for xen fixes several issues. This new feature was included : - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative...
SUSE-SU-2018:0638-1 Security update for xen
This update for xen fixes several issues. This new feature was included: - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative...
SUSE-SU-2018:0609-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks bsc1074562, bsc1068032 - CVE-2018-5683: The vgadrawtext function...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
Out-of-bounds
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
DEBIAN-CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2018-5683
CVE-2018-5683 is an out-of-bounds memory access in QEMU’s VGA emulator (vga_draw_text). The vulnerability allows a privileged guest OS user to cause a Denial of Service by crashing the QEMU process due to improper memory address validation. The issue is discussed across multiple advisories (Debia...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2017-17997
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343...
ALPINE-CVE-2017-17997
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343...
UBUNTU-CVE-2017-17997
In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343...
CVE-2017-14510
An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. The WebToLeadCapture functionality is found vulnerable to unauthenticated cross-site scripting XSS attacks. This attack vector is mitigated by proper validating t...
Multiple CRLF Injection
PHPMailer is vulnerable to multiple CRLF injection attacks. The attacks exist because it does not filter address inputs with line breaks. A malicious user can pass an email address to the validateAddress function in class.phpmailer.php or pass SMTP commands to the sendCommand function in...
DNSSEC RR Stub Resolver Denial Of Service Exploit
Exploit for linux platform in category dos / poc !/usr/bin/perl DNS/DNSSEC RR stub resolvers amplification ddos Copyright 2017 c Todor Donev email protected https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is for Educational purpose...