Lucene search
+L

235 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.3 views

CVE-2023-21112

In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-...

5.5CVSS5.3AI score0.00087EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.7 views

Moodle 跨站请求伪造漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site request forgery vulnerability that stems from the lack of an anti-cross-site request forgery...

8.8CVSS6.7AI score0.00269EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/24 10:6 a.m.3 views

Malicious code in transaction-analyze (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 de16c0c85e09c235c78e898320412a3a2ae473c2ae91e939862b5e99fcb5950b Package contains obfuscated code that exfiltrate basic data and awaits for commands from the remote server to execute them. This is a malicious copy of...

7.6AI score
Exploits0References1
OSV
OSV
added 2025/02/24 10:6 a.m.2 views

MAL-2025-3011 Malicious code in transaction-analyze (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 de16c0c85e09c235c78e898320412a3a2ae473c2ae91e939862b5e99fcb5950b Package contains obfuscated code that exfiltrate basic data and awaits for commands from the remote server to execute them. This is a malicious copy of...

7.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/09 6:25 a.m.4 views

Malicious code in webpacks-bundle-analyze (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.4 views

PT-2024-10674 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a missing bounds check in the analyzeAxes function of FontUtils.cpp, which can lead to a possible out of bounds read. This could...

5.5CVSS7.2AI score0.00076EPSS
Exploits0References4
Fedora
Fedora
added 2024/07/24 3:47 p.m.26 views

[SECURITY] Fedora 40 Update: xmedcon-0.24.0-1.fc40

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

6.2CVSS6.7AI score0.00245EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/11 2:47 a.m.1 views

Malicious code in sap-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dd016b8f72aa6c6e359d03969fb4b0f20682627dc46aab80d66bbdc007434dff The OpenSSF Package Analysis project identified 'sap-analyze' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/06/28 12:0 a.m.16 views

Examining Water Sigbin's Infection Routine Leading to an XMRig Cryptominer

We analyze the multi-stage loading technique used by Water Sigbin to deliver the PureCrypter loader and XMRIG crypto miner...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:32 p.m.5 views

Malicious code in analyze-me (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2024/06/04 12:30 p.m.30 views

ROPDump - A Command-Line Tool Designed To Analyze Binary Executables For Potential Return-Oriented Programming (ROP) Gadgets, Buffer Overflow Vulnerabilities, And Memory Leaks

ROPDump is a tool for analyzing binary executables to identify potential Return-Oriented Programming ROP gadgets, as well as detecting potential buffer overflow and memory leak vulnerabilities. Features Identifies potential ROP gadgets in binary executables. Detects potential buffer overflow...

7.9AI score
Exploits0References1
Fedora
Fedora
added 2024/03/23 12:47 a.m.13 views

[SECURITY] Fedora 40 Update: imagej-1.54i-1.fc40

ImageJ is a public domain Java image processing program. It can display, edit, analyze a wide variety of image data, including image sequences. Imagej can be used for quantitative analysis of engineering and scientific image data...

7.4AI score
Exploits0
OSV
OSV
added 2024/03/15 1:15 a.m.4 views

DEBIAN-CVE-2024-26540

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...

7.8CVSS7.3AI score0.00314EPSS
Exploits1References1
OSV
OSV
added 2024/03/15 1:15 a.m.12 views

UBUNTU-CVE-2024-26540

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...

7.8CVSS6.1AI score0.00314EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/03/15 12:0 a.m.9 views

CVE-2024-26540

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...

7.2AI score0.00314EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.17 views

Fedora: Security Advisory for imagej (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
CNVD
CNVD
added 2023/10/26 12:0 a.m.20 views

IBM Security Verify Governance Command Execution Vulnerability

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. IBM Security verify Governance suffers from a command execution vulnerability...

8.8CVSS7.9AI score0.01105EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/12 12:0 a.m.70 views

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-56537)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. Siemens Tecnomatix Plant Simulation suffers from an out-of-bounds write...

7.8CVSS7.2AI score0.00226EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/12 12:0 a.m.68 views

Siemens Tecnomatix Plant Simulation Type Obfuscation Vulnerability

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany, that uses discrete-event simulation to analyze and optimize throughput and thereby improve manufacturing system performance. A type confusion vulnerability exists in Siemens Tecnomatix Plant Simulation, whi...

7.8CVSS7.1AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.4 views

PT-2023-35726 · Git +1 · Flac

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

6.9AI score
Exploits0References2
Rows per page
Query Builder