Lucene search
+L

167 matches found

Positive Technologies
Positive Technologies
added 2022/08/10 12:0 a.m.3 views

PT-2022-4895 · Linux · Linux Kernel Bpf

Name of the Vulnerable Software and Affected Versions: Linux Kernel BPF affected versions not specified Description: The issue is related to an arbitrary memory read within the Linux Kernel BPF. Constants provided to fill pointers in structs passed to bpf sys bpf are not verified and can point...

6.8CVSS5.6AI score0.00255EPSS
Exploits0References15
CNVD
CNVD
added 2022/05/31 12:0 a.m.25 views

Tuxera NTFS-3G Code Injection Vulnerability (CNVD-2022-82648)

Tuxera NTFS-3G is an open source, cross-platform driver for reading and writing NTFS partitions from the Finnish company Tuxera.Tuxera NTFS-3G is vulnerable to code injection, which stems from the existence of arbitrary memory read and write issues in fuselibreaddir, and can be exploited by...

7.2CVSS6.4AI score0.00392EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/26 4:15 p.m.2 views

CVE-2022-30787

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS5.9AI score0.00417EPSS
Exploits0References15
OSV
OSV
added 2022/05/26 4:15 p.m.9 views

AZL-9859 CVE-2022-30787 affecting package ntfs-3g for versions less than 2022.5.17-1

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS7AI score0.00417EPSS
Exploits0References1
Prion
Prion
added 2022/05/26 4:15 p.m.25 views

Integer overflow

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

4.6CVSS6.7AI score0.00417EPSS
Exploits0References10Affected Software3
UbuntuCve
UbuntuCve
added 2022/05/26 4:15 p.m.54 views

CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

7.2CVSS6.9AI score0.00392EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/05/26 12:0 a.m.41 views

CVE-2022-30787

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

7.1AI score0.00417EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2022/05/26 12:0 a.m.37 views

CVE-2022-30785

A file handle created in fuselibopendir, and later used in fuselibreaddir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

7.2CVSS7AI score0.00392EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/05/26 12:0 a.m.48 views

CVE-2022-30787

An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS7AI score0.00417EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/03/02 12:0 a.m.56 views

CVE-2021-3677

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include...

6.5CVSS6.7AI score0.0142EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/02/24 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1164)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.1AI score0.03063EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2021/11/10 6:34 p.m.33 views

Arbitrary memory read in `ImmutableConst`

Impact The ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents: python import tensorflow as tf with open'/tmp/test','wb' as f: f.writeb'\xe2'128 data = tf.rawops.ImmutableConstdtype=tf.string,shape=3,memoryregionname='/tmp/test' printdata This is because t...

6.6CVSS2.7AI score0.0023EPSS
Exploits1References8Affected Software3
NVD
NVD
added 2021/11/05 11:15 p.m.26 views

CVE-2021-41227

TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...

6.6CVSS0.0023EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/11/05 10:30 p.m.29 views

CVE-2021-41227 Arbitrary memory read in `ImmutableConst`

TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...

6.6CVSS6.7AI score0.0023EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.6 views

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An input validation error vulnerability exists in HarmonyOS prior to version 2.0, which stems from an incorrect input validation vulnerability in a component...

5.5CVSS5.7AI score0.00158EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.255 views

SUSE SLED15: glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / etc (SUSE-SU-2021:3385-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3385-1 advisory. - CVE-2021-35942: wordexp: handle overflow in positional parameter number bsc1187911 - CVE-2021-33574: Use pthreadattrcopy...

9.8CVSS6.9AI score0.02898EPSS
Exploits1References7
OSV
OSV
added 2021/10/06 6:15 p.m.5 views

CVE-2021-25468

A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address...

4.4CVSS5.9AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/10/06 12:0 a.m.5 views

PT-2021-16658 · Google · Widevine Trustlet

Name of the Vulnerable Software and Affected Versions: Widevine trustlet versions prior to SMR Oct-2021 Release 1 Description: A possible guessing and confirming a byte memory vulnerability allows attackers to read arbitrary memory addresses. Recommendations: For versions prior to SMR Oct-2021...

4.4CVSS4.7AI score0.00107EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.3 views

GNU C Library 输入验证错误漏洞

The GNU C Library glibc, libc6 is an open source, free C language compiler released under the LGPL license. An input validation error vulnerability exists in GNU C Library, which stems from an integer overflow flaw found in glibc that arises when wordxp is used with a specially designed...

9.1CVSS7.5AI score0.02678EPSS
Exploits0References40
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.6 views

3S-Smart Software Solutions CODESYS V2 Web-Server 缓冲区错误漏洞

3S-Smart Software Solutions CODESYS V2 Web-Server is an application from 3S-Smart Software Solutions, Germany. A web server. An out-of-bounds read vulnerability exists in 3S-Smart Software Solutions CODESYS V2 Web-Server versions prior to 1.1.9.20, which can be exploited by an attacker with the...

9.1CVSS5.9AI score0.01151EPSS
Exploits0References5
Rows per page
Query Builder