Lucene search
+L

62 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/21 12:0 a.m.32 views

Rocky Linux 9 : firefox (RLSA-2023:0810)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0810 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory...

8.8CVSS7.8AI score0.00817EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.27 views

Debian dla-3324 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3324 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3324-1 [email protected]...

8.8CVSS8.2AI score0.00892EPSS
Exploits0References42
Tenable Nessus
Tenable Nessus
added 2023/02/18 12:0 a.m.40 views

SUSE SLES15: libfreebl3 / libfreebl3-32bit / libfreebl3-hmac / etc (SUSE-SU-2023:0443-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0443-1 advisory. Updated to NSS 3.79.4 bsc1208138: - CVE-2023-0767: Fixed handling of unknown PKCS12 safe bag types. Tenable has extracted the preceding...

8.8CVSS6.9AI score0.00817EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/02/16 9:29 a.m.95 views

CVE-2023-0767

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled...

8.8CVSS4.4AI score0.00817EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:48 a.m.5 views

SUSE CVE-2012-0864

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

6.8CVSS9.3AI score0.02717EPSS
Exploits5References8
RedHat Linux
RedHat Linux
added 2023/02/06 4:45 p.m.7 views

git: Heap overflow in `git archive`, `git log --format` leading to RCE

A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in pretty.c::formatandpadcommit, where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command...

9.8CVSS7.5AI score0.44268EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/05/26 12:0 a.m.5 views

Tuxera NTFS-3G 数字错误漏洞

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for supporting read and write NTFS partitions.Tuxera NTFS-3G suffers from a numeric error vulnerability that originates from integer underflow in fuselibreaddir, which can be exploited by attackers to cause...

6.7CVSS5.8AI score0.00417EPSS
Exploits0References21
CNVD
CNVD
added 2022/02/15 12:0 a.m.41 views

Google Android arbitrary memory write vulnerability

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to arbitrary memory writes, which can be exploited by attackers to perform arbitrary memory writes and code execution due to incorrect boundary checking in the edenruntime hal service...

7.2CVSS5.5AI score0.00152EPSS
Exploits0
CNNVD
CNNVD
added 2022/02/11 12:0 a.m.6 views

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to arbitrary memory writes, which can be exploited by attackers to perform arbitrary memory writes and code execution due to incorrect boundary checking in the edenruntime hal service...

8.4CVSS6.4AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/02/11 12:0 a.m.8 views

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, Inc. The Google Android buffer overflow vulnerability stems from improper boundary checking. An attacker could exploit the vulnerability to perform arbitrary memory writes and code execution...

6.7CVSS6.5AI score0.00117EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.8 views

Samsung NPU driver 安全漏洞

Samsung NPU driver is a neural network processor from Samsung South Korea. A security vulnerability exists in Samsung Mobile's NPU driver prior to SMR Jan-2022 Release 1, which arises from improper checking or handling of exceptions in the NPU driver, allowing arbitrary memory writes and code...

7.8CVSS7.9AI score0.00392EPSS
Exploits0References2
CNVD
CNVD
added 2021/10/11 12:0 a.m.44 views

Samsung Notes libSPenBase buffer overflow vulnerability (CNVD-2022-86540)

Samsung Notes is an application from Samsung South Korea. It is used to provide a recording function. A buffer overflow vulnerability exists in versions prior to Samsung Note 4.3.02.61, which stems from a lack of buffer bounds checking in the libSPenBase library, and can be exploited by a remote...

7.8CVSS7.8AI score0.00282EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.6 views

Samsung Notes 缓冲区错误漏洞

Samsung Notes is an application from Samsung South Korea. It is used to provide a recording function. A buffer overflow vulnerability exists in Samsung Note versions prior to 4.3.02.61, which stems from a lack of buffer bounds checking in the libSPenBase library, and can be exploited by a remote...

7.8CVSS8AI score0.00274EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.7 views

Samsung Notes 缓冲区错误漏洞

Samsung Notes is an application from Samsung South Korea. It is used to provide a recording function. A buffer overflow vulnerability exists in versions prior to Samsung Note 4.3.02.61, which stems from a lack of buffer bounds checking in the libSPenBase library, and can be exploited by a remote...

7.8CVSS8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.2 views

Tuxera NTFS-3G 缓冲区错误漏洞

Tuxera NTFS-3G is Finland's Tuxera company's set of open source , cross-platform for supporting NTFS partition read and write drivers . NTFS-3G suffers from a buffer overflow vulnerability that can be exploited by an attacker to potentially cause a heap buffer overflow and allow arbitrary memory...

7.8CVSS6.3AI score0.00414EPSS
Exploits0References17
CNNVD
CNNVD
added 2021/06/11 12:0 a.m.5 views

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in SMR JUN-2021 Release 1, which stems from a possible out-of-bounds write vulnerability in the application's NPU driver that allows arbitrary memor...

7.8CVSS7.5AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.9 views

Qualcomm Video Input Validation Error Vulnerability

Qualcomm Video is a Qualcomm Incorporated USA video component used in Qualcomm products. A security vulnerability exists in Qualcomm Video that stems from an arbitrary memory write issue in the video driver when setting internal buffers...

7.8CVSS7.2AI score0.00161EPSS
Exploits0References3
CNVD
CNVD
added 2020/04/09 12:0 a.m.5 views

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-30775)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to perform arbitrary write operations to memory...

10CVSS7.4AI score0.00564EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2016/12/01 12:0 a.m.40 views

Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service

This Exploit allows arbitrary memory writes and reads. Running the specified payload within this package will write to the device's main CPU kernel, causing it to crash. More information about its origins here: http://boosterok.com/blog/broadpwn2/ Download:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.32 views

Scientific Linux Security Update : libvpx on SL6.x i386/x86_64

An integer overflow flaw, leading to arbitrary memory writes, was found in libvpx. An attacker could create a specially crafted video encoded using the VP8 codec that, when played by a victim with an application using libvpx such as Totem, would cause the application to crash or, potentially,...

10CVSS7.1AI score0.04569EPSS
Exploits1References2
Rows per page
Query Builder