Lucene search
K

794 matches found

Cvelist
Cvelist
added 2022/10/12 7:25 p.m.31 views

CVE-2022-32491

Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM...

4.1CVSS7.7AI score0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/12 7:25 p.m.9 views

CVE-2022-32491

Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM...

4.1CVSS7.5AI score0.00155EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/20 5:35 p.m.10 views

CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

6.9AI score0.00463EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/09/20 5:35 p.m.29 views

CVE-2022-40246 Arbitrary write vulnerability in SbPei module leads to arbitrary code execution during PEI phase.

A potential attacker can write one byte by arbitrary address at the time of the PEI phase only during S3 resume boot mode and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines V...

7AI score0.00463EPSS
Exploits1References2
OSV
OSV
added 2022/09/09 6:15 p.m.1 views

DEBIAN-CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

5.5CVSS5.8AI score0.00314EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/09/09 6:15 p.m.28 views

CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

5.5CVSS6.2AI score0.00314EPSS
Exploits1References2
OSV
OSV
added 2022/09/09 6:15 p.m.1 views

UBUNTU-CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

5.5CVSS5.9AI score0.00314EPSS
Exploits1References3
Prion
Prion
added 2022/09/09 6:15 p.m.10 views

Heap overflow

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

1.9CVSS5.5AI score0.00314EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/09 5:57 p.m.27 views

CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

5.7AI score0.00314EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2022/09/09 5:57 p.m.15 views

CVE-2021-40647

In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In version before GLIBC version 2.29 and aligned correctly, it...

5.5CVSS5.4AI score0.00314EPSS
Exploits1
Prion
Prion
added 2022/08/31 4:15 p.m.33 views

Input validation

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

6.5CVSS8.4AI score0.04271EPSS
Exploits0References9Affected Software3
CNNVD
CNNVD
added 2022/08/06 12:0 a.m.4 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in Google Chrome Media, which can be exploited by an attacker to perform arbitrary read/write operations via specially crafted HTML pages...

8.8CVSS5.8AI score0.0055EPSS
Exploits1References5
OSV
OSV
added 2022/07/28 1:15 a.m.4 views

CVE-2022-36991

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...

6.5CVSS5.8AI score0.0058EPSS
Exploits0References1
NVD
NVD
added 2022/07/28 1:15 a.m.15 views

CVE-2022-36991

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...

8.1CVSS0.0058EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/07/28 1:15 a.m.4 views

CVE-2022-36991

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path o...

8.1CVSS5.8AI score0.0058EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.4 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...

8.1CVSS6.5AI score0.0058EPSS
Exploits0References2
Huntr
Huntr
added 2022/06/28 8:20 p.m.19 views

Global overflow in pppdump leads to RCE

Global overflow vulnerability in pppdump A global overflow vulnerability is present in the pppdump utility of the ppp repo which may lead to code execution. Specifically when the -p flag is given for enabling the pppmodeon the pppdump command, a malicious crafted pppdump file can trigger a global...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2022:2057-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00554EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/06/14 12:0 a.m.24 views

openSUSE: Security Advisory for u-boot (SUSE-SU-2022:2056-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.8AI score0.00554EPSS
Exploits1References2
OSV
OSV
added 2022/06/13 10:14 a.m.6 views

SUSE-SU-2022:2057-1 Security update for u-boot

This update for u-boot fixes the following issues: - A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code. CVE-2022-30552, bsc1200363 - A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive. CVE-2022-30790, bsc1200...

7.8CVSS7.9AI score0.00554EPSS
Exploits1References5
Rows per page
Query Builder