Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

788 matches found

Cvelist
Cvelistadded 2019/06/21 2:1 p.m.14 views

CVE-2018-15735

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F...

5.6AI score0.00449EPSS
Exploits1References2
CVE
CVEadded 2019/06/21 2:1 p.m.280 views

CVE-2018-15735

The CVE-2018-15735 issue affects STOPzilla AntiMalware 6.5.2.59 in the szkg64.sys driver, where an Arbitrary Write vulnerability arises from not validating the output-buffer address for IOCTL 0x8000206F. According to the linked metrics, exploitation is local with low complexity and requires low p...

5.5CVSS5.5AI score0.00449EPSS
Exploits1References2Affected Software1
0day.today
0day.todayadded 2019/05/24 12:0 a.m.230 views

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Exploit

Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...

7.6CVSS0.1AI score0.81551EPSS
Exploits9
Packet Storm
Packet Stormadded 2019/05/24 12:0 a.m.153 views

Microsoft Internet Explorer Windows 10 1809 17763.316 Memory Corruption

Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...

7.6CVSS0.1AI score0.81551EPSS
Exploits9
exploitpack
exploitpackadded 2019/05/24 12:0 a.m.48 views

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Wher...

7.6CVSS0.1AI score0.81551EPSS
Exploits9
Exploit DB
Exploit DBadded 2019/05/24 12:0 a.m.1045 views

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption

Exploit Title: Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Date: 03/2019 Author: Simon Zuckerbraun Vendor: https://www.microsoft.com/ Version: February 2019 patch level Tested on: Windows 10 1809 17763.316 CVE: CVE-2019-0752 Content Dim ar1&h3000000...

7.6CVSS6.5AI score0.81551EPSS
Exploits6
GoogleProjectZero
GoogleProjectZeroadded 2019/05/10 12:0 a.m.11 views

Trashing the Flow of Data

Posted by Stephen Röttger In this blog post I want to present crbug.com/944062, a vulnerability in Chrome’s JavaScript compiler TurboFan that was discovered independently by Samuel saelo@ via fuzzing with fuzzilli, and by myself via manual code auditing. The bug was found in beta and was fixed...

7.7AI score
Exploits0
OSV
OSVadded 2019/04/26 5:29 p.m.1 views

DEBIAN-CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.8CVSS9.1AI score0.19762EPSS
Exploits6References1
OSV
OSVadded 2019/04/05 5:29 a.m.0 views

UBUNTU-CVE-2019-10878

In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData and CDataFileReader::ReplaceData and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution...

9.8CVSS7.7AI score0.03938EPSS
Exploits0References4
Exploit DB
Exploit DBadded 2019/03/25 12:0 a.m.95 views

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation

VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...

7.4AI score
Exploits0
CNVD
CNVDadded 2019/03/22 12:0 a.m.1 views

Mozilla Firefox and Firefox ESR Type Obfuscation Vulnerability (CNVD-2019-08528)

Mozilla Firefox and Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 66 and Firefox ESR versions...

9.8CVSS8.9AI score0.19762EPSS
Exploits6References1
OSV
OSVadded 2019/03/20 12:0 a.m.0 views

UBUNTU-CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

9.8CVSS7.3AI score0.19762EPSS
Exploits6References8
Cvelist
Cvelistadded 2019/02/25 11:0 p.m.24 views

CVE-2018-13912

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...

6.5AI score0.00197EPSS
Exploits0References1
CVE
CVEadded 2019/02/25 11:0 p.m.60 views

CVE-2018-13912

CVE-2018-13912 describes an Arbitrary write in Qualcomm camera components when a kernel address is provided in compat mode on a wide range of Snapdragon platforms (e.g., Snapdragon Auto/Connectivity/Consumer IOT/Industrial IOT/Mobile/Voice & Music/Wearables; various SDM/SD variants). The issue ap...

5.5CVSS5.7AI score0.00197EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2019/02/25 10:29 p.m.22 views

CVE-2018-13912

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...

5.5CVSS6.5AI score0.00197EPSS
Exploits0References1
Prion
Prionadded 2019/02/25 10:29 p.m.20 views

Code injection

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650,...

2.1CVSS6.5AI score0.00197EPSS
Exploits0References1
CNVD
CNVDadded 2018/12/24 12:0 a.m.2 views

ASUS Aura Sync Arbitrary Code Execution Vulnerability

ASUS Aura Sync is a suite of lighting management software from ASUS. An arbitrary code execution vulnerability exists in ASUS Aura Sync version 1.07.22. A local attacker can exploit this vulnerability to write an arbitrary DWORD to an arbitrary address...

5.5CVSS7.6AI score0.00527EPSS
Exploits3References1
Tenable Nessus
Tenable Nessusadded 2018/12/21 12:0 a.m.25 views

Foxit PhantomPDF < 7.3.13 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 7.3.13. It is, therefore, affected by multiple vulnerabilities: - Unauthorized javascript execution when disabled. - Arbitrary Write supporting remote code...

5.9AI score
Exploits0References1
NVD
NVDadded 2018/12/01 6:29 p.m.17 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

8.8CVSS8.1AI score0.01279EPSS
Exploits1References1
OSV
OSVadded 2018/12/01 6:29 p.m.3 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

7.8CVSS6.2AI score0.01279EPSS
Exploits1References1
Rows per page
Query Builder