Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

788 matches found

CVE
CVEadded 2018/12/01 6:0 p.m.62 views

CVE-2018-4038

CVE-2018-4038 is a memory-corruption, arbitrary-write vulnerability in the Atlantis Word Processor open document format parser. Cisco Talos details show the issue stems from an insecure length handling in the NewAnsiString path within the parser’s buffer/heap management (text processing via LStrS...

8.8CVSS7.7AI score0.01279EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/12/01 6:0 p.m.20 views

CVE-2018-4038

An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a constructor. This...

8.8CVSS7.7AI score0.01279EPSS
Exploits1References1
CNVD
CNVDadded 2018/11/16 12:0 a.m.1 views

Google Chrome Out-of-Bounds Boundary Memory Access Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A security vulnerability exists in V8 in versions of Google Chrome prior to 70.0.3538.102. An attacker can exploit the vulnerability to perform write and read operatio...

8.8CVSS8.8AI score0.0112EPSS
Exploits0References1
OpenVAS
OpenVASadded 2018/11/01 12:0 a.m.29 views

Sophos HitmanPro.Alert Multiple Vulnerabilities - Windows

Sophos HitmanPro.Alert version 3.7.6.744 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS6.3AI score0.00541EPSS
Exploits2References2
OSV
OSVadded 2018/10/25 6:29 p.m.2 views

CVE-2018-3971

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...

7.8CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2018/10/25 6:29 p.m.27 views

CVE-2018-3971

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...

9.3CVSS8AI score0.00541EPSS
Exploits1References2
Cvelist
Cvelistadded 2018/10/25 6:0 p.m.30 views

CVE-2018-3971

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...

9.3CVSS7.6AI score0.00541EPSS
Exploits1References2
CVE
CVEadded 2018/10/25 6:0 p.m.80 views

CVE-2018-3971

CVE-2018-3971 is a privilege-escalation flaw in Sophos HitmanPro.Alert (hmpalert.sys) 3.7.6.744, exploitable via IOCTL 0x2222CC. The vulnerability enables an attacker to perform an arbitrary write by supplying srcAddress, dstAddress, and srcSize; a write-what-where effect can copy data from the a...

9.3CVSS7.5AI score0.00541EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2018/10/25 12:0 a.m.3 views

PT-2018-16351 · Sophos · Sophos Hitmanpro.Alert

Name of the Vulnerable Software and Affected Versions: Sophos HitmanPro.Alert version 3.7.6.744 Description: An arbitrary write issue exists in the 0x2222CC IOCTL handler functionality. A specially crafted IRP request can cause the driver to write data to an address controlled by an attacker,...

9.3CVSS8.3AI score0.00541EPSS
Exploits1References4
Talos
Talosadded 2018/10/25 12:0 a.m.564 views

Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability

Summary An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can...

9.3CVSS8.1AI score0.00541EPSS
Exploits1
NVD
NVDadded 2018/10/18 1:29 p.m.21 views

CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS7AI score0.13417EPSS
Exploits2References9
Prion
Prionadded 2018/10/18 1:29 p.m.24 views

Type confusion

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

5.8CVSS8.2AI score0.13417EPSS
Exploits2References9Affected Software10
Debian CVE
Debian CVEadded 2018/10/18 1:0 p.m.31 views

CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS9.3AI score0.13417EPSS
Exploits2
CNVD
CNVDadded 2018/10/12 12:0 a.m.3 views

Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability (CNVD-2018-21094)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader security vulnerabilities exist. Remote attackers can exploit the...

9.3CVSS7.9AI score0.15925EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2018/10/03 12:0 a.m.20 views

CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS7.4AI score0.13417EPSS
Exploits2References3
OSV
OSVadded 2018/10/03 12:0 a.m.0 views

UBUNTU-CVE-2018-12386

A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR 60.2.2 and Firefox 62.0.3...

8.1CVSS7.9AI score0.13417EPSS
Exploits2References4
OSV
OSVadded 2018/10/01 8:29 p.m.2 views

CVE-2018-3982

An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...

7.8CVSS6.2AI score
Exploits0References1
Prion
Prionadded 2018/10/01 8:29 p.m.14 views

Design/Logic Flaw

An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...

6.8CVSS7.7AI score0.0128EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/10/01 8:29 p.m.27 views

CVE-2018-3982

An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...

8.8CVSS8AI score0.0128EPSS
Exploits1References1
Cvelist
Cvelistadded 2018/10/01 8:0 p.m.60 views

CVE-2018-3982

An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an...

8.8CVSS7.7AI score0.0128EPSS
Exploits1References1
Rows per page
Query Builder