Lucene search
K

166 matches found

OSV
OSV
added 2018/06/07 9:43 a.m.9 views

SUSE-SU-2018:1566-1 Security update for git

This update for git fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...

7.8CVSS8AI score0.49188EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2018/06/06 12:0 a.m.36 views

openSUSE Security Update : git (openSUSE-2018-557)

This update for fixes the following security issues : - path sanity-checks on NTFS can read arbitrary memory CVE-2018-11233, boo1095218 - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235, boo1095219 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.8CVSS8.2AI score0.49188EPSS
Exploits10References4
NVD
NVD
added 2018/04/18 2:29 p.m.21 views

CVE-2015-9132

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled...

7.5CVSS7.8AI score0.00928EPSS
Exploits0References2
Prion
Prion
added 2018/04/18 2:29 p.m.22 views

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled...

5CVSS8.1AI score0.00928EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 2:0 p.m.19 views

CVE-2015-9132

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled...

7.9AI score0.00928EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/08 12:0 a.m.2 views

K7 Total Security Arbitrary Content Read Vulnerability

K7 Total Security is a network security protection device from K7 Computing India. A security vulnerability exists in versions prior to K7 Total Security 15.1.0.305 that stems from the program failing to adequately filter user input. An attacker can exploit the vulnerability to read arbitrary...

7.1CVSS6.8AI score0.01242EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.17 views

CVE-2017-2892

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code...

9.8CVSS7.3AI score0.02395EPSS
Exploits1References2
Prion
Prion
added 2017/11/07 4:29 p.m.18 views

Information disclosure

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code...

7.5CVSS9.5AI score0.02395EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2017/11/07 4:29 p.m.17 views

Information disclosure

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

6.4CVSS7.7AI score0.01311EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/11/07 4:29 p.m.21 views

CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS7.9AI score0.01311EPSS
Exploits1References1
OSV
OSV
added 2017/11/07 4:29 p.m.13 views

CVE-2017-2892

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code...

9.8CVSS7.6AI score
Exploits0References1
OSV
OSV
added 2017/11/07 4:29 p.m.4 views

DEBIAN-CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS6.7AI score0.01311EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2017/11/07 4:0 p.m.40 views

CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS7.9AI score0.01311EPSS
Exploits1
seebug.org
seebug.org
added 2017/10/24 12:0 a.m.45 views

K7 Total Security Device Driver Arbitrary Memory Read

Vulnerability Summary The following advisory describes an Crash found in K7 Total Security. Credit An independent security researcher, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response K7 has released patches to address this vulnerability –...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2017/10/23 12:0 a.m.39 views

K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read

K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read Vulnerability Summary The following advisory describes an Crash found in K7 Total Security. Credit An independent security researcher, Kyriakos Economou aka @kyREcon, has reported this vulnerability to Beyond Security’s SecuriTeam...

3.6CVSS0.9AI score0.01242EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/10/23 12:0 a.m.43 views

K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read

Vulnerability Summary The following advisory describes an Crash found in K7 Total Security. Credit An independent security researcher, Kyriakos Economou aka @kyREcon, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response K7 has released patches ...

7.1CVSS7AI score0.01242EPSS
Exploits2
OSV
OSV
added 2017/10/16 1:29 a.m.3 views

CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...

7.8CVSS5.9AI score0.00379EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.6 views

Gemalto's HASP SRM Arbitrary Memory Read Vulnerability

Gemalto is a global leader in digital security, specializing in financial IC cards, payment security, mobile payment solutions, cloud authentication access services, identity and privacy protection, e-healthcare, e-government and other services. An arbitrary memory read vulnerability exists in...

7.5CVSS8.2AI score0.01684EPSS
Exploits0References1
NVD
NVD
added 2017/10/04 1:29 a.m.13 views

CVE-2017-12820

Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service...

7.5CVSS8.5AI score0.01684EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/10/04 1:29 a.m.3 views

CVE-2017-12820

Arbitrary memory read from controlled memory pointer in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service...

7.5CVSS5.5AI score0.01684EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder