Lucene search
K

180 matches found

Gitee
Gitee
added 2021/11/11 11:40 a.m.7 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script. Notable dependencies/tooling include the netaddr library. The execution context is a Python script invoked...

10CVSS8.5AI score0.9981EPSS
Exploits125
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.7 views

The vulnerability of the `findNextBorderPixel` component in the Leptonica image processing library, which involves reading beyond the acceptable buffer boundary, allows attackers to cause service failures.

The vulnerability of the findNextBorderPixel component in the Leptonica image processing library relates to reading data beyond the permissible buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.4AI score0.02871EPSS
Exploits1References13Affected Software6
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.3 views

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to SMR Oct-2021 Release 1, which stems from the lack of buffer bounds checking in the livfivextractor library to allow OOB reads...

6.5CVSS6.7AI score0.00232EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.3 views

The vulnerability of the hivex_open function in the Hivex library, which involves reading data beyond the allowed buffer limits, allows an attacker to gain access to confidential data and also trigger a service failure.

The vulnerability of the hivexopen function in the Hivex library involves reading data from the buffer beyond its allowable limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service failures...

5.8CVSS6.7AI score0.01916EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/07/22 12:0 a.m.7 views

The vulnerability of the wav_write_header function in the libsndfile library, which relates to reading beyond the allowable buffer data limits, allows a attacker to cause a service failure.

The vulnerability of the wavwriteheader function in the libsndfile library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

6.5CVSS6.8AI score0.01689EPSS
Exploits1References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.3 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 browser, related to writing beyond the buffer limit, allows attackers to access confidential information or trigger a service denial.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential information or cause service failures...

8.8CVSS7.9AI score0.01256EPSS
Exploits0References11Affected Software5
OSV
OSV
added 2021/06/29 3:15 p.m.4 views

CVE-2021-32992

FATEK Automation WinProladder Versions 3.30 and prior do not properly restrict operations within the bounds of a memory buffer, which may allow an attacker to execute arbitrary code...

9.8CVSS6AI score0.01752EPSS
Exploits0References1
OSV
OSV
added 2021/06/11 4:15 p.m.6 views

CVE-2021-22761

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...

7.8CVSS7.3AI score0.00665EPSS
Exploits0References1
ICS
ICS
added 2021/05/11 12:0 a.m.137 views

Siemens SIMATIC S7-1500

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SIMATIC S7-1500 CPU 1518F-4 Vulnerabilities: Improper Initialization, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of these Intel...

7.8CVSS8.1AI score0.00357EPSS
Exploits0References11
NVD
NVD
added 2021/05/06 1:15 p.m.15 views

CVE-2020-28022

Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

9.8CVSS0.03017EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.10 views

The vulnerability of the command-line interface (CLI) of Cisco Firepower Threat Defense (FTD) microprogramming system allows a attacker to trigger a device reboot or cause a service failure.

The vulnerability of the command-line interface CLI of Cisco Firepower Threat Defense FTD microprogramming systems relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to trigger a system reboot or cause a service failure...

6.2CVSS6.6AI score0.00497EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.7 views

The vulnerability of the phar_parse_pharfile function (xt/phar/phar.c) in the PHP programming language allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the pharparsepharfile function xt/phar/phar.c in the PHP programming language involves reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.8CVSS7.1AI score0.0566EPSS
Exploits1References6Affected Software4
GithubExploit
GithubExploit
added 2020/05/28 8:41 a.m.125 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Windows SMBv3 LPE Exploit !exploithttps://u...

10CVSS9.2AI score0.9981EPSS
Exploits125
Packet Storm
Packet Storm
added 2020/05/15 12:0 a.m.182 views

SecureCRT Memory Corruption

securecrt: memory corruption in CSI functions CVE-2020-12651 I noticed a vulnerability in SecureCRT that allows a remote system to corrupt memory in the terminal process and execute arbitrary code. The bug is that if you specify a line number to CSI functions that exceeds INTMAX, the unsigned...

0.1AI score0.06603EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2020/04/21 4:34 p.m.159 views

Important: Red Hat Security Advisory: java-11-openjdk security update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

8.3CVSS6.7AI score0.0623EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2020/04/16 12:0 a.m.7 views

The vulnerability of the `load_bmp` function in the CImg library, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loadbmp function in the CImg library arises from the execution of an operation outside the buffer’s boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information throu...

7.8CVSS7.3AI score0.01349EPSS
Exploits1References4Affected Software2
Veracode
Veracode
added 2020/04/10 12:35 a.m.30 views

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. An insufficient buffer bounds checking flaw was discovered in the HP-GL/2-to-PostScript "hpgltops" filter. An attacker could create a malicious HP-GL/2 file that could, possibly, execute arbitrary code as the "lp" user if the file was printed...

10CVSS2.7AI score0.24132EPSS
Exploits1References38Affected Software1
GithubExploit
GithubExploit
added 2020/04/06 3:16 p.m.133 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-CNA This implementation is based on the POC pro...

10CVSS7.3AI score0.9981EPSS
Exploits125
BDU FSTEC
BDU FSTEC
added 2020/03/25 12:0 a.m.3 views

The vulnerability of the Adobe Photoshop graphic editor is related to the issue of executing code outside the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system by opening the malicious file...

10CVSS8.6AI score0.0394EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linux
added 2020/02/17 9:31 a.m.4 views

libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...

7.5CVSS7.3AI score0.04446EPSS
Exploits0References4
Rows per page
Query Builder