Lucene search
K

51 matches found

CNNVD
CNNVD
added 2023/09/08 12:0 a.m.5 views

Linaro Trusted Firmware-M Security Vulnerability

Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Trusted Firmware-M TF-Mv1.8.0 and earlier versions, which stems from a security flaw in the buffer during authenticatio...

7.5CVSS7.2AI score0.00323EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.8 views

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software used in D-Link DAP-2622 wireless access points lies in the fact that the execution of commands is carried out outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.8CVSS8.4AI score0.00593EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.7 views

The vulnerability of the CAPWAP (Control and Provisioning of Wireless Access Points) microprogramming software used in Zyxel’s USG FLEX, USG FLEX 50(W), USG20(W)-VPN, ATP, and VPN devices allows a hacker to cause service interruptions.

The vulnerability of the CAPWAP Control and Provisioning of Wireless Access Points microprogramming software used in Zyxel USG FLEX, USG FLEX 50W, USG20W-VPN, ATP, and VPN devices lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability...

6.5CVSS6.8AI score0.00268EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/22 12:0 a.m.4 views

NVIDIA DGX-2 缓冲区错误漏洞

The NVIDIA DGX-2 is a high-performance workstation for deep learning from NVIDIA, Inc. The NVIDIA DGX-2™ is NVIDIA's first 2 petaFLOPS device with 16 NVIDIA V100 Tensor core GPUs, making it an excellent platform for complex AI challenges. A security vulnerability exists in NVIDIA DGX-2 prior to...

7.5CVSS6.7AI score0.00171EPSS
Exploits0References2
OSV
OSV
added 2023/04/11 9:15 a.m.6 views

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

7.8CVSS7.4AI score0.00219EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/06 12:0 a.m.7 views

MediaTek 芯片缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of boundary checking and could lead to out-of-bounds reads. An attacker could exploit the vulnerability to escalate privileges. The following...

4.4CVSS5.2AI score0.00093EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/16 12:0 a.m.6 views

PT-2023-13400 · Dell · Dell Precision Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an improper SMM communication buffer verification vulnerability. A local malicious user with high...

7.5CVSS6.9AI score0.00172EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/03/03 12:0 a.m.8 views

The vulnerability of the Video components in Microsoft Edge and Google Chrome allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Microsoft Edge and Google Chrome browser’s Video component is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information b...

10CVSS8AI score0.00668EPSS
Exploits0References11Affected Software6
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.3 views

SUSE CVE-2009-1375

The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...

5CVSS7AI score0.02312EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.11 views

The vulnerability of the Android operating system’s exchange buffer in Samsung mobile devices allows a hacker to gain access to read, modify, or delete files.

The vulnerability of the exchange buffer in Android mobile devices from Samsung is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete files...

4.9CVSS7.3AI score0.02831EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/23 12:0 a.m.5 views

PT-2022-6198 · Dell · Dell Alienware M17 R5 Bios

Name of the Vulnerable Software and Affected Versions: Dell Alienware m17 R5 BIOS versions prior to 1.2.2 Description: The issue is related to a buffer access vulnerability in the BIOS software of Dell Alienware m17 R5 laptops. A malicious user with admin privileges could potentially exploit this...

5.6CVSS4.1AI score0.00183EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/06/22 12:0 a.m.7 views

The vulnerability of the U3D components of PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat allows a perpetrator to execute arbitrary code.

The vulnerability of the U3D components in PDF viewing and editing programs such as Adobe Reader and Adobe Acrobat is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.8AI score0.86238EPSS
Exploits11References3Affected Software2
CNNVD
CNNVD
added 2022/04/11 12:0 a.m.14 views

多款 MediaTek 产品缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in multiple MediaTek products that stems from a lack of boundary checking in the preloader partitioning, which may result in out-of-bounds writes...

6.6CVSS6.6AI score0.00125EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/03/07 12:0 a.m.8 views

CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach...

7.1AI score0.89063EPSS
Exploits100References10
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.7 views

The vulnerability of the GetData DBMS, related to the execution of operations outside the buffer in memory, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the GetData database management system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures due to malicious database...

9.8CVSS8.2AI score0.02157EPSS
Exploits0References5Affected Software2
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.4 views

Zephyr 缓冲区错误漏洞

Zephyr is an open source, small, scalable real-time operating system. A security vulnerability exists in Zephyr versions = v1.14.2 and = v2.2.0 that stems from incorrect input frame validation in ieee802154 processing. No detailed vulnerability details are currently available...

9.8CVSS5.5AI score0.00807EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.1 views

Samba 缓冲区错误漏洞

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security vulnerability exis...

7.5CVSS7.6AI score0.03833EPSS
Exploits0References19
OSV
OSV
added 2021/03/11 9:15 p.m.4 views

CVE-2021-22714

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...

9.8CVSS7.7AI score0.02428EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.4 views

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in versions of grub2 prior to 2.06. Setparamprefix in the menu presentation code performs length calculations based on the premise that it takes three characters to represent a single quote with a quotati...

8.2CVSS5.7AI score0.0061EPSS
Exploits0References34
OSV
OSV
added 2020/12/03 11:7 p.m.9 views

USN-4658-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-0423 Daniele Antonioli, Nils Ole...

7.8CVSS7.2AI score0.06692EPSS
Exploits7References12
Rows per page
Query Builder