Lucene search
K

101 matches found

Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.4 views

PT-2022-6884

Name of the Vulnerable Software and Affected Versions busybox versions prior to 1.35 Description The issue is related to a stack overflow vulnerability in the ash.c file of busybox, which can be exploited to achieve arbitrary code execution. This vulnerability is associated with a buffer overflow...

10CVSS8.6AI score0.02979EPSS
Exploits4References102
Vulnrichment
Vulnrichment
added 2022/09/20 11:56 p.m.3 views

CVE-2022-35090

SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via asanmemcpy at /asan/asaninterceptorsmemintrinsics.cpp:...

5.7AI score0.00322EPSS
Exploits1References2
OSV
OSV
added 2022/08/29 5:7 a.m.12 views

MGASA-2022-0311 Updated net-snmp packages fix security vulnerability

A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. CVE-2022-24805 Buffer overflow and out of bounds memory access. CVE-2022-24806 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memo...

8.8CVSS7.7AI score0.01299EPSS
Exploits0References5
Apple
Apple
added 2022/07/20 12:0 a.m.93 views

About the security content of watchOS 8.7

About the security content of watchOS 8.7 This document describes the security content of watchOS 8.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

10CVSS9.6AI score0.06293EPSS
Exploits7References1Affected Software1
OSV
OSV
added 2022/04/14 6:3 a.m.6 views

SUSE-SU-2022:1194-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2486 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects a...

7.8CVSS8.6AI score0.05524EPSS
Exploits5References7
OSV
OSV
added 2022/02/08 4:27 p.m.9 views

MGASA-2022-0052 Updated glibc packages fix security vulnerability

Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...

7.8CVSS9.3AI score0.0072EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/08/16 7:7 p.m.19 views

CVE-2021-21860

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption...

8.8CVSS9AI score0.01632EPSS
Exploits1References2
CNVD
CNVD
added 2021/07/15 12:0 a.m.4 views

Bento4 Buffer Overflow Vulnerability (CNVD-2021-51789)

Bento4 is an open source C++ library for reading and writing MP4 files. Bento4 suffers from a buffer overflow vulnerability that stems from an unhandled memory allocation failure in Core/Ap4Atom.cpp in Bento version 1.5.1-628 that results in a null pointer dereference, which can be exploited by a...

6.5CVSS7.2AI score0.01031EPSS
Exploits1References1
OSV
OSV
added 2021/05/27 12:15 a.m.6 views

CVE-2021-30499

A flaw was found in libcaca. A buffer overflow of export.c in function exporttroff might lead to memory corruption and other potential consequences...

7.8CVSS7.9AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/04/12 12:0 a.m.1 views

PT-2021-4765 · Libcaca +6 · Libcaca +6

Name of the Vulnerable Software and Affected Versions: libcaca affected versions not specified Description: The issue is related to a buffer overflow in the export.c file, specifically in the export troff function of the libcaca graphic library, which is used for converting images to ASCII art...

10CVSS7.5AI score0.02389EPSS
Exploits8References80
OSV
OSV
added 2021/03/12 1:59 p.m.6 views

SUSE-SU-2021:0773-1 Security update for slurm_20_11 and pdsh

This update for pdsh fixes the following issues: - Preparing pdsh for Slurm 20.11 jscECO-2412 - Simplify convoluted condition. This update for slurm fixes the following issues: - Fix potential buffer overflows from use of unpackmem. CVE-2020-27745 bsc1178890 - Fix potential leak of the magic cook...

9.8CVSS8.4AI score0.0268EPSS
Exploits0References23
BDU FSTEC
BDU FSTEC
added 2021/02/09 12:0 a.m.5 views

The vulnerability of the UDP-based implementation of Cisco IOS XE SD-WAN’s microprogramming software for routers allows a attacker to induce service failure. This vulnerability applies to devices such as Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage.

The vulnerability of the UDP-based implementation of Cisco IOS XE SD-WAN microprogramming software, including Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN...

8.6CVSS7.8AI score0.01894EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2020/09/04 11:33 a.m.8 views

SUSE-SU-2020:2505-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19726 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...

10CVSS8.9AI score0.16908EPSS
Exploits2References19
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.1 views

PT-2021-5793

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2 Description A heap-based Buffer Overflow issue exists in FFmpeg, specifically at libavfilter/vf floodfill.c, which may lead to memory corruption and other potential consequences. This issue is related to a buffer overflow...

8.8CVSS7AI score0.01667EPSS
Exploits2References131
Veracode
Veracode
added 2019/07/26 8:51 a.m.28 views

Denial Of Service (Dos)

mcpp is vulnerable to denial of service. The domsg function in support.c does not handle the memory properly when a malicious input is provided, causing heap-based buffer overflows...

5.5CVSS5.3AI score0.01569EPSS
Exploits1References5Affected Software6
UbuntuCve
UbuntuCve
added 2019/03/15 6:29 p.m.21 views

CVE-2018-20177

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdpinunistr and results in memory corruption and possibly even a remote code execution...

9.8CVSS7AI score0.07934EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2019/03/15 6:0 p.m.36 views

CVE-2018-20177

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdpinunistr and results in memory corruption and possibly even a remote code execution...

9.8CVSS10AI score0.07934EPSS
Exploits1
Debian CVE
Debian CVE
added 2018/11/29 5:0 p.m.26 views

CVE-2018-8786

FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...

9.8CVSS9.5AI score0.08156EPSS
Exploits1
Prion
Prion
added 2018/02/09 11:29 p.m.16 views

Buffer overflow

Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...

6.8CVSS8.7AI score0.01873EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/09 11:0 p.m.17 views

CVE-2018-1000050

Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...

8.8AI score0.01873EPSS
Exploits0References1
Rows per page
Query Builder