Lucene search
K

30 matches found

OSV
OSV
added 2021/01/07 12:0 p.m.18 views

RUSTSEC-2021-0091 Reading on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` )

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/04/22 12:0 a.m.5 views

The vulnerability of SQLite’s data processing mechanism in Google Chrome browsers allows attackers to gain unauthorized access to confidential data.

The vulnerability of SQLite data processing mechanism in Google Chrome browsers is related to reading data from buffer files beyond their allowable limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data through a created HTML page...

7.1CVSS7.2AI score0.01711EPSS
Exploits0References10Affected Software6
CVE
CVE
added 2019/12/12 8:30 a.m.53 views

CVE-2019-2337

CVE-2019-2337 describes a buffer-read flaw in Qualcomm’s Snapdragon hardware/firmware where EMM may read beyond the declared message length while skipping unknown IES. The issue is linked to multiple Snapdragon platforms (Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Wearables) and a long ...

7.8CVSS7.6AI score0.00658EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/14 12:0 a.m.6 views

The vulnerability of the microprogrammed programmable logic controller Modicon, related to reading buffers from external sources, allows a intruder to disclose protected information.

The vulnerability of the microprogrammed programmable logic controller Modicon relates to the reading of buffers from external sources. Exploiting this vulnerability can allow an intruder, operating remotely, to disclose sensitive information by reading certain memory blocks in the controller via...

7.5CVSS5.4AI score0.03413EPSS
Exploits1References3Affected Software4
Veracode
Veracode
added 2019/02/08 3:4 a.m.27 views

Denial Of Service (DoS)

libcurl.so is vulnerable to denial of service DoS. The library does not correctly check input data, allowing an attacker or compromised NTLM server to perform out-of-bounds buffer reading by providing a bad length + offset combination as input...

7.5CVSS8.3AI score0.05351EPSS
Exploits0References15Affected Software2
Veracode
Veracode
added 2019/01/15 8:52 a.m.50 views

Denial Of Service (DoS)

OpenSSL is susceptible to denial of service attack. During buffer reading and writing with the SSLMODERELEASEBUFFERS mode, TLS/SSL client or server using OpenSSL can crash while processing SSL/TLS due to the flaw in ssl3readbytes function in s3pkt.c in OpenSSL...

4CVSS7.2AI score0.34132EPSS
Exploits0References86Affected Software2
OSV
OSV
added 2017/02/09 10:17 a.m.8 views

SUSE-SU-2017:0433-1 Security update for libgit2

This update for libgit2 fixes the several issues. These security issues were fixed: - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted bsc1019037. - CVE-2017-5338: When using the custom...

9.8CVSS7.2AI score0.03922EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2016/06/14 12:0 a.m.29 views

CVE-2016-5238

The getcmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via vectors related to reading from the information transfer buffer in non-DMA mode...

4.4CVSS6.8AI score0.00421EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.11 views

Debian Security Advisory DSA 750-1 (dhcpcd)

The remote host is missing an update to dhcpcd announced via advisory DSA 750-1. infamous42md discovered that dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing. The old...

5CVSS0.01926EPSS
Exploits0
Exploit DB
Exploit DB
added 2005/11/09 12:0 a.m.32 views

linux/x86 ifreadfd,buf,512<=2 _exit1 else buf; 29 bytes

linux/x86 ifreadfd,buf,512 I made this as a chunk you can paste in to make modular remote exploits. I use it as a first stage payload when I desire to follow up with a real large payload of goodness. This actually is a bit larger than necessary because of the error checking but in some cases...

0.3AI score
Exploits0
Rows per page
Query Builder