Lucene search
K

35 matches found

OSV
OSV
added 2023/12/06 12:26 p.m.9 views

SUSE-SU-2023:4662-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2021-3638: hw/display/ati2d: Fix buffer overflow in ati2dblt bsc1188609 - CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request bsc1213925 - CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake...

7.5CVSS7.4AI score0.01606EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.4 views

SUSE CVE-2019-10557

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053,...

10CVSS7.1AI score0.01145EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/09/30 12:0 a.m.7 views

The vulnerability of the Video microprogramming system component in Qualcomm’s embedded chips allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Video microprogramming software component in Qualcomm’s embedded chips relates to the lack of checks for buffer length and reading beyond the memory boundary when processing AVI files. Exploiting this vulnerability can allow an intruder to gain unauthorized access to...

6.8CVSS6.1AI score0.00116EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/07 12:0 a.m.5 views

多款Qualcomm产品缓冲区错误漏洞

The Qualcomm Component is a component of Qualcomm Incorporated USA. Intrinsic component that provides the functionality of Qualcomm devices. A security vulnerability exists in Qualcomm products that could result in out-of-bounds reads in DRM due to incorrect buffer length checks. The following...

7.8CVSS7.3AI score0.00184EPSS
Exploits0References4
OSV
OSV
added 2021/02/18 4:15 a.m.14 views

CVE-2021-27378

An issue was discovered in the randcore crate before 0.6.2 for Rust. Because readu32into and readu64into mishandle certain buffer-length checks, a random number generator may be seeded with too little data...

9.8CVSS9.4AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/02/18 4:15 a.m.22 views

CVE-2021-27378

An issue was discovered in the randcore crate before 0.6.2 for Rust. Because readu32into and readu64into mishandle certain buffer-length checks, a random number generator may be seeded with too little data...

9.8CVSS7.2AI score0.01243EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/02/18 3:35 a.m.17 views

CVE-2021-27378

An issue was discovered in the randcore crate before 0.6.2 for Rust. Because readu32into and readu64into mishandle certain buffer-length checks, a random number generator may be seeded with too little data...

9.8CVSS9.4AI score0.01243EPSS
Exploits0
CVE
CVE
added 2021/02/18 3:35 a.m.112 views

CVE-2021-27378

The CVE-2021-27378 issue affects the rand_core crate prior to 0.6.2 for Rust. The root cause is mishandling in read_u32_into and read_u64_into that can lead to a random number generator being seeded with insufficient data, enabling an improper seed condition. Public references in the connected do...

9.8CVSS9.3AI score0.01243EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/02/17 12:0 a.m.7 views

Rust rand_core Security Feature Issue Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security signature vulnerability exists in Rust randcore, which is caused by readu32into and readu64into mishandling buffer length checks, and can be exploited to cause a buffer overflow or heap overflow. The...

9.8CVSS7.6AI score0.01243EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.5 views

The vulnerability of Qualcomm’s Linux operating system wireless network driver lies in the lack of buffer length checking and out-of-memory reading, allowing an attacker to execute arbitrary code.

The vulnerability of Linux kernel wireless network driver software from Qualcomm lies in the lack of buffer length checking and out-of-memory reading. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.01145EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.7 views

The vulnerability of the tdx.sys component, which is used to check the length of the operating system’s buffer, allows a hacker to exploit their privileges.

The vulnerability of the tdx.sys component, which is used to check the length of operating system Windows buffers, is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder, operating locally, to increase their privileges...

7.2CVSS7.3AI score0.01315EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/10/31 12:0 a.m.26 views

Debian DSA-2323-1 : radvd - several vulnerabilities

Multiple security issues were discovered by Vasiliy Kulikov in radvd, an IPv6 Router Advertisement daemon : - CVE-2011-3602 setinterfacevar function doesn't check the interface name, which is chosen by an unprivileged user. This could lead to an arbitrary file overwrite if the attacker has local...

7.5CVSS5.9AI score0.02794EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.21 views

openSUSE Security Update : imap (imap-368)

Insufficient buffer length checks in the imap client library may crash applications that use the library to print formatted email addresses. The imap daemon itself is not affected but certain versions of e.g. the php imap module are CVE-2008-5514. The client library could also crash when a rogue...

5CVSS5.6AI score0.01909EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.25 views

openSUSE Security Update : imap (imap-368)

Insufficient buffer length checks in the imap client library may crash applications that use the library to print formatted email addresses. The imap daemon itself is not affected but certain versions of e.g. the php imap module are CVE-2008-5514. The client library could also crash when a rogue...

5CVSS5.6AI score0.01909EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/12/21 12:0 a.m.26 views

openSUSE 10 Security Update : imap (imap-5868)

Insufficient buffer length checks in the imap client library may crash applications that use the library to print formatted email addresses. The imap daemon itself is not affected but certain versions of e.g. the php imap module are CVE-2008-5514. The client library could also crash when a rogue...

5CVSS5.6AI score0.01909EPSS
Exploits1References2
Rows per page
Query Builder