Lucene search
K

128 matches found

Vulnrichment
Vulnrichment
added 2023/01/05 5:33 p.m.9 views

CVE-2022-4435

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure...

6.7CVSS6.4AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/05 5:32 p.m.7 views

CVE-2022-4432

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure...

6.7CVSS6.6AI score0.00183EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.22 views

EulerOS 2.0 SP3 : ruby (EulerOS-SA-2022-2634)

According to the versions of the ruby package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float...

7.5CVSS7.6AI score0.04127EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.7 views

PT-2022-5185

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.23.2 and 1.22.1 and earlier NGINX Open Source Subscription versions R2 P1 and R1 P1 and earlier NGINX Plus versions R27 P1 and R26 P1 and earlier Description The issue is related to a buffer-over-read vulnerability...

9.8CVSS7.9AI score0.99999EPSS
Exploits43References115
OSV
OSV
added 2022/10/04 2:29 p.m.30 views

RLSA-2022:6775 Important: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

8.9CVSS8.3AI score0.0282EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/28 9:30 a.m.39 views

CVE-2022-32166 ovs - buffer over-read

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

9.7AI score0.00551EPSS
Exploits0References3
OSV
OSV
added 2022/09/16 7:39 p.m.12 views

MGASA-2022-0328 Updated zlib packages fix security vulnerability

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

9.8CVSS9.6AI score0.16004EPSS
Exploits1References6
NVD
NVD
added 2022/06/01 3:15 p.m.56 views

CVE-2020-26185

Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability...

7.5CVSS0.01031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.27 views

Ubuntu 18.04 LTS : bl vulnerability (USN-5098-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5098-1 advisory. It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information. Tenable has extracted the preceding...

6.5CVSS7.2AI score0.02183EPSS
Exploits1References2
OSV
OSV
added 2021/09/03 7:18 a.m.4 views

OPENSUSE-SU-2021:2937-1 Security update for libesmtp

This update for libesmtp fixes the following issues: - CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c bsc1160462...

9.8CVSS9.6AI score0.03056EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.35 views

Debian DLA-2698-1 : node-bl - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2698 advisory. - A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume...

6.5CVSS7.4AI score0.02183EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/01/08 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-1047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.03672EPSS
Exploits1References2
CNVD
CNVD
added 2020/11/27 12:0 a.m.6 views

libslirp buffer overread vulnerability (CNVD-2021-44714)

libslirp is a general-purpose TCP-IP emulator for managing virtual network services in a hypervisor. A buffer over-read vulnerability exists in ncsi.c in libslirp 4.3.1 and earlier versions, which stems from ncsi.c attempting to read a certain amount of header data despite having exceeded the tot...

4.3CVSS6.5AI score0.01443EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/23 12:0 a.m.254 views

FreeBSD : libxml -- multiple vulnerabilities (f5abafc0-fcf6-11ea-8758-e0d55e2a8bf9)

CVE mitre reports : CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-24977 GNOME project libxml2...

7.5CVSS7.2AI score0.07836EPSS
Exploits1References4
OSV
OSV
added 2020/09/04 12:15 a.m.24 views

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e...

6.5CVSS7.1AI score
Exploits0References21
Cvelist
Cvelist
added 2020/09/03 11:20 p.m.27 views

CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e...

7AI score0.03672EPSS
Exploits1References21
Github Security Blog
Github Security Blog
added 2020/09/02 3:26 p.m.90 views

Remote Memory Exposure in bl

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS4.1AI score0.02183EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2020/09/02 8:51 a.m.29 views

CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS4.2AI score0.02183EPSS
Exploits1References4
OSV
OSV
added 2020/04/15 12:9 p.m.4 views

OPENSUSE-SU-2020:0522-1 Security update for mp3gain

This update for mp3gain fixes the following issues: Update to version 1.6.2. - CVE-2019-18359: Fixed a buffer over-read was discovered in ReadMP3APETag boo1154971...

5.5CVSS5.5AI score0.01398EPSS
Exploits1References4
OSV
OSV
added 2020/01/21 3:12 p.m.9 views

OPENSUSE-SU-2020:0086-1 Security update for python3

This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer over-read i...

10CVSS8.1AI score0.73327EPSS
Exploits31References83
Rows per page
Query Builder