Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5818 matches found

Positive Technologies
Positive Technologiesadded 2022/01/21 12:0 a.m.5 views

PT-2022-6880 · File +6 · File +6

Name of the Vulnerable Software and Affected Versions: File versions prior to 5.43 Description: The issue is related to a stack-based buffer over-read in the file copystr function in funcs.c, which can lead to a denial of service when a specially crafted file is used. This can be exploited by an...

5.5CVSS8.4AI score0.00656EPSS
Exploits1References46
BDU FSTEC
BDU FSTECadded 2022/01/20 12:0 a.m.3 views

The vulnerability of the t2 encoder in the OpenJPEG library, related to reading data beyond the buffer’s acceptable limits, allows a malicious actor to cause service failures.

The vulnerability of the t2 encoder in the OpenJPEG library for image encoding and decoding involves reading data beyond the acceptable buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.1CVSS6.7AI score0.01443EPSS
Exploits0References11Affected Software5
Microsoft CVE
Microsoft CVEadded 2022/01/19 8:0 a.m.5 views

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c as demonstrated by a stack-based buffer over-read.

...

9.8CVSS8.2AI score0.03056EPSS
Exploits1
Microsoft CVE
Microsoft CVEadded 2022/01/19 8:0 a.m.2 views

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest tSmbNtlmAuthChallenge and tSmbNtlmAuthResponse read and write operations as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.

...

9.8CVSS8.3AI score0.03107EPSS
Exploits1
Microsoft CVE
Microsoft CVEadded 2022/01/19 12:0 a.m.3 views

bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

...

7.5CVSS7AI score0.024EPSS
Exploits0
BDU FSTEC
BDU FSTECadded 2022/01/17 12:0 a.m.3 views

The vulnerability of the `ntfs_runlists_merge_i` function in the NTFS file system driver for the FUSE NTFS-3G module arises from the reading beyond the buffer’s allowed limits. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ntfsrunlistsmergei function in the NTFS file system driver for the FUSE NTFS-3G module relates to reading data from beyond the allowed buffer limits. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause servi...

7.8CVSS6.8AI score0.00393EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTECadded 2022/01/17 12:0 a.m.2 views

The vulnerability of the `ntfsattr_find` and `ntfs_externalattr_find` functions of the NTFS file system driver for the FUSE NTFS-3G module arises from the fact that they involve reading data beyond the allowed buffer limits. This vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ntfsattrfind and ntfsexternalattrfind functions of the NTFS file system driver for the FUSE NTFS-3G module lies in the reading of data beyond the allowed limits of the buffer. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its...

7.8CVSS6.6AI score0.00395EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTECadded 2022/01/17 12:0 a.m.4 views

The vulnerability of the wireshark traffic analysis program, related to reading data beyond the allowed buffer limits, allows a hacker to cause a service failure.

The vulnerability of the wireshark traffic analysis program lies in reading data from buffers beyond their acceptable limits. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

5.3CVSS6.5AI score0.02589EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTECadded 2022/01/17 12:0 a.m.2 views

The vulnerability of the ntfs_ie_lookup function in the NTFS file system driver for the FUSE NTFS-3G module arises from the reading beyond the allowed buffer data limits. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ntfsielookup function in the NTFS file system driver for the FUSE NTFS-3G module relates to reading data from beyond the allowed limits of the buffer. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause...

7.8CVSS6.6AI score0.00396EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTECadded 2022/01/17 12:0 a.m.3 views

The vulnerability of the wireshark traffic analysis program, related to reading data beyond the allowed buffer limits, allows a hacker to cause a service failure.

The vulnerability of the wireshark traffic analysis program lies in reading data from buffers beyond their acceptable limits. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.5CVSS7.1AI score0.03109EPSS
Exploits1References8Affected Software4
OSV
OSVadded 2022/01/13 10:15 p.m.2 views

CVE-2021-34946

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.5AI score0.02041EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.5 views

CVE-2021-34985

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

5.5CVSS5AI score0.01699EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.3 views

CVE-2021-34943

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.2AI score0.01644EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.2 views

CVE-2021-34984

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

5.5CVSS4.9AI score0.01699EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.4 views

CVE-2021-34942

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.5AI score0.02041EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.3 views

CVE-2021-34944

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.2AI score0.01644EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.0 views

CVE-2021-34930

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.5AI score
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.1 views

CVE-2021-34916

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS4.9AI score0.01521EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.1 views

CVE-2021-34927

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.2AI score0.01937EPSS
Exploits0References2
OSV
OSVadded 2022/01/13 10:15 p.m.1 views

CVE-2021-34913

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder