Lucene search
K

51 matches found

OSV
OSV
added 2021/12/19 7:41 p.m.19 views

GSD-2021-1002538 mlxsw: spectrum: Protect driver from buggy firmware

mlxsw: spectrum: Protect driver from buggy firmware This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.6 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/12/19 7:39 p.m.12 views

GSD-2021-1002475 mlxsw: spectrum: Protect driver from buggy firmware

mlxsw: spectrum: Protect driver from buggy firmware This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.83 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/05/14 8:15 p.m.57 views

CVE-2021-29614

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

7.8CVSS7.7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2018:2401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.08101EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/01/05 12:0 a.m.34 views

Xen xenstored watch DoS (XSA-348)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has...

5.5CVSS7.3AI score0.00438EPSS
Exploits0References2
Xen Project
Xen Project
added 2020/09/22 12:0 p.m.66 views

Missing unlock in XENMEM_acquire_resource error path

ISSUE DESCRIPTION The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to forgetting to unlock a spinlock. IMPACT A buggy or malicious HVM stubdomain can cause a...

5.5CVSS0.2AI score0.00416EPSS
Exploits0Affected Software1
Wired Threat Level
Wired Threat Level
added 2019/03/28 11:18 p.m.57 views

Huawei's Problem Isn't Chinese Backdoors. It's Buggy Software

A British report finds that Huawei equipment, suspected of including backdoors for China's government, suffers from a lack of "basic engineering competence."...

2.5AI score
Exploits0
0day.today
0day.today
added 2018/09/26 12:0 a.m.171 views

Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit

Exploit for linux platform in category local exploits Linux - VMA Use-After-Free via Buggy vmacacheflushall Fastpath Exploit Since commit 615d6e8756c8 "mm: per-thread vma caching", first in 3.15, Linux has per-task VMA caches that contain up to four VMA pointers for fast lookup. VMA caches are...

0.1AI score0.03206EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2018/08/20 12:0 a.m.33 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:2401-1) (Foreshadow)

This update for xen fixes the following security issues : - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest O...

5.6CVSS7.4AI score0.08101EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/05/10 12:0 a.m.42 views

SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

8.8CVSS7.4AI score0.84172EPSS
Exploits12References20
Openbugbounty
Openbugbounty
added 2018/01/19 12:11 a.m.9 views

xn--fqr08vvq5b.xn--ihq79iqymd8n1uj.tw XSS vulnerability

Open Bug Bounty ID: OBB-531313 Description| Value ---|--- Affected Website:| xn--fqr08vvq5b.xn--ihq79iqymd8n1uj.tw Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score...

6.3AI score
Exploits0
0day.today
0day.today
added 2017/11/26 12:0 a.m.51 views

Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared Failed Return Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra: JIT: Inline::InlineCallApplyTargetShared doesn't return the return instruction CVE-2017-11841 Here's a snippet of Inline::Optimize. FOREACHINSTREDITINGinstr, instrNext, func-mheadInstr switch instr-mopcode case...

7.6CVSS7.5AI score0.59642EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2017/07/23 3:29 a.m.27 views

CVE-2017-11531

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage function in coders/histogram.c...

6.5CVSS6.9AI score0.01515EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/03/14 2:59 p.m.22 views

CVE-2017-5668

bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...

9.8CVSS7.3AI score0.02983EPSS
Exploits0References3
hackapp
hackapp
added 2016/04/01 10:1 a.m.11 views

Beach Buggy Blitz - WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Beach Buggy Blitz published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:1 a.m.8 views

Beach Buggy Racing - Dangerous filesystem permissions, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Beach Buggy Racing published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2015/08/14 12:45 a.m.79 views

Incomplete 'Stagefright' Security Patch Leaves Android Vulnerable to Text Hack

Wanna hack someone's Android smartphone by sending just an MMS message? Yes, you can, because Google's patch for the Stagefright vulnerability in hundreds of Millions of Android devices is BUGGY. Last week, Google issued an official patch for Stagefright vulnerability that affects 95 percent of...

10CVSS6.7AI score0.90483EPSS
Exploits6
Oracle linux
Oracle linux
added 2015/07/28 12:0 a.m.64 views

net-snmp security and bug fix update

1:5.5-54.0.1 - Add Oracle ACFS to hrStorage John Haxby orabug 18510373 1:5.5-54 - Quicker loading of IP-MIB::ipAddrTable 1191393 1:5.5-53 - Quicker loading of IP-MIB::ipAddressTable 1191393 1:5.5-52 - Fixed snmptrapd crash when '-OQ' parameter is used and invalid trap is received CVE-2014-3565...

5CVSS1.1AI score0.04619EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

ircd-hybrid 8.0.5 - Denial of Service

No description provided by source. !/usr/bin/perl ircd-hybrid remote denial of service exploit for CVE-2013-0238 quick and dirty h4x by kingcope tested against ircd-hybrid-8.0.5 centos6 please modify below in case of buggy code. enjoy! use Socket; srandtime; $exploitingnick = hybExpl...

5CVSS6.4AI score0.09962EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Computer Associates License Client GETCONFIG Overflow

No description provided by source. $Id: calicclntgetconfig.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

7.1AI score
Exploits0
Rows per page
Query Builder