Lucene search
+L

14 matches found

OSV
OSV
added 2026/04/17 8:16 p.m.1 views

CVE-2026-33689 xrdp: Pre-authentication out-of-bounds reads in channel parsers

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase...

8.7CVSS7.2AI score0.00484EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414341 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTROPERCHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in...

7.8CVSS6.6AI score0.00298EPSS
Exploits0References3
OSV
OSV
added 2025/10/06 8:15 a.m.2 views

DEBIAN-CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS5.9AI score0.00171EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/10/06 8:9 a.m.6 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS5.9AI score0.00171EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/10/06 8:9 a.m.12 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS7.3AI score0.00171EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.38 views

PT-2026-45416

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A NULL pointer dereference exists in the gf ac4 pres b 4 back channels present function within the /media tools/av parsers.c file. This issue allows an attacker to cause a Denial of...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References9
OSV
OSV
added 2024/10/12 11:9 a.m.5 views

OESA-2024-2218 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside ...

7.8CVSS6.8AI score0.00622EPSS
Exploits0References60
OSV
OSV
added 2024/10/12 11:9 a.m.5 views

OESA-2024-2216 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside ...

7.8CVSS7.1AI score0.00622EPSS
Exploits0References52
seebug.org
seebug.org
added 2017/11/08 12:0 a.m.41 views

Circle with Disney Startup WiFi Channel Parsing Command Injection Vulnerability(CVE-2017-12094)

Summary An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...

6.9AI score0.00873EPSS
Exploits2
NVD
NVD
added 2017/11/07 4:29 p.m.16 views

CVE-2017-12094

An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...

7.4CVSS7.6AI score0.00873EPSS
Exploits2References1
Prion
Prion
added 2017/11/07 4:29 p.m.13 views

Design/Logic Flaw

An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...

6.1CVSS6.7AI score0.00873EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2017/11/07 4:0 p.m.60 views

CVE-2017-12094

CVE-2017-12094 affects Circle with Disney devices running firmware 2.0.1. The vulnerability arises in the WiFi Channel parsing during startup: an attacker can craft an SSID that, via the hostapd/iwinfo flow, leads to executing arbitrary sed commands on the device. An authenticated attacker only n...

7.4CVSS6.7AI score0.00873EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2017/11/07 4:0 p.m.25 views

CVE-2017-12094

An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...

7.4CVSS7.6AI score0.00873EPSS
Exploits2References1
CNVD
CNVD
added 2017/11/02 12:0 a.m.4 views

Circle with Disney Command Injection Vulnerability (CNVD-2017-33187)

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. A command injection vulnerability exists in the WiFi Channel parsing in Circle with Disney version 2.0.1. The vulnerability can be...

7.4CVSS7.5AI score0.00873EPSS
Exploits2References1
Rows per page
Query Builder