Lucene search
K

7652 matches found

CNNVD
CNNVD
added 2023/01/13 12:0 a.m.4 views

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, Junos OS Evolved, which results in a denial of...

7.5CVSS7.3AI score0.00616EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.30 views

Security Bulletin: Speech to Text, Text to Speech ICP, WebSphere Application Server Liberty Fix

Summary An information disclosure in WebSphere Application Server - Liberty Medium CVE-2020-4329 has been fixed in WebSphere Application Server Liberty 20.0.0.5, included in ICP WatsonTexttoSpeech and Speech to Text v1.1.2 GA: 6/19/20. Vulnerability Details CVEID:CVE-2020-4329 DESCRIPTION: IBM...

4.3CVSS4.3AI score0.01263EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.68 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim (CVE-2022-1621)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Vim CVE-2022-1621 caused by improper bounds checking in the vimstrncpy findword component. Vim is used as part of the base image included in our service components. Please read...

7.8CVSS8AI score0.02276EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.34 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking.(CVE-2021-3634).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking CVE-2021-3634. Libssh, included in RedHat, is used in the base operating system by IBM Watson Speech. Please read the details for...

6.5CVSS7.2AI score0.04683EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/01/12 12:0 p.m.47 views

RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2023-1185)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS5.1AI score0.02006EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/01/11 6:48 p.m.8 views

CVE-2022-4499 The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.

TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password...

6.9AI score0.00709EPSS
Exploits0References1
NVD
NVD
added 2023/01/11 8:15 a.m.20 views

CVE-2021-26402

Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...

7.1CVSS6.8AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2023/01/11 8:15 a.m.5 views

CVE-2021-26409

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...

7.8CVSS5.8AI score0.00189EPSS
Exploits0References1
OSV
OSV
added 2023/01/11 8:15 a.m.4 views

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

5.5CVSS6AI score
Exploits0References1
Prion
Prion
added 2023/01/11 8:15 a.m.15 views

Out-of-bounds

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...

4.3CVSS7.7AI score0.00189EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/11 8:15 a.m.28 views

Input validation

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

1.7CVSS6AI score0.00185EPSS
Exploits0References1Affected Software23
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.3 views

AMD System Management Unit(SMU) 缓冲区错误漏洞

The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in the AMD System Management Unit SMU that stems from insufficient bind checking and could allow an attacker to update the sender/receiver address space to an invalid value...

7.5CVSS7.3AI score0.00616EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.24 views

CVE-2021-26409

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table RMP memory, potentially resulting in a loss of SNP Secure Nested Paging memory integrity...

7.7AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.57 views

CVE-2021-26409

CVE-2021-26409 affects AMD SEV-ES, where insufficient bounds checking can corrupt the Reverse Map (RMP) memory, potentially compromising SNP memory integrity. Public references identify AMD SEV-ES-related memory integrity risk; mitigation guidance is distributed via AMD’s PSU/AGS updates (AMD-SB-...

7.8CVSS7.7AI score0.00189EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.23 views

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

5.8AI score0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/10 8:56 p.m.11 views

CVE-2021-26404

Improper input validation and bounds checking in SEV firmware may leak scratch buffer bytes leading to potential information disclosure...

7.2AI score0.00185EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.64 views

CVE-2021-26404

CVE-2021-26404 affects AMD SEV firmware; root cause is improper input validation and bounds checking that may leak scratch buffer bytes, potentially leading to information disclosure. Documents indicate mitigations via AMD’s BIOS updates (AMD-SB-1032) with platform-specific versions (e.g., MilanP...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/10 8:56 p.m.25 views

CVE-2021-26402

Insufficient bounds checking in ASP AMD Secure Processor firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability...

7.6AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2023/01/10 8:56 p.m.81 views

CVE-2021-26402

CVE-2021-26402 describes insufficient bounds checking in the AMD Secure Processor (ASP) firmware during BIOS mailbox handling, enabling an attacker to write partially controlled data out-of-bounds into SMM or SEV-ES regions and potentially compromise integrity and availability. The issue is discu...

7.1CVSS7.2AI score0.0018EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder