Lucene search
K

7654 matches found

CNVD
CNVD
added 2022/04/01 12:0 a.m.16 views

Google Android Information Disclosure Vulnerability (CNVD-2022-44592)

Google Android is a Linux-based open-source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability caused by a lack of permission checking in the DomainVerificationService. An attacker could exploit this vulnerability to cause local information...

5.5CVSS1.8AI score0.00098EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/01 12:0 a.m.9 views

Google Android Information Disclosure Vulnerability (CNVD-2022-44594)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that stems from a lack of permission checking in Device Policy. An attacker could use this vulnerability to obtain sensitive information...

5.5CVSS1.8AI score0.00098EPSS
Exploits0References1
Apple
Apple
added 2022/03/31 12:0 a.m.50 views

About the security content of iOS 15.4.1 and iPadOS 15.4.1

About the security content of iOS 15.4.1 and iPadOS 15.4.1 This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

9.3CVSS9.2AI score0.12642EPSS
Exploits0References1Affected Software2
Code423n4
Code423n4
added 2022/03/31 12:0 a.m.12 views

Result of transfer not checked

Lines of code Vulnerability details Impact A call to transfer is done without checking the results. For certain ERC20 tokens, if insufficient tokens are present, no revert occurs but a result of "false" is returned. So it's important and also a best practice to check this. Note that, in almost al...

6.8AI score
Exploits0
NVD
NVD
added 2022/03/28 11:15 p.m.10 views

CVE-2021-43105

A vulnerability in the bailiwick checking function in Technitium DNS Server = v7.0 exists that allows specific malicious users to inject NS records of any domain even TLDs into the cache and conduct a DNS cache poisoning attack...

4.3CVSS0.00599EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/28 10:2 p.m.12 views

CVE-2021-43105

A vulnerability in the bailiwick checking function in Technitium DNS Server = v7.0 exists that allows specific malicious users to inject NS records of any domain even TLDs into the cache and conduct a DNS cache poisoning attack...

4.9AI score0.00599EPSS
Exploits0References1
CVE
CVE
added 2022/03/28 10:2 p.m.81 views

CVE-2021-43105

Technitium DNS Server vulnerabilities: A bailiwick checking function flaw in versions ≤ 7.0 allows malicious users to inject NS records of any domain (even TLDs) into the cache, enabling DNS cache poisoning. The PT-2022-11786 entry and CNNVD/CVE references corroborate this, stating the impact as ...

4.3CVSS4.6AI score0.00599EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.4 views

The vulnerability of the command-line interface of StarOS systems allows attackers to execute arbitrary commands and increase their privileges.

The vulnerability of the command-line interface of StarOS systems is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

6.2CVSS7.4AI score0.00297EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2022/03/26 3:34 p.m.13 views

[SECURITY] Fedora 36 Update: enchant2-2.3.2-5.fc36

A library that wraps other spell checking backends...

1.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 10:7 p.m.24 views

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Control (CVE-2020-4329)

Summary WebSphere Application Server Liberty could allow a remote, authenticated attacker to obtain sensitive information caused by improper paramater checking which affects IBM Spectrum Control. Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8....

4.3CVSS4.5AI score0.01263EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/03/23 12:0 a.m.13 views

Google Android Elevation of Privilege Vulnerability (CNVD-2022-46302)

Google Android is a Linux-based open-source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a privilege checking error. An attacker could exploit this vulnerability to elevate local privileges...

7.8CVSS4.5AI score0.00098EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2022/03/22 12:12 p.m.167 views

USN-5341-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...

7.8CVSS6.6AI score0.01885EPSS
Exploits2
OSV
OSV
added 2022/03/22 12:12 p.m.6 views

USN-5341-1 binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled checks for memory allocation when parsing relocs in a corrupt file. An attacker could possibly use this issue to cause a denial of service. CVE-2017-17122 It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug...

7.8CVSS6.7AI score0.01885EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2022/03/18 6:15 p.m.5 views

CVE-2022-22664

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...

7.8CVSS7.4AI score0.01055EPSS
Exploits0References4
NVD
NVD
added 2022/03/18 6:15 p.m.27 views

CVE-2022-22664

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...

7.8CVSS0.01055EPSS
Exploits0References3
OSV
OSV
added 2022/03/18 6:15 p.m.1 views

CVE-2022-22634

A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...

7.8CVSS7.6AI score0.01134EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/18 6:15 p.m.5 views

CVE-2022-22635

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges...

9.8CVSS7.2AI score0.01176EPSS
Exploits0References3
NVD
NVD
added 2022/03/18 6:15 p.m.20 views

CVE-2022-22634

A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...

9.3CVSS0.01134EPSS
Exploits0References2
OSV
OSV
added 2022/03/18 6:15 p.m.5 views

CVE-2022-22635

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges...

9.8CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/18 6:15 p.m.6 views

CVE-2022-22634

A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges...

9.3CVSS7.6AI score0.01134EPSS
Exploits0References3
Rows per page
Query Builder