Lucene search
K

7652 matches found

CVE
CVE
added 2021/09/08 1:49 p.m.104 views

CVE-2021-30791

CVE-2021-30791 is an Apple vulnerability described as an out-of-bounds read that was addressed by improved bounds checking. The NVD entry notes the issue is fixed in iOS 14.7 and macOS Big Sur 11.5, with processing a maliciously crafted file potentially disclosing user information. Connected sour...

5.5CVSS5.7AI score0.01081EPSS
Exploits0References4Affected Software4
CVE
CVE
added 2021/09/08 1:48 p.m.112 views

CVE-2021-30785

CVE-2021-30785 involves a buffer overflow in Apple’s image processing path (ImageIO) that could be triggered by a maliciously crafted image and may lead to arbitrary code execution. The root cause is described as an overflow that was addressed with improved bounds checking. Affected fixes are ava...

7.8CVSS7.9AI score0.01785EPSS
Exploits0References6Affected Software5
Cvelist
Cvelist
added 2021/09/08 1:48 p.m.18 views

CVE-2021-30785

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution...

8.1AI score0.01785EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/09/08 1:44 p.m.27 views

CVE-2021-30735

A malicious application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An out-of-bounds write issue was addressed with improved bounds checking...

8.4AI score0.01329EPSS
Exploits1References3
CVE
CVE
added 2021/09/08 1:44 p.m.103 views

CVE-2021-30735

CVE-2021-30735 affects macOS Big Sur, Catalina, and Mojave with an out-of-bounds write that could let a malicious local application execute code with kernel privileges. The issue is described as fixed by Apple in Big Sur 11.4 and Security Update 2021-003 (Catalina) / 2021-004 (Mojave), with impro...

9.3CVSS8.1AI score0.01329EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2021/09/08 1:41 p.m.25 views

CVE-2021-30728

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges...

8.4AI score0.0128EPSS
Exploits0References3
CVE
CVE
added 2021/09/08 1:41 p.m.90 views

CVE-2021-30728

CVE-2021-30728 is an out-of-bounds write vulnerability addressed in macOS Big Sur 11.4 and Security Updates 2021-003 (Catalina) and 2021-004 (Mojave). The issue allows a malicious application to execute arbitrary code with kernel privileges due to insufficient bounds checking in affected kernel c...

9.3CVSS8.1AI score0.0128EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/09/08 1:41 p.m.20 views

CVE-2021-30726

A malicious application may be able to execute arbitrary code with kernel privileges. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An out-of-bounds write issue was addressed with improved bounds checking...

8.4AI score0.0128EPSS
Exploits0References3
Redos
Redos
added 2021/09/08 12:0 a.m.26 views

ROS-2-811

2.811 Multiple vulnerabilities in Apache Tomcat CVE-2021-25122, CVE-2021-25329 1. Vulnerability Description: CVE-2021-25122 CVE-2021-25322 CVE-2021-25329 The vulnerability allows a remote attacker to gain access to sensitive information. The vulnerability exists due to mismanagement of internal...

7.8CVSS7.7AI score0.18114EPSS
Exploits16
Redos
Redos
added 2021/09/08 12:0 a.m.23 views

ROS-2-1506

2.1506 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

7.3AI score0.0262EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.12 views

ROS-2-826

2.826 Multiple vulnerabilities in Mozilla Thunderbird CVE-2021-29957, CVE-2021-29956 1. Vulnerability Description: The vulnerability allows a remote attacker to bypass the security restrictions imposed.FSTEC Russia Information Security Threat Data Bank Identifier: BDU:2021-02725, BDU:2021-02726...

5.9CVSS7.3AI score0.04006EPSS
Exploits3
Redos
Redos
added 2021/09/08 12:0 a.m.10 views

ROS-2-630

2.630 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

7.7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/08 12:0 a.m.13 views

lack of validation for the v and s value in recover() funciton

Handle JMukesh Vulnerability details Impact due to lack of checking of v and s value in recover it become prone to signature malleability Proof of Concept check out the tryRecover of ECDSA.sol Tools Used manual reveiw Recommended Mitigation Steps add necessary check to make the signature unique -...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2021/09/06 6:4 p.m.69 views

CVE-2021-39258

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS2.2AI score0.00395EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/09/06 6:4 p.m.56 views

CVE-2021-39263

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS2.2AI score0.00424EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/09/06 6:4 p.m.70 views

CVE-2021-39260

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS2.2AI score0.00392EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/09/06 5:22 p.m.55 views

CVE-2021-39255

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS2.2AI score0.00395EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2021/09/06 3:4 p.m.43 views

CVE-2021-33285

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS2.4AI score0.00386EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/09/06 12:0 a.m.6 views

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chips that stems from a lack of da...

7.8CVSS7.3AI score0.00579EPSS
Exploits0References7
Prion
Prion
added 2021/08/31 5:15 p.m.20 views

Design/Logic Flaw

The npm package "tar" aka node-tar before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieve...

4.4CVSS9.4AI score0.03286EPSS
Exploits0References6Affected Software4
Rows per page
Query Builder