Lucene search
K

7652 matches found

CVE
CVE
added 2021/08/24 6:49 p.m.101 views

CVE-2021-30879

CVE-2021-30879 affects macOS AppleScript handling (out-of-bounds read). Root cause is an issue in processing a malicious AppleScript binary; Apple fixed this with improved bounds checking. Affected products/versions include macOS Big Sur 11.6.1, macOS Catalina Security Update 2021-007, and macOS ...

7.1CVSS6.2AI score0.00871EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2021/08/24 6:49 p.m.90 views

CVE-2021-30877

CVE-2021-30877 is an Apple macOS AppleScript-related vulnerability involving an out-of-bounds read in an AppleScript binary. The issue was fixed by improved bounds checking and applies to macOS Monterey 12.0.1, Security Update 2021-007 Catalina, and macOS Big Sur 11.6.1. Exploitation could lead t...

7.1CVSS6.2AI score0.00785EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2021/08/24 12:0 a.m.16 views

IBM Tivoli Workload Scheduler Buffer Overflow Vulnerability

IBM Tivoli Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software supports planning, execution, and tracking of jobs across multiple platforms and environments. A security vulnerability exists in IBM Tivoli Workload Scheduler that results...

5.9CVSS2.2AI score0.00254EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/08/23 12:0 a.m.2 views

The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to trigger a service failure.

The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

7.8CVSS7.2AI score0.01272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/23 12:0 a.m.41 views

Apple iTunes < 12.11.4 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.11.4. It is, therefore, affected by multiple vulnerabilities as referenced in the HT212609 advisory. - A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5...

7.8CVSS8.3AI score0.01785EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/08/23 12:0 a.m.35 views

Apple iTunes < 12.11.4 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.11.4. It is, therefore, affected by multiple vulnerabilities as referenced in the HT212609 advisory. - A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5...

7.8CVSS8.3AI score0.01785EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/08/19 1:37 p.m.4 views

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp

A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...

6.2AI score
Exploits0References4
CNVD
CNVD
added 2021/08/19 12:0 a.m.20 views

D-Link DAP-2020 Stack Buffer Overflow Vulnerability (CNVD-2021-67523)

The D-Link DAP-2020 is a wireless N access point. The D-Link DAP-2020 is vulnerable to a stack buffer overflow vulnerability caused by incorrect boundary checking of the var:menu parameter in the webproc endpoint, which could be exploited by an attacker to cause a buffer overflow and execute...

8.8CVSS4.5AI score0.00794EPSS
Exploits0References1
OSV
OSV
added 2021/08/18 7:15 p.m.2 views

CVE-2020-25767

An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnccopyin routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet e.g., forward compression pointer jumps are allowed, which leads to an Out-of-bounds...

7.5CVSS7.3AI score0.01453EPSS
Exploits0References2
Veracode
Veracode
added 2021/08/13 5:50 a.m.38 views

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. Lack of checking that shape of the input or the target shape have both a non-zero number of elements causes an integral division by 0 exception...

5.5CVSS3.6AI score0.00152EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/08/13 12:0 a.m.4 views

The vulnerability of the Cisco Packet Tracer network modeling tool for Windows operating systems stems from errors in the mechanism for checking pathfinding for dynamically attached libraries. This allows a hacker to execute arbitrary code.

The vulnerability of the Cisco Packet Tracer network modeling tool for Windows operating systems is related to errors in the mechanism for checking pathfinding for dynamically attached libraries. Exploiting this vulnerability can allow a hacker to execute arbitrary code...

7.3CVSS7.5AI score0.00318EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.24 views

OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Linux

OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

2.6CVSS6.5AI score0.02735EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.22 views

OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Windows

OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

2.6CVSS6.5AI score0.02735EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/08/12 12:0 a.m.4 views

The vulnerability of the GNU Aspell spell-checking program lies in its ability to write outside the field, allowing a hacker to execute arbitrary code.

The vulnerability of the GNU Aspell spell checker lies in its ability to be executed outside of the field. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00549EPSS
Exploits0References12Affected Software6
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.2 views

Intel Ethernet Adapters 800 代码问题漏洞

Intel Ethernet Adapters 800 is an Ethernet adapter from Intel Corporation USA. A code issue vulnerability exists in Intel Ethernet Adapters 800 that stems from improper conditional checking in the product. An attacker could use this vulnerability to cause information disclosure or denial of...

7.1CVSS7.1AI score0.00325EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.21 views

Rockwellautomation Flex Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS2.4AI score0.03515EPSS
Exploits1References2
OSV
OSV
added 2021/08/09 4:15 p.m.1 views

CVE-2021-20349

IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...

5.3CVSS6.2AI score0.00254EPSS
Exploits0References2
NVD
NVD
added 2021/08/09 4:15 p.m.10 views

CVE-2021-20349

IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...

5.9CVSS0.00254EPSS
Exploits0References2
Prion
Prion
added 2021/08/09 4:15 p.m.13 views

Stack overflow

IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...

4.6CVSS5.4AI score0.00254EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.4 views

IBM Tivoli Workload Scheduler 缓冲区错误漏洞

IBM Tivoli Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software supports planning, execution, and tracking of jobs across multiple platforms and environments. A security vulnerability exists in IBM Tivoli Workload Scheduler that results...

5.9CVSS5.7AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder