Lucene search
K

7652 matches found

Prion
Prion
added 2021/06/30 11:15 a.m.24 views

Out-of-bounds

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service...

4.6CVSS6.9AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/30 10:24 a.m.23 views

CVE-2021-34379

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 10 is missing. The length of an I/O buffer parameter is not checked, which might lead to memory corruption...

7.7CVSS8.1AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2021/06/30 10:24 a.m.67 views

CVE-2021-34379

CVE-2021-34379 affects NVIDIA Jetson devices running Trusty OS. The HDCP service TA has a bounds-checking flaw in command 10 where the length of an I/O buffer parameter is not checked, potentially leading to memory corruption. The vulnerability is locally exploitable with user interaction not req...

7.7CVSS6.8AI score0.00238EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/30 10:24 a.m.22 views

CVE-2021-34378

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 11 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to information disclosure, denial of service, or escalation of privileges...

7.7CVSS8.3AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2021/06/30 10:24 a.m.65 views

CVE-2021-34378

CVE-2021-34378 affects NVIDIA Jetson devices running Trusty OS. The vulnerability is in the HDCP service TA where bounds checking in command 11 is missing, enabling memory-bounds violations that can cause information disclosure, denial of service, or privilege escalation. Affected products includ...

7.7CVSS7.1AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/30 10:24 a.m.21 views

CVE-2021-34377

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service...

7.7CVSS8.2AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2021/06/30 10:24 a.m.64 views

CVE-2021-34377

CVE-2021-34377 affects NVIDIA Jetson Trusty HDCP service TA: bounds checking is missing in command 9, enabling potential memory corruption. This local, low-complexity issue could lead to privilege escalation, information disclosure, and denial of service. NVIDIA’s security bulletin lists updated ...

7.7CVSS7AI score0.00242EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/30 10:24 a.m.61 views

CVE-2021-34376

CVE-2021-34376 concerns Trusty’s HDCP service TA where bounds checking in command 5 is missing. This memory-bound violation can lead to denial of service, escalation of privileges, and information disclosure. Connected NVIDIA and Red Hat/NVD entries corroborate that Trusty TLK/HDCP TA is the affe...

7.7CVSS7AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/30 10:24 a.m.24 views

CVE-2021-34376

Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 5 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to denial of service, escalation of privileges, and information disclosure...

7.7CVSS8.1AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.5 views

Coral 安全漏洞

coral is an open source project. Improve the community on your website through smart technology, effective design, and efficient strategy. A security vulnerability exists in Coral Talk 4 versions prior to 4.12.1, which stems from the use of incorrect data types for program privilege checking, and...

7.5CVSS7.4AI score0.02312EPSS
Exploits1References5
NVD
NVD
added 2021/06/28 4:15 p.m.14 views

CVE-2021-20572

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247...

6.5CVSS0.01498EPSS
Exploits0References2
NVD
NVD
added 2021/06/28 4:15 p.m.13 views

CVE-2021-20573

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...

6.5CVSS0.01498EPSS
Exploits0References2
Prion
Prion
added 2021/06/28 4:15 p.m.13 views

Heap overflow

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...

4CVSS6.8AI score0.01498EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/28 4:10 p.m.15 views

CVE-2021-20573

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249...

6.5CVSS6.4AI score0.01498EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/06/28 4:10 p.m.16 views

CVE-2021-20572

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247...

6.5CVSS6.4AI score0.01498EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.19 views

ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in Image Uploader Component

The cover photo and profile photo upload functionalities of the plugin were vulnerable to arbitrary file uploads due to the use of exifimagetype for filetype checking. PoC 'Hax0r2', 'regemail' = '[email protected]', 'regpassword' = 'password', 'regpasswordpresent' = 'true', 'regfirstname' =...

9.8CVSS2.1AI score0.02101EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/06/28 12:0 a.m.116 views

ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component

There is functionality in the plugin to add file uploads to user registrations and profile updates that had no file type checking in place making it possible for arbitrary files to be uploaded. PoC fh = open'shell.php', 'wb' fh.writeb'\xFF\xD8\xFF\xE0' + b'' fh.close 'Hax0r', 'regemail' =...

9.8CVSS1.4AI score0.06744EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2021/06/25 6:15 p.m.2 views

CVE-2020-4609

IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...

7.8CVSS7.7AI score
Exploits0References2
NVD
NVD
added 2021/06/25 6:15 p.m.17 views

CVE-2020-4609

IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...

7.8CVSS0.00295EPSS
Exploits0References2
Prion
Prion
added 2021/06/25 6:15 p.m.17 views

Buffer overflow

IBM Security Sevret Server IBM Security Verify Privilege Manager 10.8.2 is vulnerable to a buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and execute arbitrary code on the system or cause the system to crash. IBM X-Force ID: 184917...

4.6CVSS7.7AI score0.00295EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder