Lucene search
K

153 matches found

OSV
OSV
added 2021/05/11 8:15 p.m.2 views

DEBIAN-CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...

3.5CVSS6.8AI score0.05765EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2020/12/17 4:24 p.m.3 views

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

6.5CVSS7.2AI score0.00891EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/08/07 12:0 a.m.281 views

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

8.3CVSS6.6AI score0.05166EPSS
Exploits0References18
CNVD
CNVD
added 2020/06/22 12:0 a.m.3 views

Unspecified Vulnerability in Mattermost Mobile Apps (CNVD-2020-35186)

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A security vulnerability exists in Mattermost Mobile Apps prior to version 1.26.0, which can be exploited by an attacker to obtain sensitive information due to the program's failure to clear cookie data after a user log...

5.3CVSS6.4AI score0.00901EPSS
Exploits0References1
OSV
OSV
added 2020/04/08 11:15 p.m.4 views

UBUNTU-CVE-2019-20637

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the...

7.5CVSS7.1AI score0.01746EPSS
Exploits0References5
PostrgeSql
PostrgeSql
added 2019/05/09 12:0 a.m.103 views

Vulnerability in packaging (CVE-2019-10128)

EnterpriseDB Windows installer does not clear permissive ACL entries Due to both the EnterpriseDB and BigSQL Windows installers not locking down the permissions of the PostgreSQL binary installation directory and the data directory, an unprivileged Windows user account and an unprivileged...

7.8CVSS8.1AI score0.00428EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/09/25 2:29 p.m.3 views

CVE-2018-6053

Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page...

3.3CVSS7.3AI score0.00755EPSS
Exploits0References6
NVD
NVD
added 2018/09/20 1:29 p.m.27 views

CVE-2017-18314

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660,...

10CVSS8.3AI score0.00942EPSS
Exploits0References2
CNVD
CNVD
added 2018/05/16 12:0 a.m.4 views

Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability

The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...

8CVSS8AI score0.01073EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/25 12:0 a.m.6 views

Google Android has an unspecified vulnerability (CNVD-2018-10121)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm FSM9055 and other central processing unit CPU products from Qualcomm for different platforms. A security vulnerability exists in the Qualcomm closed-source component ...

10CVSS6.8AI score0.01252EPSS
Exploits0References1
OSV
OSV
added 2017/09/18 8:29 p.m.14 views

USN-3422-1 linux vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

8CVSS7.8AI score0.16181EPSS
Exploits17References19
OSV
OSV
added 2017/08/29 9:29 p.m.4 views

CVE-2016-2976

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936...

4.3CVSS5.8AI score0.00951EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/08/29 9:29 p.m.2 views

CVE-2016-2976

IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. IBM X-Force ID: 113936...

4.3CVSS5.5AI score0.00951EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/08/28 12:0 a.m.8 views

Linux Kernel 'drivers/acpi/acpica/psobject.c' Local Information Disclosure Vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local information disclosure vulnerability exists in the 'acpipscompletefinalop' function in the drivers/acpi/acpica/psobject.c file in Linux kernel 4.12.9 and earlier, whic...

5.5CVSS5.8AI score0.00408EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.6 views

kernel: S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix)

A vulnerability was found in the Linux kernel in 'tmpfs' file system. When file permissions are modified via 'chmod' and the user is not in the owning group or capable of CAPFSETID, the setgid bit is cleared in inodechangeok. Setting a POSIX ACL via 'setxattr' sets the file permissions as well as...

4.4CVSS6.8AI score0.00404EPSS
Exploits0References4
CNVD
CNVD
added 2017/01/17 12:0 a.m.1 views

Samsung Smartcam Remote Command Execution Vulnerability

Samsung Smartcam is Samsung's smart webcam. A remote command execution vulnerability exists in Samsung Smartcam. Due to improperly cleared iWatch firmware upgrade filename, a remote attacker can exploit the vulnerability to remotely execute commands by constructing a special request to inject...

7.7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/12/16 12:0 a.m.60 views

OsiriX DICOM Viewer 8.0.1 (dulparse.cc) Remote Memory Corruption

!/usr/bin/env python -- coding: utf8 -- OsiriX DICOM Viewer 8.0.1 dulparse.cc Remote Memory Corruption Vulnerability Vendor: Pixmeo Sarl Product web page: http://www.osirix-viewer.com Affected version: OsiriX 8.0.1 Summary: With high performance and an intuitive interactive user interface, OsiriX...

0.6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2016/12/16 12:0 a.m.51 views

OsiriX DICOM Viewer 8.0.1 (dulparse.cc) Remote Memory Corruption Vulnerability

Summary With high performance and an intuitive interactive user interface, OsiriX MD is the most widely used DICOM viewer in the world. It is the result of more than 10 years of research and development in digital imaging. It fully supports the DICOM standard for an easy integration in your...

6.5AI score
Exploits0
exploitpack
exploitpack
added 2016/12/16 12:0 a.m.45 views

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

OsiriX DICOM Viewer 8.0.1 - Memory Corruption !/usr/bin/env python -- coding: utf8 -- OsiriX DICOM Viewer 8.0.1 dulparse.cc Remote Memory Corruption Vulnerability Vendor: Pixmeo Sarl Product web page: http://www.osirix-viewer.com Affected version: OsiriX 8.0.1 Summary: With high performance and a...

0.8AI score
Exploits0
CNVD
CNVD
added 2016/03/10 12:0 a.m.5 views

Microsoft Windows Privilege Elevation Vulnerability (CNVD-2016-01581)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows, which arises from a program's failure to properly clear handles in memory. An attacker could exploit the vulnerability to run arbitra...

7.8CVSS7.5AI score0.0155EPSS
Exploits0References1
Rows per page
Query Builder