Lucene search
K

66 matches found

Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36057 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.9 Description: The issue is related to a wrong reg type conversion in the release reference function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.1AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/24 8:35 p.m.8 views

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

9.7AI score0.03596EPSS
Exploits0References1
OSV
OSV
added 2022/06/08 11:54 a.m.3 views

USN-5472-1 ffmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

9.8CVSS7AI score0.0269EPSS
Exploits30References35
OSV
OSV
added 2021/11/18 9:50 p.m.9 views

MGASA-2021-0511 Updated python-django-filter packages fix security vulnerability

In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents...

7.5CVSS7.5AI score0.01797EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/08/25 2:43 p.m.46 views

Integer overflow due to conversion to unsigned

Impact The implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV4Grad...

5.5CVSS6.1AI score0.00152EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2021/08/10 9:15 p.m.7 views

CVE-2020-21681

A global buffer overflow in the setcolor component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

5.5CVSS6AI score
Exploits0References1
Prion
Prion
added 2021/01/18 8:15 a.m.15 views

Type confusion

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restart...

6.8CVSS7.3AI score0.0263EPSS
Exploits0References9Affected Software4
CVE
CVE
added 2021/01/18 7:13 a.m.84 views

CVE-2021-25175

CVE-2021-25175 affects the Open Design Alliance Drawings SDK prior to 2021.11. It is a UNTRUSTED POINTER DEREFERENCE vulnerability that occurs while parsing DXF/DWG files, potentially allowing remote code execution in the context of the affected process. Public advisories (ZDI) describe remote co...

7.8CVSS7.3AI score0.0263EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2020/07/07 11:43 a.m.7 views

SUSE-SU-2019:3184-2 Security update for ffmpeg

This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2019-17542: Fixed a heap-buffer overflow in vqadecodechunk due to an out-of-array access bsc1154064. - CVE-2019-12730: Fixed an uninitialized use of variables due to an improper check bsc1137526. - CVE-2019-9718: Fixe...

9.8CVSS7.8AI score0.03032EPSS
Exploits0References9
OSV
OSV
added 2020/02/19 8:35 a.m.12 views

SUSE-SU-2020:0411-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issue fixed: - CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage bsc1159861. - CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage bsc1160369. Non-security issue fixed: - Fixed an issue where...

9.8CVSS9.5AI score0.03678EPSS
Exploits1References6
OSV
OSV
added 2020/02/05 11:13 a.m.5 views

OPENSUSE-SU-2020:0170-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issue fixed: - CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage bsc1159861. - CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage bsc1160369. Non-security issue fixed: - Fixed an issue where...

9.8CVSS9.6AI score0.03678EPSS
Exploits1References6
OSV
OSV
added 2019/12/03 1:17 p.m.5 views

OPENSUSE-SU-2019:2613-1 Security update for libidn2

This update for libidn2 to version 2.2.0 fixes the following issues: - CVE-2019-12290: Fixed an improper round-trip check when converting A-labels to U-labels bsc1154884. - CVE-2019-18224: Fixed a heap-based buffer overflow that was caused by long domain strings bsc1154887. This update was import...

9.8CVSS8.8AI score0.03708EPSS
Exploits1References5
CVE
CVE
added 2017/10/20 3:0 p.m.71 views

CVE-2017-6145

CVE-2017-6145 affects F5 BIG-IP products with iControl REST. The issue arises in the service that converts BIGIPAuthCookie cookies to X-F5-Auth-Token tokens, failing to re-validate cookies during conversion. This allows an expired, previously valid cookie to be converted into a valid token, enabl...

7.5CVSS7AI score0.01053EPSS
Exploits0References1Affected Software10
OSV
OSV
added 2016/10/23 8:49 a.m.8 views

MGASA-2016-0353 Updated openjpeg packages fix security vulnerability

The openjpeg library was vulnerable to a crash when converting images due to a NULL pointer dereference in readpnmheader CVE-2016-7445...

7.5CVSS6.3AI score0.04191EPSS
Exploits1References3
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.87 views

APPLE-SA-2015-10-21-7 Xcode 7.1

APPLE-SA-2015-10-21-7 Xcode 7.1 Xcode 7.1 is now available and addresses the following: Swift Available for: OS X Yosemite v10.10.5 or later Impact: Swift programs performing certain type conversions may receive unexpected values Description: A type conversion issue existed that could lead to...

7.5CVSS6AI score0.01619EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.34 views

Oracle Linux 6 : stunnel (ELSA-2013-0714)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2013-0714 advisory. 4.29-3 Resolves: CVE-2013-1762 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

6.6CVSS8.2AI score0.02932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/05/21 12:0 a.m.41 views

RHEL 6 : kernel (RHSA-2013:0841)

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

8.4CVSS7.3AI score0.47709EPSS
Exploits15References5
RedHat Linux
RedHat Linux
added 2013/05/17 3:9 p.m.62 views

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detail...

8.4CVSS6.9AI score0.47709EPSS
Exploits15References4
OSV
OSV
added 2013/04/25 11:55 p.m.8 views

CVE-2013-0233

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass...

6.8AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2011/01/24 12:0 a.m.34 views

Fedora 13 : maniadrive-1.2-26.fc13.1 / maniadrive-data-1.2-5.fc13 / php-5.3.5-1.fc13 / etc (2011-0321)

This release resolves a critical issue, reported as PHP bug 53632 and CVE-2010-4645, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers. Note that Tenable Network Security has extracted the preceding description block directly from t...

5CVSS8.3AI score0.15103EPSS
Exploits1References6
Rows per page
Query Builder