Lucene search
+L

560 matches found

Prion
Prion
added 2022/11/08 10:15 p.m.28 views

Code injection

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor...

4CVSS6.5AI score0.00716EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/28 6:24 a.m.26 views

CVE-2022-3616 OctoRPKI crash when maximum iterations number is reached

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...

5.4CVSS7.1AI score0.00404EPSS
Exploits0References4
ICS
ICS
added 2022/10/20 12:0 a.m.38 views

Bentley Systems MicroStation Connect

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Bentley Systems Equipment: MicroStation Connect Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may crash the device being accessed or...

7.8CVSS8.5AI score0.00332EPSS
Exploits0References5
CNVD
CNVD
added 2022/10/19 12:0 a.m.34 views

Oracle MySQL Denial of Service Vulnerability (CNVD-2022-91134)

Oracle MySQL is a relational database from Oracle Corporation. A denial of service vulnerability exists in the Server: Optimizer component of Oracle MySQL. An attacker can exploit this vulnerability to compromise MySQL Server by accessing the network over multiple protocols and cause it to hang o...

4.9CVSS5AI score0.00962EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/09/21 1:19 p.m.45 views

CVE-2022-38178

A flaw was found in the Bind package, where the DNSSEC verification code for the EdDSA algorithm leaks memory when there is a signature length mismatch. By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak, resulting in...

7.5CVSS2.1AI score0.02176EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/09/21 10:15 a.m.46 views

CVE-2022-38178

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.7AI score0.02176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/21 12:0 a.m.60 views

Slackware Linux 15.0 / current bind Multiple Vulnerabilities (SSA:2022-264-01)

The version of bind installed on the remote host is prior to 9.16.33 / 9.18.7. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-264-01 advisory. - By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the...

7.5CVSS6.9AI score0.02299EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/09/13 12:55 p.m.50 views

CVE-2022-39028

A flaw was found in MIT krb5-appl, where it has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. The telnetd application would crash in a typical installation, but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short ti...

7.5CVSS0.8AI score0.01657EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/09/08 12:0 a.m.43 views

Oracle Linux 8 : istio (ELSA-2022-9773)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9773 advisory. - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 - Adress Istio CVE-2022-31045, CVE-2022-29225,...

10CVSS6.7AI score0.02701EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/09/08 12:0 a.m.45 views

Oracle Linux 7 : istio (ELSA-2022-9774)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9774 advisory. - Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045 - Adress Istio CVE-2022-31045, CVE-2022-29225,...

10CVSS6.7AI score0.02701EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/04 12:0 a.m.4 views

PT-2022-37245 · Jxl · Jxl

Name of the Vulnerable Software and Affected Versions: jxl affected versions not specified Description: A heap buffer overflow read issue has been identified. The crash occurs in the jxl::N AVX2::BlendingStage::ProcessPaddingRow function, which is part of the...

7.5AI score
Exploits0References2
CVE
CVE
added 2022/09/01 7:56 p.m.2040 views

CVE-2022-2238

CVE-2022-2238 affects Red Hat Advanced Cluster Management for Kubernetes, specifically the search-api container. The vulnerability arises when a backend parses a search filter query, allowing crafted strings with special characters to crash the pod and impact availability. Public docs in RHSA adv...

6.5CVSS6.3AI score0.00822EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/01 7:56 p.m.34 views

CVE-2022-2238

A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. This flaw allows an attacker to craft specific strings containing special characters that lead to crashing the pod and affects...

6.5AI score0.00822EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/08/30 12:0 a.m.43 views

CVE-2022-39028

telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...

7.7AI score0.01657EPSS
Exploits1References4
Veracode
Veracode
added 2022/07/20 11:6 a.m.28 views

Denial Of Service (DoS)

libtirpc.so is vulnerable to denial of service DoS. The vulnerability exists in svcrun because does not properly handle idle TCP connections which allows an attacker to crash the application by providing malicious input...

7.5CVSS2.7AI score0.02088EPSS
Exploits0References7Affected Software2
Veeam
Veeam
added 2022/07/19 12:0 a.m.11 views

Hyper-V Crashing or Rebooting During Backup Due to Anti-Virus

Challenge During the backup of a Hyper-V VM, the Hyper-V host may crash BSOD with a bug check 34 or 0x22. Solution Veeam Support has seen similar cases to this from time to time, they are generally considered rare, and when they do occur, the underlying cause requires extensive investigation. It ...

6.7AI score
Exploits0
Prion
Prion
added 2022/07/18 5:15 p.m.20 views

Memory corruption

A potential memory corruption issue was found in Capsule Workspace Android app running on GrapheneOS. This could result in application crashing but could not be used to gather any sensitive information...

5CVSS7.5AI score0.15213EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/18 4:9 p.m.31 views

CVE-2022-23745

A potential memory corruption issue was found in Capsule Workspace Android app running on GrapheneOS. This could result in application crashing but could not be used to gather any sensitive information...

7.8AI score0.15213EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/14 12:0 a.m.24 views

Siemens SCALANCE X Switches Buffer Overflow Vulnerability

Siemens SCALANCE X Switches, an industrial Ethernet switch product from Siemens, Germany, is vulnerable to a buffer overflow vulnerability that could be exploited by an unauthenticated attacker to crash the affected device...

8.2CVSS3.6AI score0.00912EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2022/06/30 8:38 p.m.96 views

CVE-2022-31045

A flaw was found in Istio. Memory access violation of ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access, resulting in undefined behavior or crashing...

9.8CVSS2.8AI score0.01014EPSS
Exploits0References5
Rows per page
Query Builder