Lucene search
K

107 matches found

OSV
OSV
added 2023/11/22 4:15 p.m.3 views

CVE-2023-5385

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfcopyposts function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

4.3CVSS6.7AI score0.00395EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2023/09/18 12:0 a.m.328 views

Ivanti Avalanche MDM Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Avalanche MDM Buffer Overflow', 'Description' = %q This module exploits a buffer overflow condition in Ivanti Avalanche MDM versions befor...

9.8CVSS7.1AI score0.98919EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2023/08/16 12:0 a.m.2 views

CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

5.4AI score0.01229EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/08/05 2:2 a.m.5 views

SUSE CVE-2023-4135

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

6.5CVSS7.9AI score0.00409EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/08/04 1:19 p.m.32 views

CVE-2023-4135 Out-of-bounds read information disclosure vulnerability

A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can ...

6CVSS6.8AI score0.00409EPSS
Exploits0References4
Prion
Prion
added 2023/05/23 8:15 p.m.16 views

Buffer overflow

The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...

7.5CVSS9.3AI score0.01274EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2023/02/15 2:15 p.m.5 views

CVE-2022-32469

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS6AI score0.00132EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.3 views

SUSE CVE-2004-0075

The Vicam USB driver in Linux before 2.4.25 does not use the copyfromuser function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service...

2.1CVSS6.4AI score0.00392EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.2 views

SUSE CVE-2017-7718

hw/display/cirrusvgarop.h in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors related to copying VGA data via the cirrusbitbltropfwdtransp and cirrusbitbltropfwd functions...

5.5CVSS8.4AI score0.00499EPSS
Exploits0References17
OSV
OSV
added 2023/02/15 3:15 a.m.7 views

CVE-2022-32473

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that could lead to corruption of SMRAM and escalation of privileges. This attack can be mitigated using IOMMU...

7CVSS6AI score0.00132EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.6 views

PT-2023-12806 · Qualcomm · Snapdragon +30

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption in a modem, caused by an improper length check while copying data into memory. Recommendations: At the moment,...

9.8CVSS7.1AI score0.00443EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/15 12:0 a.m.4 views

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a modem memory...

9.8CVSS8.3AI score0.00421EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/09/16 7:15 p.m.4 views

CVE-2022-39063

When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...

7.5CVSS7.1AI score0.01079EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/09/02 12:15 p.m.6 views

CVE-2022-22106

Memory corruption in multimedia due to improper length check while copying the data in Snapdragon Auto...

8.4CVSS7.1AI score0.00119EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/02 11:31 a.m.27 views

CVE-2022-22106

Memory corruption in multimedia due to improper length check while copying the data in Snapdragon Auto...

8.4CVSS8.8AI score0.00119EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/02 12:0 a.m.5 views

Qualcomm Multimedia 安全漏洞

Qualcomm Multimedia is a camera driver component from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Multimedia that stems from memory corruption in Multimedia due to incorrect length checking when copying data...

8.4CVSS7.4AI score0.00119EPSS
Exploits0References2
OSV
OSV
added 2022/04/01 11:15 p.m.4 views

CVE-2021-32970

Data can be copied without validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier, which may allow a remote attacker to cause denial-of-service conditions...

7.5CVSS7.1AI score0.01623EPSS
Exploits0References2
OSV
OSV
added 2022/02/09 11:26 p.m.2 views

GHSA-Q85F-69Q7-55H2 Uninitialized variable access in Tensorflow

Impact The implementation of AssignOp can result in copying unitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of allocations, but does not check that the right hand...

7.6CVSS7.2AI score0.00755EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.4 views

The vulnerability of the IBM DB2 database management system lies in the lack of a mechanism to verify the size of copied data. This allows an attacker to execute arbitrary code with root privileges.

The vulnerability of the IBM DB2 database management system is related to the lack of a mechanism for checking the size of copied data. Exploiting this vulnerability could allow an attacker to execute arbitrary code with root privileges...

8.4CVSS7.7AI score
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/05/07 9:10 a.m.30 views

CVE-2020-11293

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

5.1CVSS6.2AI score0.0015EPSS
Exploits0References1
Rows per page
Query Builder