CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2401 matches found

NVD•added 2019/04/04 8:29 p.m.•22 views

CVE-2018-18068

The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 the highest privilege level in ARMv8 memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug...

10CVSS9.7AI score0.03326EPSS

Exploits1References2

Prion•added 2019/04/04 8:29 p.m.•16 views

Design/Logic Flaw

10CVSS9.7AI score0.03326EPSS

Exploits1References2

Cvelist•added 2019/04/04 7:13 p.m.•22 views

CVE-2018-18068

9.7AI score0.03326EPSS

Exploits1References2

CVE•added 2019/04/04 7:13 p.m.•57 views

CVE-2018-18068

CVE-2018-18068 affects the ARM-based hardware debugging feature used on the Raspberry Pi 3 Model B+ (and possibly other devices). The flaw lets a non-secure EL1 debug host read/write any EL3 memory/register via inter-processor debugging, enabling the host to halt the target and elevate its privil...

10CVSS9.6AI score0.03326EPSS

Exploits1References2Affected Software1

myhack58•added 2019/03/29 12:0 a.m.•513 views

From 0 to ReverseShell: router vulnerabilities range the Dvar practice-vulnerability warning-the black bar safety net

The Dvar is a simulation of the arm architecture of the router vulnerability the shooting range, this article will introduce how to get a reverse shell, the intermediate will contain the environment to build, bugs to locate and use, as well as this practical experience. 1. Knowledge base This...

7.2AI score

Exploits0

OpenVAS•added 2019/03/28 12:0 a.m.•31 views

Fedora Update for tcpflow FEDORA-2019-8cdd669aca

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS5.9AI score0.01302EPSS

Exploits1References2

Tenable Nessus•added 2019/03/27 12:0 a.m.•34 views

openSUSE Security Update : systemd (openSUSE-2019-909)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

8.8CVSS7.3AI score0.02279EPSS

Exploits4References21

Fedora•added 2019/03/21 9:47 p.m.•56 views

[SECURITY] Fedora 29 Update: tcpflow-1.5.0-4.fc29

tcpflow is a program that captures data transmitted as part of TCP connections flows, and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being...

5.5CVSS2.2AI score0.01302EPSS

Exploits1

Fedora•added 2019/03/21 9:9 p.m.•40 views

[SECURITY] Fedora 28 Update: tcpflow-1.5.0-4.fc28

5.5CVSS2.2AI score0.01302EPSS

Exploits1

myhack58•added 2019/03/19 12:0 a.m.•169 views

Router exploitation of Stack Overflow-the bounce of the shell's payload configuration-vulnerability warning-the black bar safety net

Previous article talked about the ROP chain is constructed, and finally the direct use of call the execve function, the shellcode can be directly getshell, but in the actual router case of overflow will not be so simple. Here look at together with the DVRF in the title, this question is...

7.5AI score

Exploits0

OPENSUSE Linux•added 2019/03/13 12:0 a.m.•180 views

Security update for obs-service-tar_scm (important)

openSUSE Security Update: Security update for obs-service-tarscm Announcement ID: openSUSE-SU-2019:0326-1 Rating: important References: 1076410 1082696 1105361 1107507 1107944 Cross-References: CVE-2018-12473 CVE-2018-12474 CVE-2018-12476 Affected Products: openSUSE Leap 15.0 An update that solve...

9.8CVSS7.5AI score0.01817EPSS

Exploits0References5

OSV•added 2019/03/07 6:29 p.m.•13 views

CVE-2019-3781

Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password...

8.8CVSS6.6AI score0.01329EPSS

Exploits0References2

Fedora•added 2019/03/02 1:49 a.m.•28 views

[SECURITY] Fedora 29 Update: openocd-0.10.0-11.fc29

The Open On-Chip Debugger OpenOCD provides debugging, in-system programmi ng and boundary-scan testing for embedded devices. Various different boards, targets, and interfaces are supported to ease development time. Install OpenOCD if you are looking for an open source solution for hardware...

9.6CVSS1.2AI score0.04669EPSS

Exploits1

Fedora•added 2019/03/02 1:21 a.m.•28 views

[SECURITY] Fedora 28 Update: openocd-0.10.0-11.fc28

9.6CVSS1.2AI score0.04669EPSS

Exploits1

Hacker One•added 2019/02/27 2:45 p.m.•41 views

VLC (European Commission - DIGIT): Access Violation Reading in libfaad_plugin

1 Basic info of application 1.1 Info of application Application Name VLC media player for Windows Application Version 4.0.0-dev Otto Chriek Download Address http://nightlies.videolan.org/ Testing OS Windows 8 2 Info of test file 2.1 Test file info Normal file name normal.mkv Normal file type...

5.8CVSS8.1AI score0.02812EPSS

Exploits1

ATTACKERKB•added 2019/02/19 5:29 p.m.•4 views

CVE-2019-5765

An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent...

5.5CVSS5.4AI score0.00578EPSS

Exploits0References10