CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4742 matches found

OSV•added 2019/09/06 12:54 p.m.•1 views

USN-4124-1 exim4 vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

10CVSS7.3AI score0.65447EPSS

Exploits3References3

OSV•added 2019/08/14 9:15 p.m.•2 views

CVE-2019-1171

An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected...

5.6CVSS5.9AI score0.00475EPSS

Exploits0References1

IBM Security Bulletins•added 2019/08/13 7:16 p.m.•41 views

Security Bulletin: IBM MQ Appliance is affected by a Network Security Services (NSS) vulnerability (CVE-2017-5461)

Summary IBM MQ Appliance has addressed a vulnerability in Network Security Services NSS. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write during Base64 decoding operation...

9.8CVSS2.7AI score0.00608EPSS

Exploits0Affected Software1

Tenable Nessus•added 2019/08/12 12:0 a.m.•46 views

NewStart CGSL MAIN 4.05 : nss Multiple Vulnerabilities (NS-SA-2019-0105)

The remote NewStart CGSL host, running version MAIN 4.05, has nss packages installed that are affected by multiple vulnerabilities: - An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted...

9.8CVSS8.4AI score0.01449EPSS

Exploits0References3

Veracode•added 2019/08/05 5:35 a.m.•34 views

Buffer Overflow

libpng is vulnerable to buffer overflow. The attack exists because of a flaw in PNM decoding which causes a stack overflow in the function gettoken in pnm2png.c in pnm2png...

8.8CVSS4.7AI score0.01831EPSS

Exploits1References6Affected Software2

CNVD•added 2019/07/31 12:0 a.m.•1 views

libopenmpt Input Validation Error Vulnerability (CNVD-2020-22391)

libopenmpt is a cross-platform C and C++ based audio library that decodes audio files into raw PCM audio streams. An input validation error vulnerability exists in libopenmpt. No details of the vulnerability are available at this time...

6.5CVSS7AI score0.0052EPSS

Exploits0References1

RedHat Linux•added 2019/07/30 7:50 p.m.•1 views

nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service...

7.5CVSS6.8AI score0.00273EPSS

Exploits1References4

0day.today•added 2019/07/30 12:0 a.m.•62 views

iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1 Exploit

There is a memory corruption vulnerability when decoding an object of class NSKnownKeysDictionary1. This class decodes an object of type NSKnownKeysMappingStrategy1, which decodes a length member which is supposed to represent the length of the keys of the dictionary. However, this member is...

9.8CVSS0.4AI score0.09031EPSS

Exploits1

0day.today•added 2019/07/29 12:0 a.m.•16 views

Linux/x86 - NOT +SHIFT-N+ XOR-N Encoded /bin/sh Shellcode (168 bytes)

/ description ; Title : X64 NOT +SHIFT-N+ XOR-N encoded /bin/sh - shellcode ; Author : Pedro Cabral ; Twitter : @CabrallPedro ; LinkedIn : https://www.linkedin.com/in/pedro-cabral1992 ; SLAE ID : SLAE64 - 1603 ; Purpose : spawn /bin/sh shell ; Tested On : Ubuntu 16.04.6 LTS ; Arch : x64 ; Size :...

7.1AI score

Exploits0

OPENSUSE Linux•added 2019/07/23 12:0 a.m.•99 views

Security update for ImageMagick (moderate)

openSUSE Security Update: Security update for ImageMagick Announcement ID: openSUSE-SU-2019:1795-1 Rating: moderate References: 1138425 1138464 Cross-References: CVE-2019-11597 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is n...

8.1CVSS7.9AI score0.00222EPSS

Exploits1References2

OSV•added 2019/07/17 4:15 p.m.•0 views

UBUNTU-CVE-2019-13626

SDL Simple DirectMedia Layer 2.x through 2.0.9 has a heap-based buffer over-read in FillIMAADPCMblock, caused by an integer overflow in IMAADPCMdecode in audio/SDLwave.c...

6.5CVSS6.9AI score0.01205EPSS

Exploits1References4

Hacker One•added 2019/07/12 3:23 p.m.•153 views

Internet Bug Bounty: Basic Authentication Heap Overflow

Summary: An attacker can get arbitrary data overflowed in the heap via Basic Authorization base64 blob. Even when basic auth isn't configured. Report sent to developers When calling HttpHeader::getAuth the field value will be base64 decoded. The call to the decode method doesn't ensure that the...

6.8CVSS9.9AI score0.1216EPSS

Exploits0

OSV•added 2019/07/11 7:15 p.m.•23 views

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

5.9CVSS6.4AI score

Exploits0References12

OSV•added 2019/07/10 12:15 p.m.•2 views

AZL-44014 CVE-2018-14550 affecting package libpng15 1.5.30-15