Lucene search
K

9461 matches found

NVD
NVD
added 2019/05/13 4:29 p.m.27 views

CVE-2018-4016

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

8.8CVSS8.3AI score0.00707EPSS
Exploits0References1
NVD
NVD
added 2019/05/13 4:29 p.m.22 views

CVE-2018-4027

An exploitable denial-of-service vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any physical or...

7.8CVSS5.9AI score0.01735EPSS
Exploits1References1
Prion
Prion
added 2019/05/13 4:29 p.m.22 views

Design/Logic Flaw

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS9.4AI score0.02332EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/05/13 4:29 p.m.11 views

Null pointer dereference

An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot...

7.8CVSS7.4AI score0.0164EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/05/13 4:29 p.m.22 views

Stack overflow

An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution...

7.5CVSS9.8AI score0.02825EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/05/13 4:29 p.m.21 views

Stack overflow

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

5.8CVSS8.9AI score0.00707EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/05/13 4:29 p.m.30 views

CVE-2018-4018

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS9.5AI score0.02332EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/05/13 3:42 p.m.21 views

CVE-2018-4024

An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot...

7.5CVSS7.5AI score0.0164EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/05/13 3:40 p.m.17 views

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

5.3CVSS7.4AI score0.01393EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/05/13 3:24 p.m.22 views

CVE-2018-4026

An exploitable denial-of-service vulnerability exists in the XMLGetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot...

7.5CVSS7.6AI score0.01469EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/05/13 3:21 p.m.29 views

CVE-2018-4016

An exploitable code execution vulnerability exists in the URL-parsing functionality of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

8CVSS9AI score0.00707EPSS
Exploits0References1
NVD
NVD
added 2019/05/10 7:29 p.m.19 views

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

8.1CVSS8.5AI score0.06683EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2019/05/10 6:46 p.m.29 views

CVE-2019-5018

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...

8.1CVSS8.5AI score0.06683EPSS
Exploits1
NVD
NVD
added 2019/05/08 5:29 p.m.10 views

CVE-2019-5014

An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. An attacker can connect to the device to trigger this vulnerability...

6.5CVSS6.4AI score0.00645EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/05/08 4:47 p.m.17 views

CVE-2019-5014

An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. An attacker can connect to the device to trigger this vulnerability...

6.5CVSS6.4AI score0.00645EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.21 views

Rockwell Automation Micrologix 1400 <= 21.2 Ladder Logic Overwrite

Binary data 720216.prm...

10CVSS7.3AI score0.38208EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/05/07 4:19 a.m.7 views

Mozilla: Type-confusion in IonMonkey JIT compiler

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

9.8CVSS7.3AI score0.01699EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/05/07 4:19 a.m.10 views

Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

9.8CVSS7.3AI score0.13197EPSS
Exploits5References5
Prion
Prion
added 2019/05/06 7:29 p.m.15 views

Information disclosure

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The EmbeddedAceTLGetTask.cgi executable is used to retrieve MSCII configuration values within the configuration manager of the AirLink ES450...

4CVSS8.3AI score0.18647EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2019/05/06 6:50 p.m.29 views

CVE-2018-4067

An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an...

6.1AI score0.04132EPSS
Exploits3References4
Rows per page
Query Builder