Lucene search
K

141 matches found

BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.7 views

The vulnerability in the implementation of the fetch() function for obtaining resources from the Fetch API interface of Mozilla Firefox and Firefox-ESR browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the implementation of the fetch function for obtaining resources through the Fetch API on Mozilla Firefox and Firefox-ESR browsers is related to an error in returning temporary local copies of resources. These resources were sent with a cache header indicating “no caching”...

7.1CVSS7AI score0.02323EPSS
Exploits0References13Affected Software7
OSV
OSV
added 2020/07/22 5:15 p.m.2 views

UBUNTU-CVE-2020-6510

Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7.8CVSS7.4AI score0.01583EPSS
Exploits0References2
OSV
OSV
added 2020/05/05 5:15 a.m.5 views

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

4.1CVSS7.3AI score
Exploits0References9
NVD
NVD
added 2020/05/05 5:15 a.m.22 views

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

4.7CVSS5.5AI score0.00328EPSS
Exploits0References9
Prion
Prion
added 2020/05/05 5:15 a.m.36 views

Race condition

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

4.7CVSS5.4AI score0.00328EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2020/05/05 4:23 a.m.32 views

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

5.7AI score0.00328EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2020/05/05 4:23 a.m.60 views

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

4.7CVSS6.6AI score0.00328EPSS
Exploits0
OSV
OSV
added 2020/03/24 8:15 p.m.4 views

CVE-2019-20610

An issue was discovered on Samsung mobile devices with N7.X and O8.X Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 April 2019...

8.1CVSS7.5AI score0.00581EPSS
Exploits0References1
Prion
Prion
added 2020/03/24 8:15 p.m.20 views

Double free

An issue was discovered on Samsung mobile devices with N7.X and O8.X Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 April 2019...

9.3CVSS8.3AI score0.00581EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/24 7:23 p.m.34 views

CVE-2019-20610

An issue was discovered on Samsung mobile devices with N7.X and O8.X Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 April 2019...

8.3AI score0.00581EPSS
Exploits0References1
CVE
CVE
added 2020/03/24 7:23 p.m.55 views

CVE-2019-20610

The CVE-2019-20610 entry describes a double-fetch vulnerability in Trustlet on Samsung mobile devices running N(7.X) and O(8.X) with Exynos 7570/7870/7880/7885/8890/8895/9810 chipsets, enabling arbitrary TEE code execution. Affected component: Trustlet in the TEE. Root cause: double-fetch window ...

9.3CVSS8.2AI score0.00581EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/26 6:15 p.m.14 views

Design/Logic Flaw

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse. First, a specially crafted URL could be used in a phishing attack to hijack the trust the user and the browser have with the website and could serve malicious content...

6.4CVSS9.2AI score0.01114EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/05/30 2:29 p.m.9 views

CVE-2019-12456

An issue was discovered in the MPT3COMMAND case in ctlioctlmain in drivers/scsi/mpt3sas/mpt3sasctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of iocnumber between two kernel reads of that...

7.8CVSS7.8AI score
Exploits0References10
Cvelist
Cvelist
added 2019/05/30 11:38 a.m.24 views

CVE-2019-12456

An issue was discovered in the MPT3COMMAND case in ctlioctlmain in drivers/scsi/mpt3sas/mpt3sasctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of iocnumber between two kernel reads of that...

7AI score0.00406EPSS
Exploits0References10
OSV
OSV
added 2019/03/27 1:29 p.m.4 views

ALPINE-CVE-2019-3828

Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path...

4.2CVSS6.7AI score0.00522EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/09/02 12:0 a.m.8 views

PT-2018-3976 · Xpdf +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: Xpdf version 4.00 Description: The issue is related to errors in the code of the Xpdf software, specifically in the XRef::fetch function in XRef.cc. It allows remote attackers to cause a denial of service, which is a stack consumption, via a...

9.1CVSS5.8AI score0.01618EPSS
Exploits22References69
CVE
CVE
added 2018/04/24 7:0 p.m.56 views

CVE-2016-9038

CVE-2016-9038 : A double-fetch race condition exists in the Invincea-X (Dell Protected Workspace) SboxDrv.sys driver (version 6.1.3-24058). The vulnerability stems from reading a user-supplied pointer to a driver-version buffer twice: first via ProbeForWrite and then again during memcpy, using in...

7.8CVSS7.6AI score0.00313EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2018/01/11 4:29 p.m.28 views

CVE-2018-5189

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.8CVSS7.5AI score0.01204EPSS
Exploits3References2
Prion
Prion
added 2018/01/11 4:29 p.m.18 views

Race condition

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service buffer overflow or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability...

7.2CVSS7.5AI score0.01204EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2018/01/11 4:0 p.m.62 views

CVE-2018-5189

CVE-2018-5189 affects Jungo Windriver 12.5.1. A race condition (double-fetch) in a Windriver IOCTL handler allows local users to overflow a pool buffer, potentially causing denial of service or privilege escalation to SYSTEM. Exploitation demonstrated via kernel pool spraying and a crafted Event ...

7.8CVSS7.5AI score0.01204EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder