Lucene search
+L

186 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:12 p.m.4 views

Malicious code in focal-todomvc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16b67b7a3687f16911a077102bd98fe5720d14993c8093d88351c3036f11b73f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:12 p.m.6 views

MAL-2022-3090 Malicious code in focal-todomvc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16b67b7a3687f16911a077102bd98fe5720d14993c8093d88351c3036f11b73f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Veracode
Veracode
added 2022/06/16 5:10 p.m.44 views

Privilege Escalation

linux-gcp:focal is vulnerable to privilege escalation. The vulnerability exists in afllc.c which allows an attacker to craft and inject malicious attacks...

5.5CVSS6.4AI score0.00582EPSS
Exploits1References8Affected Software2
UbuntuCve
UbuntuCve
added 2022/03/13 6:15 p.m.57 views

CVE-2022-26981

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c called, indirectly, by tools/louchecktable.c...

7.8CVSS7.3AI score0.01463EPSS
Exploits1References3
Veracode
Veracode
added 2022/02/11 5:33 p.m.18 views

Divide By Zero

speex:focal is vulnerable to a Divide by Zero vulnerability. The function static int readsamples allows attackers to cause a denial of service DoS via a crafted WAV file...

5.5CVSS4.6AI score0.0094EPSS
Exploits1References6Affected Software4
Huntr
Huntr
added 2022/01/24 5:18 a.m.13 views

Heap-based Buffer Overflow in gpac/gpac

Description Heap-based Buffer Overflow in gpac Proof of Concept Version: MP4Box - GPAC version 1.1.0-DEV-rev1659-g7d3281e88-master c 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929...

Exploits0
Huntr
Huntr
added 2022/01/20 7:33 a.m.10 views

Classic Buffer Overflow in gpac/gpac

Description Buffer Overflow in gpac Proof of Concept Version: MP4Box - GPAC version 1.1.0-DEV-rev1647-gb6f68145e-master c 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC:...

0.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2021/12/16 3:15 a.m.25 views

CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS6.3AI score0.01485EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2021/12/01 10:15 a.m.32 views

CVE-2021-4019

vim is vulnerable to Heap-based Buffer Overflow...

7.8CVSS7.1AI score0.01792EPSS
Exploits1References4
Veracode
Veracode
added 2021/08/12 2:53 p.m.36 views

Denial-of-service (DoS)

systemd:focal is vulnerable to denial-of-service. The vulnerability exists in DHCP client which allows an attacker to send a specially crafted DHCP FORCERENEW packet causing an application crash...

6.1CVSS6.3AI score0.01399EPSS
Exploits1References9Affected Software7
Veracode
Veracode
added 2021/06/06 10:38 a.m.18 views

Arbitrary File Read

apport:focal is vulnerable to arbitary file read due to a flaw in the function addinfo...

7.3CVSS2.9AI score0.00289EPSS
Exploits0References2Affected Software5
seebug.org
seebug.org
added 2021/06/01 12:0 a.m.217 views

Microsoft Hyper-V 远程代码执行漏洞(CVE-2021-28476)

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476 "Hyper-V Remote Code Execution Vulnerability", an arbitrary memory read in vmswitch.sys Network virtualization service provider patched by Microso...

6.5CVSS9.3AI score0.38625EPSS
Exploits4
GithubExploit
GithubExploit
added 2021/05/31 6:2 p.m.273 views

Exploit for CVE-2021-28476

CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code...

9.9CVSS9.3AI score0.38625EPSS
Exploits4
Veracode
Veracode
added 2020/09/21 6:22 a.m.26 views

Denial Of Service (DoS)

chromium-browser:focal is vulnerable to denial of service DoS. Heap-based buffer overflow in j2k.c in OpenJPEG allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document...

6.8CVSS7AI score0.01535EPSS
Exploits0References9Affected Software3
NVD
NVD
added 2020/09/11 2:15 p.m.19 views

CVE-2020-16220

In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...

4.3CVSS0.00283EPSS
Exploits0References2
OSV
OSV
added 2020/09/11 2:15 p.m.5 views

CVE-2020-16220

In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References2
Prion
Prion
added 2020/09/11 2:15 p.m.17 views

Input validation

In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...

3.3CVSS5.6AI score0.00283EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2020/09/11 1:15 p.m.26 views

CVE-2020-16222

In Patient Information Center iX PICiX Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct...

8.8CVSS0.00553EPSS
Exploits0References2
NVD
NVD
added 2020/09/11 1:15 p.m.30 views

CVE-2020-16228

In Patient Information Center iX PICiX Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate...

6.4CVSS0.00371EPSS
Exploits0References2
OSV
OSV
added 2020/09/11 1:15 p.m.2 views

CVE-2020-16222

In Patient Information Center iX PICiX Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References2
Rows per page
Query Builder