Lucene search
K

193 matches found

OSV
OSV
added 2024/06/16 1:15 p.m.2 views

DEBIAN-CVE-2024-38439

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS8.7AI score0.00931EPSS
Exploits1References1
OSV
OSV
added 2024/06/16 1:15 p.m.3 views

UBUNTU-CVE-2024-38440

Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BNbin2bn in etc/uams/uamsdhxpam.c. The original issue 1097 report stated: 'The latest version of Netatalk v3.2.0 contains a security...

7.5CVSS7.4AI score0.0088EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/06/16 12:0 a.m.5 views

Netatalk Security Vulnerabilities

Netatalk is open source software that provides AFP file server functionality for Classic Mac OS and macOS on Unix-like OS. A security vulnerability exists in Netatalk version 3.2.0, which stems from etc/uams/uamspam.c setting ibufPASSWDLEN to 0 in FPLoginExt...

9.8CVSS6.8AI score0.00931EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/06/05 12:36 a.m.2 views

kernel: s390/ptrace: handle setting of fpc register correctly

In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control fpc register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading...

7.1CVSS6.7AI score0.00242EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/03/07 4:25 a.m.3 views

SUSE CVE-2023-52598

In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control fpc register of a traced process is modified with the ptrace interface the new value is tested for validity by temporarily loading...

5.5CVSS6.3AI score0.00242EPSS
Exploits0References15
NVD
NVD
added 2024/03/06 7:15 a.m.17 views

CVE-2023-52606

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separately in analyseinstr...

5.5CVSS7.3AI score0.00234EPSS
Exploits0References9
Prion
Prion
added 2024/03/06 7:15 a.m.20 views

Stack overflow

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separately in analyseinstr...

7.1AI score0.00234EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/03/06 6:45 a.m.25 views

CVE-2023-52606 powerpc/lib: Validate size for vector operations

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. The size of those operations however is determined separately in analyseinstr...

6.7AI score0.00234EPSS
Exploits0References8
Openbugbounty
Openbugbounty
added 2023/12/25 2:42 a.m.5 views

fp-santagema.es Improper Access Control vulnerability OBB-3822118

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/25 2:40 a.m.5 views

fp-adistancia.es Improper Access Control vulnerability OBB-3822115

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/06/06 6:45 a.m.3 views

Malicious code in fp-aanvragen-bankrekening (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38ed4291c003da2321057839f26e6889760e131941a98a54026033c0c67fdfcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2023/03/26 11:30 a.m.130 views

Waf-Bypass - Check Your WAF Before An Attacker Does

WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...

8.2AI score
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.39 views

K21344224: Lazy FP state restore vulnerability CVE-2018-3665

Security Advisory Description System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. CVE-2018-3665 A Floating-Point FP state...

5.6CVSS7.5AI score0.00611EPSS
Exploits0
OSV
OSV
added 2023/02/16 8:15 p.m.4 views

CVE-2022-40080

Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges...

7.8CVSS6.1AI score0.00365EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.3 views

SUSE CVE-2010-3906

Cross-site scripting XSS vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 f and 2 fp parameters...

4.3CVSS6AI score0.05614EPSS
Exploits6References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.4 views

SUSE CVE-2015-8712

The dissecthsdschchannelinfo function in epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.5CVSS7.3AI score0.01539EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.2 views

SUSE CVE-2016-7178

epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service invalid write access and application crash via a crafted packet...

5.9CVSS7.4AI score0.02359EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/11 6:26 p.m.46 views

Security Bulletin: Security vulnerability in Apache CXF affects IBM InfoSphere Master Data Management

Summary By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting XSS attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This...

6.1CVSS6.1AI score0.42993EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.5 views

TYPO3 安全漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 fpmasterquiz, which stems from the fact that an attacker can view the answers of this user and modify those answers...

6.5CVSS6.5AI score0.00364EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/14 12:0 a.m.5 views

PT-2022-28057 · Unknown · Fp Masterquiz

Name of the Vulnerable Software and Affected Versions: fp masterquiz extension versions 2.2.0 and earlier, 3.x before 3.5.1 Description: An issue allows an attacker to continue the quiz of a different user, enabling them to view and modify that user's answers. Recommendations: For fp masterquiz...

6.5CVSS7.1AI score0.00364EPSS
Exploits0References9
Rows per page
Query Builder