CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

BDU FSTEC•added 2015/06/05 12:0 a.m.•3 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

Errors in the code of Google Chrome’s libvpx library allow a malicious actor to cause service failures by initializing fields of negative size using specially crafted VP9 video frames...

7.5CVSS7.4AI score0.02136EPSS

Exploits0References4Affected Software1

OSV•added 2015/06/01 12:0 a.m.•1 views

UBUNTU-CVE-2015-4142

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpasupplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service crash via a crafted frame, which triggers an out-of-bounds read...

4.3CVSS7.3AI score0.07071EPSS

Exploits0References6

OSV•added 2015/05/20 10:59 a.m.•2 views

DEBIAN-CVE-2015-1258

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame...

7.5CVSS9.4AI score0.02136EPSS

Tenable Nessus•added 2015/05/20 12:0 a.m.•31 views

Cisco IOS XE Software Overlay Transport Virtualization (OTV) DoS

The remote Cisco device is affected by a denial of service vulnerability due to improper processing of oversized Overlay Transport Virtualization OTV frames. An unauthenticated, adjacent attacker can exploit this, by sending a large number of oversized OTV frames requiring fragmentation and...

6.1CVSS5.5AI score0.00182EPSS

Exploits0References2

RedHat Linux•added 2015/05/14 3:14 p.m.•2 views

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

CNVD•added 2015/05/07 12:0 a.m.•1 views

wpa_supplicant/hostapd ap/wmm.c hostapd_wmm_action() WMM action frame handling integer overflow vulnerability

hostapd is a user-state daemon for APs and authentication servers. wpasupplicant is a WiFi-capable component for Android that supports authentication of wireless connections. The hostapd ap/wmm.c hostapdwmmaction function handles WMM action frames with an integer overflow vulnerability that allow...

7.2AI score

OSV•added 2015/04/28 2:59 p.m.•2 views

DEBIAN-CVE-2015-1863

Heap-based buffer overflow in wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service crash, read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries...

5.8CVSS7.1AI score0.08546EPSS

Tenable Nessus•added 2015/04/27 12:0 a.m.•43 views

FreeBSD : wpa_supplicant -- P2P SSID processing vulnerability (cb9d2fcd-eb47-11e4-b03e-002590263bf5)

Jouni Malinen reports : A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is...

5.8CVSS7AI score0.08546EPSS

ArchLinux•added 2015/04/24 12:0 a.m.•48 views

wpa_supplicant: arbitrary code execution

A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is transmitted in an element th...

5.8CVSS2.2AI score0.08546EPSS

OSV•added 2015/04/22 12:0 a.m.•0 views

UBUNTU-CVE-2015-1863

5.8CVSS7.2AI score0.08546EPSS

FreeBSD•added 2015/04/22 12:0 a.m.•35 views

wpa_supplicant -- P2P SSID processing vulnerability

Jouni Malinen reports: A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is...

5.8CVSS7AI score0.08546EPSS

RedHat Linux•added 2015/03/31 5:0 p.m.•1 views

netty: DoS via memory exhaustion during data aggregation

RedHat Linux•added 2015/03/11 4:51 p.m.•3 views

netty: DoS via memory exhaustion during data aggregation

RedHat Linux•added 2015/02/17 10:27 p.m.•2 views

netty: DoS via memory exhaustion during data aggregation

n0where•added 2015/02/06 12:34 a.m.•50 views

packETH – Ethernet Packet Generator

packETH Ethernet Packet Generator packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of...

0.8AI score

Exploits0

CNVD•added 2015/02/05 12:0 a.m.•1 views

Aruba Networks Instant Heap Buffer Overflow Vulnerability

Aruba Networks Instant IAP is a suite of access point AP solutions from Aruba Networks, USA. The solution supports virtualization of Aruba Mobility Controllers on 802.11n Access Points APs, creation of enterprise-grade Wireless Local Area Networks WLANs and enterprise entry-level Wi-Fi networks,...

7.8CVSS7.3AI score0.00536EPSS

RedHat Linux•added 2014/10/15 4:12 p.m.•4 views

Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)

The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...

7.5CVSS7.3AI score0.01644EPSS

Exploits0References5

OSV•added 2014/10/15 10:55 a.m.•1 views

DEBIAN-CVE-2014-1578

7.5CVSS9.2AI score0.01644EPSS