Lucene search
+L

75 matches found

osv
osv
added 2018/03/08 6:29 p.m.10 views

UBUNTU-CVE-2018-7871

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact...

8.8CVSS7.4AI score0.01718EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2018/03/08 6:29 p.m.27 views

CVE-2018-7868

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack...

6.5CVSS7AI score0.0157EPSS
Exploits1References3
cvelist
cvelist
added 2018/03/08 6:0 p.m.29 views

CVE-2018-7871

There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact...

8.8AI score0.01718EPSS
Exploits1References3
bdu_fstec
bdu_fstec
added 2016/07/05 12:0 a.m.11 views

The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s stack memory.

A vulnerability exists in the l2tpip6getname function in the Linux kernel’s net/l2tp/l2tpip6.c file, due to incorrect return values under certain circumstances. Exploiting this vulnerability allows local users to access confidential information from the kernel’s stack memory, using a specially...

1.9CVSS5.5AI score0.00361EPSS
Exploits0References2Affected Software1
zdt
zdt
added 2016/05/26 12:0 a.m.27 views

Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=756 We have encountered several different crashes in the graphite2::NameTable::getName method, observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk,...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2016/05/26 12:0 a.m.26 views

Graphite2 - NameTable::getName Multiple Heap Out-of-Bounds Reads

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=756 We have encountered several different crashes in the graphite2::NameTable::getName method, observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest...

7.4AI score
Exploits0
oraclelinux
oraclelinux
added 2015/05/12 12:0 a.m.65 views

kernel security and bug fix update

3.10.0-229.4.2 - Oracle Linux certificates Alexey Petrenko 3.10.0-229.4.2 - x86 crypto: aesni - fix memory usage in GCM decryption Kurt Stutsman 1213331 1212178 CVE-2015-3331 3.10.0-229.4.1 - crypto x86: sha256ssse3 - also test for BMI2 Herbert Xu 1211484 1201563 - crypto testmgr: fix RNG return...

9.3CVSS0.7AI score0.10108EPSS
Exploits0
ptsecurity
ptsecurity
added 2011/01/03 12:0 a.m.4 views

PT-2011-1445 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37-rc2 Description: The issue concerns the ax25 getname function in the Linux kernel, which fails to initialize a certain structure. This allows local users to potentially obtain sensitive information from...

2.1CVSS5.3AI score0.00392EPSS
Exploits0References11
prion
prion
added 2009/12/30 9:30 p.m.65 views

Stack overflow

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary cod...

7.5CVSS8AI score0.69552EPSS
Exploits4References36Affected Software5
ubuntucve
ubuntucve
added 2009/12/30 12:0 a.m.40 views

CVE-2009-4484

Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary cod...

7.5CVSS6.3AI score0.69552EPSS
Exploits4References4
redhat
redhat
added 2009/11/03 9:56 p.m.5 views

kernel: numerous getname() infoleaks

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

4.9CVSS5.8AI score0.01029EPSS
Exploits7References4
redhat
redhat
added 2009/11/03 6:21 p.m.3 views

kernel: numerous getname() infoleaks

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

4.9CVSS5.8AI score0.01029EPSS
Exploits7References4
seebug
seebug
added 2009/09/02 12:0 a.m.55 views

Linux Kernel .getname函数多个信息泄露漏洞

BUGTRAQ ID: 36176 CVECAN ID: CVE-2009-3002 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的getname函数没有正确地初始化某些数据结构,本地用户可以通过对AFAPPLETALK、AFIRDA、AFECONET、 AFNETROM、AFROSE、原始CAN等套接字执行getsockname调用读取部分内核内存的内容。 Linux kernel 2.6.x 厂商补丁: Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.9CVSS7.1AI score0.01029EPSS
Exploits7
prion
prion
added 2009/08/28 3:30 p.m.33 views

Memory corruption

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

4.9CVSS5.9AI score0.01029EPSS
Exploits7References24Affected Software2
cvelist
cvelist
added 2009/08/28 3:0 p.m.30 views

CVE-2009-3002

The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on 1 an AFAPPLETALK socket, related to the atalkgetname function in net/appletalk/ddp.c; 2 ...

6.6AI score0.01029EPSS
Exploits7References24
Rows per page
Query Builder