Lucene search
K

44 matches found

Vulnrichment
Vulnrichment
added 2022/11/08 12:0 a.m.5 views

CVE-2022-43343

N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken at Main.c...

7.7AI score0.0108EPSS
Exploits2References1
CVE
CVE
added 2022/11/08 12:0 a.m.89 views

CVE-2022-43343

CVE-2022-43343 concerns N-Prolog v1.91, where a global buffer overflow is reported in the function gettoken() at Main.c. The vulnerability is documented with a faulty write into a global buffer, as demonstrated by an AddressSanitizer report pointing to parser.c:1022 and noting proximity to global...

7.5CVSS7.7AI score0.0108EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2021/07/01 3:15 a.m.17 views

CVE-2020-36405

Keystone Engine 0.9.2 has a use-after-free in llvmks::X86Operand::getToken...

7.8CVSS6.9AI score
Exploits0References3
NVD
NVD
added 2021/07/01 3:15 a.m.21 views

CVE-2020-36405

Keystone Engine 0.9.2 has a use-after-free in llvmks::X86Operand::getToken...

7.8CVSS0.01101EPSS
Exploits1References3
Prion
Prion
added 2021/07/01 3:15 a.m.17 views

Design/Logic Flaw

Keystone Engine 0.9.2 has a use-after-free in llvmks::X86Operand::getToken...

6.8CVSS7.6AI score0.01101EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/07/01 2:52 a.m.72 views

CVE-2020-36405

CVE-2020-36405 concerns Keystone Engine v0.9.2, where a use-after-free bug occurs in llvm_ks::X86Operand::getToken. The NVD entry reports a CVSS 3.1 base score of 7.8 (HIGH) with LOCAL attack vector, no privileges required, but user interaction required, and impacts on confidentiality, integrity,...

7.8CVSS7.6AI score0.01101EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/07/01 2:52 a.m.27 views

CVE-2020-36405

Keystone Engine 0.9.2 has a use-after-free in llvmks::X86Operand::getToken...

7.7AI score0.01101EPSS
Exploits1References3
Talos
Talos
added 2020/11/12 12:0 a.m.151 views

Pixar OpenUSD binary file format index type values information leak vulnerability

Talos Vulnerability Report TALOS-2020-1105 Pixar OpenUSD binary file format index type values information leak vulnerability November 12, 2020 CVE Number CVE-2020-13498,CVE-2020-13496,CVE-2020-13497 SUMMARY An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain...

6.5CVSS4.9AI score0.0168EPSS
Exploits3
OSV
OSV
added 2020/07/14 5:37 a.m.10 views

OSV-2020-789 Heap-use-after-free in llvm_ks::X86Operand::getToken

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22850 Crash type: Heap-use-after-free READ 4 Crash state: llvmks::X86Operand::getToken X86AsmParser::MatchAndEmitATTInstruction X86AsmParser::MatchAndEmitInstruction...

7.2AI score
Exploits0References1
ossfuzz
ossfuzz
added 2020/05/30 7:43 p.m.21 views

keystone:fuzz_asm_x86_16: Heap-use-after-free in llvm_ks::X86Operand::getToken

Detailed Report: https://oss-fuzz.com/testcase?key=5637154293415936 Project: keystone Fuzzing Engine: afl Fuzz Target: fuzzasmx8616 Job Type: aflasankeystone Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x60d000000a28 Crash State: llvmks::X86Operand::getToken...

6.4AI score
Exploits0Affected Software1
NVD
NVD
added 2018/12/04 9:29 a.m.30 views

CVE-2018-19842

getToken in libr/asm/p/asmx86nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service stack-based buffer over-read via crafted x86 assembly data, as demonstrated by rasm2...

5.5CVSS5.5AI score0.0096EPSS
Exploits1References2
OSV
OSV
added 2018/12/04 9:29 a.m.1 views

UBUNTU-CVE-2018-19842

getToken in libr/asm/p/asmx86nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service stack-based buffer over-read via crafted x86 assembly data, as demonstrated by rasm2...

5.5CVSS6.2AI score0.0096EPSS
Exploits1References4
CNVD
CNVD
added 2018/12/04 12:0 a.m.3 views

radare2 'getToken' function denial of service vulnerability

radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in the 'getToken' function in the libr/asm/p/asmx86nz.c file in radare2 versions prior to 3.1.0. An attacker can exploit this vulnerability to cause a denial of service stack buffer out-of-bound...

5.5CVSS5.4AI score0.0096EPSS
Exploits1References1
ossfuzz
ossfuzz
added 2018/09/19 1:54 a.m.17 views

keystone/fuzz_asm_x86_16: Heap-use-after-free in llvm_ks::X86Operand::getToken

Detailed report: https://oss-fuzz.com/testcase?key=5740417828519936 Project: keystone Fuzzer: libFuzzerkeystonefuzzasmx8616 Fuzz target binary: fuzzasmx8616 Job Type: libfuzzerasankeystone Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0x60d0000003a8 Crash State:...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2017/05/23 4:29 a.m.3 views

UBUNTU-CVE-2017-9160

libautotrace.a in AutoTrace 0.31.1 has a stack-based buffer overflow in the pnmscannergettoken function in input-pnm.c:458:12...

9.8CVSS7.7AI score0.01775EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2017/05/23 12:0 a.m.3 views

PT-2017-18742 · Martin Weber +1 · Autotrace +1

Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is a stack-based buffer overflow in the pnmscanner gettoken function, located in the input-pnm.c file. This function is part of the libautotrace.a library in AutoTrace. Recommendations: For...

9.8CVSS6.7AI score0.02468EPSS
Exploits0References62
AlpineLinux
AlpineLinux
added 2017/02/03 3:0 p.m.41 views

CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service crash via a crafted SVG file, related to the 1 TracePoint function in magick/render.c, 2 GetToken function in magick/utility.c, and 3 GetTransformTokens function in coders/svg.c...

5.5CVSS7.2AI score0.0199EPSS
Exploits0
Cvelist
Cvelist
added 2017/02/03 3:0 p.m.23 views

CVE-2016-2317

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service crash via a crafted SVG file, related to the 1 TracePoint function in magick/render.c, 2 GetToken function in magick/utility.c, and 3 GetTransformTokens function in coders/svg.c...

7AI score0.0199EPSS
Exploits0References12
CVE
CVE
added 2015/02/23 2:0 a.m.50 views

CVE-2014-7922

CVE-2014-7922 involves the GoogleAuthUtil.getToken method in the Google Play services SDK prior to 2015. The vulnerability arises when the code sets parameters in OAuth token requests after detecting a corresponding opt parameter in the Bundle extras argument, enabling a crafted application to by...

4.3CVSS6.8AI score0.00478EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/09/23 12:0 a.m.27 views

Fedora 20 : mediawiki-1.21.2-1.fc20 (2013-15937)

SECURITY: Fix extension detection with 2 .'s - SECURITY: Support for the 'gettoken' parameter to action=block and action=unblock, deprecated since 1.20, has been removed. - SECURITY: Sanitize ResourceLoader exception messages - Purge upstream caches when deleting file assets. - Unit test suite...

6.1CVSS6AI score0.02084EPSS
Exploits2References5
Rows per page
Query Builder