Lucene search
K

17000 matches found

CVE
CVE
added 2019/07/15 3:6 a.m.209 views

CVE-2019-1010024

CVE-2019-1010024 affects GNU Libc (glibc). The description in the initial document states a mitigation bypass with the impact that an attacker may bypass ASLR by leveraging the cache of thread stack and heap. Upstream and some vendor notes indicate this is treated as a non-security bug and not a ...

5.3CVSS5.5AI score0.0322EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2019/07/15 3:6 a.m.19 views

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.3CVSS5.7AI score0.0322EPSS
Exploits1
Cvelist
Cvelist
added 2019/07/15 3:6 a.m.18 views

CVE-2019-1010024

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...

5.2AI score0.0322EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2019/07/15 3:0 a.m.12 views

CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

7.6AI score0.03249EPSS
Exploits1References4
CVE
CVE
added 2019/07/15 3:0 a.m.262 views

CVE-2019-1010022

CVE-2019-1010022: GNU Libc nptl has a stack guard bypass via a stack-buffer vulnerability. The description notes attackers could bypass stack guard protections by exploiting a stack overflow in the attack vector, with upstream comments claiming this is treated as a non-security bug and “no real t...

9.8CVSS9.5AI score0.03249EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/07/15 3:0 a.m.36 views

CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

9.7AI score0.03249EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/07/15 3:0 a.m.39 views

CVE-2019-1010022

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...

9.8CVSS8.5AI score0.03249EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/07/15 12:0 a.m.5 views

PT-2019-11440 · Gnu +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: GNU Libc affected versions not specified Description: The issue is related to a mitigation bypass, where an attacker may bypass ASLR using the cache of thread stack and heap. The component affected is glibc. It is noted that upstream comments...

5.3CVSS7.3AI score0.0322EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2019/07/15 12:0 a.m.2 views

PT-2019-11439

Name of the Vulnerable Software and Affected Versions: GNU Libc affected versions not specified Description: The issue is related to a mitigation bypass in the nptl component, allowing an attacker to bypass stack guard protection. This can be exploited by using a stack buffer overflow vulnerabili...

9.8CVSS7.7AI score0.03249EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2019/07/15 12:0 a.m.6 views

PT-2019-11441 · Gnu +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: glibc affected versions not specified Description: The issue concerns a mitigation bypass in glibc, allowing an attacker to potentially guess the heap addresses of pthread-created threads. The vendor's stance is that ASLR bypass itself is not...

5.3CVSS7.4AI score0.02286EPSS
Exploits1References12
0day.today
0day.today
added 2019/07/12 12:0 a.m.21 views

Sahi Pro 8.0.0 - Remote Command Execution Exploit

Exploit for java platform in category web applications Exploit Title: Sahi Pro V8.0.0 - Unauthenticated Remote Command Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sahipro.com Software Link:...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2019/07/04 12:0 a.m.55 views

Fedora Update for kernel-headers FEDORA-2019-69c132b061

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS7.8AI score0.00386EPSS
Exploits0References2
0day.today
0day.today
added 2019/07/02 12:0 a.m.313 views

Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x86 - execve /bin/sh using JMP-CALL-POP technique 21 bytes ;Author: kiriknik ;Date: 01/07/2019 ;Architecture: Linux x86 =========== Asm Source =========== global start section .text start: jmp short callshellcode shellcode: pop ebx xor eax,eax mov al, 11 i...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2019/07/01 12:0 a.m.46 views

Moodle <= 3.1.17, 3.4.x <= 3.4.8, 3.5.x <= 3.5.5, 3.6.x <= 3.6.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;...

6.1CVSS5.3AI score0.01055EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/07/01 12:0 a.m.33 views

Fedora Update for pdns FEDORA-2019-2ed768623e

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.1AI score0.01691EPSS
Exploits0References2
OSV
OSV
added 2019/06/29 5:15 p.m.3 views

CVE-2019-13050

Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...

7.5CVSS5.7AI score0.02663EPSS
Exploits1References11
OSV
OSV
added 2019/06/29 5:15 p.m.3 views

UBUNTU-CVE-2019-13050

Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...

7.5CVSS6.9AI score0.02663EPSS
Exploits1References6
ossfuzz
ossfuzz
added 2019/06/28 8:38 p.m.16 views

wget2/wget_options_fuzzer: Stack-buffer-overflow in _compare_tag

Project: https://gitlab.com/gnuwget/wget2.git Detailed report: https://oss-fuzz.com/testcase?key=5670699290591232 Project: wget2 Fuzzer: libFuzzerwget2wgetoptionsfuzzer Fuzz target binary: wgetoptionsfuzzer Job Type: libfuzzerasanwget2 Platform Id: linux Crash Type: Stack-buffer-overflow READ 8...

7AI score
Exploits0Affected Software1
CNVD
CNVD
added 2019/06/27 12:0 a.m.4 views

GNU Binutils Heap Buffer Overflow Vulnerability (CNVD-2019-22404)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A heap buffer overflow vulnerability exists in bfddoprnt in bfd.c in the Binary File Descriptor BFD library used in GNU Binutils 2.32. The...

5.5CVSS7.1AI score0.01802EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/06/27 12:0 a.m.41 views

EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-1642)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access...

5.5CVSS6.2AI score0.02257EPSS
Exploits4References5
Rows per page
Query Builder