Lucene search
K

160 matches found

Prion
Prion
added 2020/02/19 4:15 p.m.15 views

Buffer overflow

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960...

7.2CVSS7.7AI score0.00599EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/09 12:0 a.m.62 views

AIX 7.2 TL 2 : tcpdump (IJ20784)

https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP. The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint. The LMP parser in...

9.8CVSS6.6AI score0.06816EPSS
Exploits0References27
Prion
Prion
added 2019/10/22 3:15 p.m.14 views

Buffer overflow

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481...

7.2CVSS7.8AI score0.0044EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/10/22 2:27 p.m.19 views

CVE-2019-4523

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 165481...

8.4CVSS7.8AI score0.0044EPSS
Exploits0References2
NVD
NVD
added 2019/08/13 8:15 p.m.24 views

CVE-2019-12807

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code...

7.8CVSS7.9AI score0.0162EPSS
Exploits0References2
OSV
OSV
added 2019/08/01 9:15 p.m.2 views

DEBIAN-CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

7.5CVSS6.9AI score0.01705EPSS
Exploits1References1
Prion
Prion
added 2019/08/01 9:15 p.m.70 views

Out-of-bounds

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

5CVSS8.4AI score0.84925EPSS
Exploits7References2Affected Software2
NVD
NVD
added 2019/07/02 3:15 p.m.21 views

CVE-2019-4087

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could...

10CVSS9.7AI score0.06959EPSS
Exploits0References2
Prion
Prion
added 2019/06/06 6:29 p.m.15 views

Stack overflow

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...

9CVSS8.8AI score0.1158EPSS
Exploits2References2
CVE
CVE
added 2019/06/06 5:24 p.m.279 views

CVE-2019-6989

CVE-2019-6989 describes a stack-based buffer overflow in TP-LINK TL-WR940N (and TL-WR941ND) caused by improper bounds checking in ipAddrDispose. The vulnerability can be triggered by specially crafted ICMP echo requests, allowing a remote authenticated attacker to overflow a buffer and execute ar...

9CVSS8.9AI score0.1158EPSS
Exploits2References2Affected Software1
CNVD
CNVD
added 2019/05/22 12:0 a.m.5 views

Citrix NetScaler Gateway and Citrix Application Delivery Controller Buffer Overflow Vulnerability

Citrix Systems NetScaler Gateway and Citrix Application Delivery Controller ADC Citrix NetScaler Gateway and Citrix Application Delivery Controller are both products of Citrix Systems NetScaler Gateway and Citrix Application Delivery Controller are both products of Citrix Systems, Inc.Citrix...

7.5CVSS7.4AI score0.01549EPSS
Exploits0References1
NVD
NVD
added 2019/04/03 6:29 p.m.15 views

CVE-2018-4308

An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14...

5.5CVSS5.7AI score0.0081EPSS
Exploits0References2
NVD
NVD
added 2019/04/03 2:29 p.m.15 views

CVE-2018-1936

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316...

8.4CVSS8.5AI score0.00508EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.27 views

Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)

Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN Scalable Switch. IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the vulnerability. Vulnerability Details Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN...

7.5CVSS0.07629EPSS
Exploits0
Cvelist
Cvelist
added 2018/11/30 3:0 p.m.23 views

CVE-2018-1897

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462...

8.4CVSS8.4AI score0.00559EPSS
Exploits0References4
NVD
NVD
added 2018/07/13 8:29 p.m.13 views

CVE-2016-6559

Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by...

9.8CVSS9.3AI score0.03699EPSS
Exploits1References4
CVE
CVE
added 2018/07/13 8:0 p.m.59 views

CVE-2016-6559

CVE-2016-6559 concerns the BSD libc function link_ntoa() in linkaddr.c, where the obuf bounds are mishandled. The root cause is improper bounds checking, which could allow memory read/write. Public analyses from FreeBSD indicate it is unlikely that applications expose an exploitable use of link_n...

9.8CVSS8.5AI score0.03699EPSS
Exploits1References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:39 a.m.34 views

Security Bulletin: Vulnerabilities in wget affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in wget. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-13090 DESCRIPTION: GNU wget is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the fdreadbody function in src/retr.c. By...

9.3CVSS1.7AI score0.79855EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:27 p.m.24 views

Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Performance Management products (CVE-2016-0729 )

Summary Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute...

9.8CVSS1.4AI score0.09115EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.66 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Identity Governance

Summary Vulnerabilities in Open Source openssl that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2016-2105 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVPEncodeUpdate function. By sending an overly...

10CVSS1.5AI score0.89058EPSS
Exploits7Affected Software1
Rows per page
Query Builder