Lucene search
K

45 matches found

OSV
OSV
added 2023/03/06 11:15 p.m.8 views

AZL-13827 CVE-2022-4904 affecting package nodejs for versions less than 16.20.1-2

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity...

8.6CVSS7.1AI score0.01232EPSS
Exploits1References1
Code423n4
Code423n4
added 2022/12/09 12:0 a.m.9 views

overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...

7AI score
Exploits0
Github Security Blog
Github Security Blog
added 2022/09/16 9:25 p.m.34 views

TensorFlow vulnerable to `CHECK` fail in `AudioSummaryV2`

Impact When AudioSummaryV2 receives an input samplerate with more than one element, it gives a CHECK fails that can be used to trigger a denial of service attack. python import tensorflow as tf arg0='' arg1=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=None arg2=tf.random.uniformshape=2,1,...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2022/06/14 12:0 a.m.6 views

PT-2022-10435 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: An out-of-bounds write can occur due to an incorrect input check in the camera driver. Recommendations: At the moment, there is no information about a newer version that contain...

6.7CVSS6.6AI score0.0015EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2022/03/03 12:0 a.m.37 views

CVE-2022-26125

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isistlvs.c...

7.8CVSS8.1AI score0.01007EPSS
Exploits1
Veracode
Veracode
added 2022/01/26 1:52 p.m.19 views

Denial Of Service (DoS)

libimage-exiftool-perl:bookworm is vulnerable to denial of service. lib/Image/ExifTool.pm in ExifTool mishandles a $file = /|$/ check...

7.8CVSS2.4AI score0.07575EPSS
Exploits5References3Affected Software2
Huntr
Huntr
added 2021/12/20 12:1 p.m.21 views

Cross-site Scripting (XSS) - Stored in janeczku/calibre-web

Description Missing input check on Identifiers lead to stored XSS. Steps to reproduce 1. 1. Any book - Edit metadata - Identifiers 2. 2. Set any value to the first field and javascript:alertdocument.domain to the second one. 3. 3. Save the book, select it, click on Identifier - XSSed! Proof of...

3.5CVSS0.9AI score0.00802EPSS
Exploits1
Code423n4
Code423n4
added 2021/11/22 12:0 a.m.8 views

pow() is missing check on input parameters with 0 value

Handle gpersoon Vulnerability details Impact The contract LogExpMath.sol seems to be a fork of the balancer LogExpMath.sol contract. It is mostly similar, except for checks for x and y being 0 in the beginning of the function pow, see below. This omission might lead to unexpected results. Proof o...

7AI score
Exploits0
NVD
NVD
added 2021/07/30 2:15 p.m.17 views

CVE-2021-37595

In FreeRDP before 2.4.0 on Windows, wfcliprdrserverfilecontentsrequest in client/Windows/wfcliprdr.c has missing input checks for a FILECONTENTSRANGE File Contents Request PDU...

9.8CVSS0.01516EPSS
Exploits0References2
OSV
OSV
added 2021/03/25 5:15 p.m.2 views

CVE-2021-25354

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink...

5.3CVSS5.8AI score0.00456EPSS
Exploits0References2
NVD
NVD
added 2021/03/25 5:15 p.m.19 views

CVE-2021-25354

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink...

6.8CVSS0.00456EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/25 4:13 p.m.27 views

CVE-2021-25354

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink...

3.3CVSS5.6AI score0.00456EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/04/27 12:0 a.m.10 views

The vulnerability of the user interface in Google Chrome’s Omnibox allows a perpetrator to compromise data integrity.

The vulnerability of the user interface in Google Chrome’s Omnibox is related to the lack of a mechanism for verifying the entered data. Exploiting this vulnerability allows an attacker to manipulate the integrity of data by creating a malicious HTML page...

4.3CVSS6.6AI score0.01107EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/22 12:0 a.m.6 views

The vulnerability of the recursive cloning component of the distributed Git version control system allows a hacker to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of the recursive cloning component of the distributed version control system Git is related to the lack of a mechanism for verifying input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, and...

9.3CVSS7.4AI score0.34007EPSS
Exploits0References11Affected Software5
OSV
OSV
added 2019/01/09 7:29 p.m.2 views

CVE-2018-16088

A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page...

6.5CVSS7.4AI score0.01146EPSS
Exploits0References4
NVD
NVD
added 2018/09/18 6:29 p.m.29 views

CVE-2018-11852

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write...

7.8CVSS7.5AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/09/18 6:0 p.m.24 views

CVE-2018-11852

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write...

7.8AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/09/18 6:0 p.m.18 views

CVE-2018-11302

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN...

8.4AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/09/18 6:0 p.m.31 views

CVE-2018-11851

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack...

7.5AI score0.00202EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2016/05/05 8:0 a.m.70 views

Old Android Flaw Elevates Privileges, Steals SMS, Call Logs

A five-year-old Android vulnerability disclosed today affects hundreds of different device models going back to Jelly Bean 4.3. Older devices are at the greatest risk; newer devices running Android with SE Android, the OS’ implementation of Security Enhanced Linux, are at a lesser risk. The...

9.3CVSS1.5AI score0.00466EPSS
Exploits0References1
Rows per page
Query Builder