Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

663 matches found

Debian CVE
Debian CVEadded 2022/07/19 12:0 a.m.100 views

CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7.2AI score0.10953EPSS
Exploits2
CVE
CVEadded 2022/07/19 12:0 a.m.653 views

CVE-2022-34169

CVE-2022-34169 affects the Apache Xalan Java XSLT library. It describes an integer truncation vulnerability when processing malicious XSLT stylesheets, which can corrupt Java class files generated by the internal XSLTC compiler and allow execution of arbitrary Java bytecode. Public references in ...

7.5CVSS8.2AI score0.10953EPSS
Exploits2References24Affected Software1
CNNVD
CNNVDadded 2022/07/19 12:0 a.m.4 views

Apache Xalan 输入验证错误漏洞

Apache Xalan is an open source software library from the Apache Foundation USA. Apache Xalan Java XSLT Stock in Input Validation Error vulnerability stems from an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability can be exploited to corrupt Java class files...

7.5CVSS5.9AI score0.10953EPSS
Exploits2References65
Positive Technologies
Positive Technologiesadded 2022/07/04 12:0 a.m.4 views

PT-2022-3956

Name of the Vulnerable Software and Affected Versions Apache Xalan Java XSLT library versions prior to 2.7.3 Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generat...

7.8CVSS7.4AI score0.10953EPSS
Exploits2References405
OpenVAS
OpenVASadded 2022/02/13 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1152)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00042EPSS
Exploits1References2
OpenVAS
OpenVASadded 2022/02/13 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1102)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00042EPSS
Exploits1References2
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.8 views

Mageia: Security Advisory (MGASA-2021-0123)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVASadded 2021/12/30 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2021-2829)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00042EPSS
Exploits1References2
OpenVAS
OpenVASadded 2021/11/03 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2021-2649)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00042EPSS
Exploits1References2
Cvelist
Cvelistadded 2021/10/22 11:14 a.m.11 views

CVE-2021-36357

An issue was discovered in OpenPOWER 2.6 firmware. unpacktimestamp calls le32tocpu for endian conversion of a uint16t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion...

9.6AI score0.00203EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2021/09/15 7:53 p.m.23 views

PlayStation: size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives

Summary A heap-based buffer overflow can be triggered by a malformed exFAT USB flash drive. Vulnerability The vulnerability is in Sony's exFAT implementation where there is an integer truncation from 64bit to 32bit on a size variable that is used to allocate the up-case table: c int...

1.1AI score
Exploits0
Veracode
Veracodeadded 2021/09/02 6:40 p.m.17 views

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacke...

8.8CVSS4.1AI score0.00609EPSS
Exploits1References3Affected Software1
Veracode
Veracodeadded 2021/09/02 6:31 p.m.19 views

Denial Of Service (DoS)

gpac:bullseye is vulnerable to denial of service. An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper...

8.8CVSS3.7AI score0.00418EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2021/08/18 3:15 p.m.15 views

CVE-2021-21862

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

8.8CVSS0.00443EPSS
Exploits1References1
OSV
OSVadded 2021/08/18 3:15 p.m.13 views

CVE-2021-21862

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

8.8CVSS7.7AI score
Exploits0References1
UbuntuCve
UbuntuCveadded 2021/08/18 3:15 p.m.29 views

CVE-2021-21862

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

8.8CVSS7.5AI score0.00443EPSS
Exploits1References2
OSV
OSVadded 2021/08/18 3:15 p.m.1 views

UBUNTU-CVE-2021-21862

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

8.8CVSS7.6AI score0.00443EPSS
Exploits1References3
Prion
Prionadded 2021/08/18 3:15 p.m.15 views

Heap overflow

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

6.8CVSS9.1AI score0.00443EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/08/18 2:25 p.m.57 views

CVE-2021-21862

GPAC Project on Advanced Content library (GPAC) v1.0.1 contains multiple exploitable integer truncation vulnerabilities in the MPEG-4 decoding functionality. The issues cause improper memory allocation leading to a heap-based buffer overflow and memory corruption, tied to the Xtra FOURCC code par...

8.8CVSS9.1AI score0.00443EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/08/18 2:25 p.m.16 views

CVE-2021-21862

Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory...

8.8CVSS9.4AI score0.00443EPSS
Exploits1References1
Rows per page
Query Builder