Lucene search
K

353 matches found

Debian CVE
Debian CVE
added 2015/03/19 12:0 a.m.44 views

CVE-2015-0287

The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid write operation and memory...

5CVSS6.1AI score0.0837EPSS
Exploits0
CVE
CVE
added 2015/01/15 3:0 p.m.107 views

CVE-2014-8738

CVE-2014-8738 affects GNU Binutils (libbfd/archive.c: _bfd_slurp_extended_name_table). A crafted extended name table in an archive can trigger an invalid write, leading to a denial of service (segmentation fault/crash). Public advisories across vendors cite binutils and libbfd as vulnerable, with...

5CVSS7.8AI score0.05207EPSS
Exploits1References17Affected Software1
Debian CVE
Debian CVE
added 2015/01/15 3:0 p.m.21 views

CVE-2014-8738

The bfdslurpextendednametable function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service invalid write, segmentation fault, and crash via a crafted extended name table in an archive...

5CVSS7.4AI score0.05207EPSS
Exploits1
Prion
Prion
added 2013/05/16 11:45 a.m.13 views

Code injection

The cairoxlibsurfaceaddglyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service invalid write operation via unspecified vectors...

10CVSS8.2AI score0.05502EPSS
Exploits0References15Affected Software4
Mozilla
Mozilla
added 2013/05/14 12:0 a.m.51 views

Memory corruption found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and invalid write problems rated as moderate to critical as security issues in shipped software. Some of these issues are...

10CVSS1.5AI score0.05709EPSS
Exploits0References12Affected Software4
OPENSUSE Linux
OPENSUSE Linux
added 2012/05/29 3:8 p.m.57 views

update for chromium, v8 (important)

Chromium update to 21.0.1145 Fixed several issues around audio not playing with videos Crash Fixes Improvements to trackpad on Cr-48 Security Fixes bnc762481 - CVE-2011-3083: Browser crash with video + FTP - CVE-2011-3084: Load links from internal pages in their own process. - CVE-2011-3085: UI...

10CVSS1.7AI score0.03344EPSS
Exploits0References1
NVD
NVD
added 2012/05/16 12:55 a.m.12 views

CVE-2011-3092

The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service invalid write operation or possibly have unspecified other impact via unknown vectors...

10CVSS7AI score0.02199EPSS
Exploits0References8
Prion
Prion
added 2012/05/16 12:55 a.m.20 views

Information disclosure

The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service invalid write operation or possibly have unspecified other impact via unknown vectors...

10CVSS7.6AI score0.02199EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2012/05/16 12:0 a.m.65 views

CVE-2011-3092

CVE-2011-3092 : The Google V8 regex implementation (as used by Google Chrome prior to 19.0.1084.46) contains an invalid write in the regex engine, enabling a remote attacker to cause a denial of service. The description notes possible unspecified additional impact; no exploit vectors are detailed...

10CVSS7.1AI score0.02199EPSS
Exploits0References8Affected Software1
Mozilla
Mozilla
added 2011/06/21 12:0 a.m.41 views

Multiple WebGL crashes — Mozilla

Mozilla security researcher Christoph Diehl reported two crashes in WebGL code. One crash was the result of an out-of-bounds read and could be used to read data from other processes who had stored data in the GPU. The severity of this issue was determined to be high. The second crash was the resu...

10CVSS6.5AI score0.04216EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2010/11/17 4:0 p.m.22 views

Design/Logic Flaw

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow 1 remote attackers to cause a denial of service invalid write and daemon crash by abruptly disconnecting during transmission of the map from the server, related to network/networkserver.cpp; 2 remote attackers to cause a...

5CVSS7.3AI score0.03668EPSS
Exploits0References11Affected Software2
Debian CVE
Debian CVE
added 2010/11/17 3:0 p.m.24 views

CVE-2010-4168

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow 1 remote attackers to cause a denial of service invalid write and daemon crash by abruptly disconnecting during transmission of the map from the server, related to network/networkserver.cpp; 2 remote attackers to cause a...

7.5CVSS6.4AI score0.03668EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.24 views

Fedora 12 : tar-1.22-12.fc12 (2010-4309)

CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive 572149 - realloc within checkexclusiontags caused invalid write 570591 - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion 570591 - do not...

6.8CVSS7AI score0.04747EPSS
Exploits2References3
Rows per page
Query Builder