Lucene search
+L

232 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.5 views

SUSE CVE-2014-1736

Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value...

7.5CVSS7.6AI score0.02072EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.4 views

SUSE CVE-2014-2281

The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service memory corruption and application crash via a crafte...

4.3CVSS7.4AI score0.02964EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.6 views

SUSE CVE-2014-7840

The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...

7.5CVSS7.9AI score0.04115EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9629

Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value...

7.8CVSS7.3AI score0.02373EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:0 a.m.2 views

SUSE CVE-2016-5769

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...

9.8CVSS10AI score0.08361EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.4 views

SUSE CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...

5.3CVSS6.9AI score0.02764EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/02/09 12:27 a.m.5 views

openvswitch: Integer Underflow in Organization Specific TLV

A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow...

9.8CVSS7.3AI score0.01324EPSS
Exploits0References6
Hacker One
Hacker One
added 2023/02/06 9:54 p.m.33 views

GitHub Security Lab: [CPP]: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions

Vulnerability description not provided...

7.1AI score
Exploits0
CVE
CVE
added 2023/01/24 12:0 a.m.54 views

CVE-2021-28510

CVE-2021-28510 affects Arista EOS: a PTP management/signaling TLV with an invalid Type-Length-Value can cause the PTP agent to restart, leading to service unavailability. Affected EOS releases include 4.27.x (4.27.1 and earlier), 4.26.x (4.26.4 and earlier), 4.25.x (4.25.6 and earlier), and 4.24....

7.5CVSS6.2AI score0.01003EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.6 views

The vulnerability of the Open vSwitch multi-level switch software, related to the loss of the significance of a whole number, allows an attacker to execute arbitrary code in the target system.

The vulnerability of the Open vSwitch multi-level switch lies in the loss of significance of a whole number during the analysis of Auto Attach TLV. Exploiting this vulnerability allows an attacker to send specially crafted LLDP messages to the vulnerable system, causing a full number of significa...

10CVSS8.2AI score0.01324EPSS
Exploits0References10Affected Software8
ATTACKERKB
ATTACKERKB
added 2023/01/10 10:15 p.m.5 views

CVE-2022-4338

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch...

9.8CVSS5.2AI score0.01324EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.5 views

Open vSwitch 缓冲区错误漏洞

Open vSwitch is an open source virtual switch. Open vSwitch suffers from a buffer error vulnerability that stems from allowing an attacker to implement out-of-bounds reads in its specific TLV...

9.8CVSS8.4AI score0.01324EPSS
Exploits0References14
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.25 views

Open vSwitch 缓冲区错误漏洞

Open vSwitch is an open source virtual switch. Open vSwitch suffers from a buffer error vulnerability that stems from allowing an attacker to achieve integer underflow in its specific TLV...

9.8CVSS8.4AI score0.01324EPSS
Exploits0References14
NVD
NVD
added 2022/09/16 10:15 p.m.26 views

CVE-2022-40757

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...

7.5CVSS0.00839EPSS
Exploits0References2
Prion
Prion
added 2022/09/16 10:15 p.m.23 views

Buffer overflow

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...

5CVSS7.5AI score0.00839EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/16 9:36 p.m.56 views

CVE-2022-40757

CVE-2022-40757 affects Samsung mTower prior to 0.3.0, where a buffer access in TEE_MACComputeFinal with an incorrect length (messageLen) can be triggered by a trusted application, causing a Denial of Service. The issue originates in the TEE_MACComputeFinal function and is documented across multip...

7.5CVSS7.4AI score0.00839EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/16 9:36 p.m.70 views

CVE-2022-40760

CVE-2022-40760 affects Samsung mTower up to version 0.3.0, where a vulnerability in the TEE_MACUpdate function allows a trusted application to trigger a Denial of Service by passing an oversized chunkSize to TEE_MACUpdate. The root cause is a buffer access with an incorrect length value. Impact i...

7.5CVSS7.4AI score0.01101EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

SAMSUNG mTower 缓冲区错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a buffer access in its TEEMACComputeFinal function with an incorrect length value vulnerability that allows a trusted...

7.5CVSS7.6AI score0.00839EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/26 12:0 a.m.7 views

PT-2022-9902 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: The issue occurs when a Precision Time Protocol PTP packet with an invalid Type-Length-Value TLV is received, causing the PTP agent to restart. Repeated restarts of the service will make...

7.5CVSS7.4AI score0.01003EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/02/25 3:18 p.m.55 views

CVE-2022-26125

frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable...

7.8CVSS3.9AI score0.01007EPSS
Exploits1References4
Rows per page
Query Builder