Lucene search
K

135 matches found

Vulnrichment
Vulnrichment
added 2023/04/25 11:41 a.m.9 views

CVE-2023-27619 WordPress Regina Lite Theme <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Auth subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Macho Themes Regina Lite theme = 2.0.7 versions...

5.4CVSS5.3AI score0.00361EPSS
Exploits0References1
CVE
CVE
added 2023/04/25 11:41 a.m.48 views

CVE-2023-27619

CVE-2023-27619 affects Regina Lite WordPress theme (≤ 2.0.7). Described as a reflected Cross‑Site Scripting (XSS) vulnerability that is exploitable by authenticated users with Subscriber+ privileges. Impact per sources is limited to reflected XSS in pages, with the vulnerability tied to input ref...

5.4CVSS5.3AI score0.00361EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.5 views

PT-2023-21257 · Macho Themes · Regina Lite

Name of the Vulnerable Software and Affected Versions: Macho Themes Regina Lite theme versions prior to 2.0.8 Description: A Reflected Cross-Site Scripting XSS vulnerability exists, allowing attackers to inject malicious scripts into pages. This issue affects authenticated users with subscriber o...

5.4CVSS5.6AI score0.00361EPSS
Exploits0References4
Amazon
Amazon
added 2023/03/22 12:0 a.m.5 views

Important: golang

Issue Overview: A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. CVE-2021-33196 A validation flaw was found in golang. When invoking functions from WASM modules built...

9.8CVSS7.3AI score0.10299EPSS
Exploits8
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-19648

In the machoparsefile functionality in macho/macho.c of YARA 3.11.0, commandsize may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service application crash or potential code execution...

7.8CVSS7.9AI score0.01587EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.3 views

SUSE CVE-2021-41771

ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation...

7.5CVSS8.7AI score0.04372EPSS
Exploits0References12
Veracode
Veracode
added 2022/11/20 2:22 a.m.32 views

Denial Of Service (DoS)

lief is vulnerable to denial of service. The vulnerability exists due to heap-buffer-overflow in the parsedyldinfogenericbind function of BinaryParser.tcc, allowing an attacker to cause an application crash through the maliciously crafted MachO file...

6.5CVSS6.1AI score0.0066EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/11/18 12:30 a.m.13 views

LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF prior to version 0.12.3 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.5CVSS7.1AI score0.0066EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2022/11/17 11:15 p.m.10 views

CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.5CVSS0.0066EPSS
Exploits1References1
Prion
Prion
added 2022/11/17 11:15 p.m.19 views

Heap overflow

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

4.3CVSS6.5AI score0.0066EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2022/11/17 11:15 p.m.8 views

PYSEC-2022-43140

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.5CVSS7.2AI score0.0066EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/17 12:0 a.m.6 views

CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.5AI score0.0066EPSS
Exploits1References1
CVE
CVE
added 2022/11/17 12:0 a.m.60 views

CVE-2022-43171

CVE-2022-43171 affects the LIEF library’s MachO parser: heap buffer overflow in LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind on v0.12.1, leading to DoS via a crafted Mach-O file. Public details show vulnerability in LIEF v0.12.1 (and related advisories mention pre-0.12.3) with mitigatio...

6.5CVSS6.5AI score0.0066EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/11/17 12:0 a.m.18 views

CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.5CVSS7.1AI score0.0066EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/11/17 12:0 a.m.4 views

LIEF 缓冲区错误漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A security vulnerability exists in LIEF version v0.12.1, which stems from a heap buffer overflow in the...

6.5CVSS6.7AI score0.0066EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/17 12:0 a.m.19 views

CVE-2022-43171

A heap buffer overflow in the LIEF::MachO::BinaryParser::parsedyldinfogenericbind function of LIEF v0.12.1 allows attackers to cause a Denial of Service DoS via a crafted MachO file...

6.7AI score0.0066EPSS
Exploits1References1
Veracode
Veracode
added 2022/10/11 1:47 p.m.16 views

Denial Of Service (DoS)

lief is vulnerable to denial of service DoS attacks. A malicious user is able to trigger a segmentation fault in parseloadcommands function via a crafted MachO file, causing the application to crash...

6.5CVSS5.9AI score0.00586EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2022/10/11 12:0 a.m.18 views

LIEF Denial of Service Vulnerability

LIEF is a cross-platform library from the personal developer Romain Thomas. Used for parsing, modifying and abstracting Elf, Pe and MachO formats, a denial of service vulnerability exists in LIEF v0.12.1, which stems from a failure to properly handle incoming error messages in the initandparse...

6.5CVSS4AI score0.00586EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/10/04 12:0 a.m.23 views

LIEF vulnerable to denial of service through segmentation fault

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file. A patch for this issue is available at commit fde2c48986739fabd2cf9b40b9af149a89c57850...

6.5CVSS5.8AI score0.00586EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2022/10/03 1:15 p.m.14 views

CVE-2022-40922

A vulnerability in the LIEF::MachO::BinaryParser::initandparse function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

6.5CVSS0.00586EPSS
Exploits1References1
Rows per page
Query Builder