Lucene search
+L

56 matches found

BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.5 views

The vulnerability of the USACBitstreamReader function in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS allows attackers to disclose protected information.

The vulnerability of the USACBitstreamReader function in operating systems such as Mac OS, tvOS, iOS, iPadOS, and watchOS is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6.8AI score0.00864EPSS
Exploits0References8Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.6 views

The vulnerability of Adobe Audition for Windows and macOS, related to the swapping of the zero pointer, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS relates to the assignment of the zero pointer. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.01685EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/11/10 12:0 a.m.5 views

Corel Parallels Desktop 安全漏洞

Corel Parallels Desktop is a suite of virtual machine software for the macOS platform from Corel Canada. A security vulnerability exists in Corel Parallels Desktop version 16.5.0, which originates from the creation of symbolic links that can be abused by an attacker to execute files through the...

7.8CVSS7.5AI score0.0027EPSS
Exploits0References6
OSV
OSV
added 2021/09/08 3:15 p.m.0 views

CVE-2021-1813

A validation issue was addressed with improved logic. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges...

7.8CVSS5.8AI score0.01106EPSS
Exploits0References6
OSV
OSV
added 2019/12/18 6:15 p.m.3 views

CVE-2019-8574

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges...

7.8CVSS7.4AI score0.01374EPSS
Exploits0References4
CNVD
CNVD
added 2019/06/13 12:0 a.m.22 views

Microsoft Edge Chakra Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2019-24839)

Microsoft Edge is Microsoft's new browser, migrating from the EdgeHTML kernel to the Chromium kernel, and will also be coming to Windows 7/8/8.1 and macOS platforms. A remote memory corruption vulnerability exists in Microsoft Edge Chakra Scripting Engine, which can be exploited by an attacker to...

7.6CVSS7.2AI score0.02474EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/16 12:0 a.m.5 views

Shimo VPN Denial of Service Vulnerability

Shimo VPN is a VPN Virtual Private Network software based on macOS platform. A denial of service vulnerability exists in the deleteConfig function of the Assistant service in Shimo VPN version 4.1.5.1. The vulnerability stems from a network system or product that does not properly validate incomi...

9CVSS6.7AI score0.00386EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/10 12:0 a.m.3 views

MacPaw CleanMyMac X Input Validation Vulnerability (CNVD-2019-23279)

MacPaw CleanMyMac X is a cleaning tool dedicated to the macOS platform. The product is capable of removing junk files, history cache, logs, etc. from your computer. An input validation vulnerability exists in the MacPaw CleanMyMac X version 4.04 helper service, which can be exploited by a local...

7.1CVSS6.6AI score0.00309EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/01/26 10:2 p.m.4 views

chromium-browser: address spoofing in omnibox

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name...

6.5CVSS7.4AI score0.01337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/12/07 7:8 p.m.6 views

chromium-browser: address spoofing in omnibox

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

6.5CVSS7.4AI score0.0123EPSS
Exploits0References5
OSV
OSV
added 2016/09/11 10:59 a.m.5 views

UBUNTU-CVE-2016-5149

The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a...

8.8CVSS7.3AI score0.01347EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/04/08 12:55 p.m.7 views

flash-plugin: multiple code execution issues fixed in APSB16-10

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors...

8.1CVSS5.8AI score0.04772EPSS
Exploits0References6
OSV
OSV
added 2016/03/12 3:59 p.m.1 views

CVE-2016-0995

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execu...

8.8CVSS6.1AI score0.0642EPSS
Exploits0References8
OSV
OSV
added 2016/02/10 8:59 p.m.2 views

CVE-2016-0972

Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial o...

8.8CVSS6.1AI score0.03783EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2010/01/13 4:3 p.m.5 views

acroread: media.newplayer JavaScript API code execution vulnerability (APSB10-02)

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...

9.3CVSS7.6AI score0.81933EPSS
Exploits21References5
securityvulns
securityvulns
added 2004/11/24 12:0 a.m.27 views

Broadcast memory corruption in Soldier of Fortune II 1.03

Luigi Auriemma Application: Soldier of Fortune II http://sof2.ravensoft.com Versions: = 1.03 gold Platforms: Windows, Linux and MacOS Bug: memory corruption Exploitation: remote, versus server and clients broadcast Date: 23 November 2004 Author: Luigi Auriemma e-mail: [email protected] web:...

2.1AI score
Exploits0
Rows per page
Query Builder