Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

841 matches found

OSV
OSVadded 2023/10/11 4:15 p.m.1 views

CVE-2023-35965

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

9.8CVSS6.4AI score
Exploits0References2
Prion
Prionadded 2023/10/11 4:15 p.m.26 views

Heap overflow

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

7.5CVSS9.8AI score0.00318EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2023/10/11 4:15 p.m.25 views

Heap overflow

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

7.5CVSS9.8AI score0.00346EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/10/11 3:14 p.m.17 views

CVE-2023-35965

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

9.8CVSS9.8AI score0.00346EPSS
Exploits0References1
CVE
CVEadded 2023/10/11 3:14 p.m.60 views

CVE-2023-35967

Affected product: Yifan YF325 (v1.0_20221108). CVE-2023-35967 and CVE-2023-35968 describe two heap-based buffer overflow vulnerabilities in gwcfg_cgi_set_manage_post_data, caused by integer overflows on content-length for malloc/realloc. Triggered by specially crafted network requests, potentiall...

9.8CVSS9.8AI score0.00318EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2023/10/11 3:14 p.m.16 views

CVE-2023-35967

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

9.8CVSS10AI score0.00318EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/10/11 3:14 p.m.18 views

CVE-2023-35967

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

9.8CVSS7.5AI score0.00318EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2023/09/05 7:0 a.m.1 views

A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.

...

9.8CVSS9.3AI score0.00914EPSS
Exploits1
F5 Networks
F5 Networksadded 2023/07/13 3:54 a.m.31 views

K000135439: libtar vulnerabilities CVE-2021-33643, CVE-2021-33644, CVE-2021-33645, CVE-2021-33646

Security Advisory Description CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read. CVE-2021-33644 An attacker who submits a crafted tar file with size in...

9.1CVSS7.3AI score0.00225EPSS
Exploits0
Veracode
Veracodeadded 2023/07/10 10:17 a.m.22 views

Integer Overflow

Klibc is vulnerable to Integer Overflow. This vulnerability exists because of a segmentation fault in the malloc function, which allows an attacker to exhaust memory, causing an overflow...

9.8CVSS6.7AI score0.00889EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/07/04 12:0 a.m.36 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2023-2286)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs...

9.1CVSS6.5AI score0.00111EPSS
Exploits2References4
Tenable Nessus
Tenable Nessusadded 2023/06/08 12:0 a.m.11 views

Amazon Linux 2023 : byacc (ALAS2023-2023-204)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-204 advisory. When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free. CVE-2021-33641 When a file is...

7.8CVSS6.5AI score0.00059EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2023/05/16 8:23 a.m.3 views

libtar: out-of-bounds read in gnu_longname

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with size in header struct being 0 to trigger a calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

8.1CVSS5.7AI score0.00225EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2023/05/16 8:23 a.m.3 views

libtar: out-of-bounds read in gnu_longlink

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

9.1CVSS5.7AI score0.00225EPSS
Exploits0References5
OSV
OSVadded 2023/05/15 3:15 p.m.1 views

DEBIAN-CVE-2023-31607

An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.5AI score0.00069EPSS
Exploits1References1
OSV
OSVadded 2023/05/15 3:15 p.m.0 views

UBUNTU-CVE-2023-31607

An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS7.2AI score0.00069EPSS
Exploits1References5
OSV
OSVadded 2023/05/12 2:15 p.m.7 views

CVE-2023-31914

Jerryscript 3.0 commit 05dbbd1 was discovered to contain out-of-memory issue in malloc...

5.5CVSS7.1AI score
Exploits0References1
NVD
NVDadded 2023/05/12 2:15 p.m.11 views

CVE-2023-31914

Jerryscript 3.0 commit 05dbbd1 was discovered to contain out-of-memory issue in malloc...

5.5CVSS5.5AI score0.00056EPSS
Exploits1References1
Prion
Prionadded 2023/05/12 2:15 p.m.14 views

Design/Logic Flaw

Jerryscript 3.0 commit 05dbbd1 was discovered to contain out-of-memory issue in malloc...

1.9CVSS5.4AI score0.00056EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2023/05/12 2:15 p.m.0 views

UBUNTU-CVE-2023-31914

Jerryscript 3.0 commit 05dbbd1 was discovered to contain out-of-memory issue in malloc...

5.5CVSS5.8AI score0.00056EPSS
Exploits1References3
Rows per page
Query Builder