Lucene search
K

72 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.2 views

SUSE CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

10CVSS7.9AI score0.06392EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2023/01/12 9:28 a.m.4 views

expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions...

7.5CVSS6.7AI score0.02241EPSS
Exploits1References5
OSV
OSV
added 2022/12/22 8:15 p.m.10 views

CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5,...

9.8CVSS9AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/11/23 12:0 a.m.34 views

Oracle Linux 8 : thunderbird (ELSA-2022-8547)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-8547 advisory. 102.5.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.5.0-2 - Update to 102.5.0 build2 102.5.0-1 -...

9.8CVSS7.4AI score0.01061EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2022/11/21 4:21 p.m.6 views

Mozilla: Use-after-free of a JavaScript Realm

The Mozilla Foundation Security Advisory describes this flaw as: If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash...

9.8CVSS7.2AI score0.01061EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/11/16 12:0 a.m.36 views

CVE-2022-45406

If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a BaseShape. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5,...

9.8CVSS7.1AI score0.01061EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.4 views

PT-2022-11229

Name of the Vulnerable Software and Affected Versions AMQ Broker affected versions not specified Description A flaw in AMQ Broker can cause a partial interruption to its availability via an Out of memory OOM condition. This issue allows an attacker to partially disrupt the broker's availability...

5.3CVSS5.5AI score0.02499EPSS
Exploits0References15
Cvelist
Cvelist
added 2022/04/01 10:17 p.m.36 views

CVE-2022-26417 Rockwell Automation Studio 5000 Logix Designer Use After Free

Omron CX-Position versions 2.5.3 and prior is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code...

7.8CVSS8.1AI score0.01409EPSS
Exploits0References2
Prion
Prion
added 2022/03/11 11:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Softing OPC UA C++ SDK before 5.70. An invalid XML element in the type dictionary makes the OPC/UA client crash due to an out-of-memory condition...

4CVSS6.4AI score0.00797EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2021/04/22 8:15 p.m.37 views

CVE-2021-0257

On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs Modular Port Concentrators where Integrated Routing and Bridging IRB interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge CE devices may cause memo...

6.5CVSS0.00404EPSS
Exploits0References1
NVD
NVD
added 2020/10/29 4:15 p.m.35 views

CVE-2020-5933

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger a...

7.8CVSS7.6AI score0.0105EPSS
Exploits0References1
Prion
Prion
added 2020/03/11 3:15 p.m.18 views

Memory corruption

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service...

5CVSS6.2AI score0.01578EPSS
Exploits0References2Affected Software6
Cvelist
Cvelist
added 2020/03/11 2:27 p.m.24 views

CVE-2019-9097

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service...

7.5CVSS5.3AI score0.01578EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/11/07 4:1 a.m.40 views

CVE-2019-10125

A flaw was found in the Linux kernel's aiopoll function. Due to incorrect logic, this flaw can create a use-after-free memory condition where an attacker could submit malicious input to possibly execute arbitrary code resulting in privilege escalation...

10CVSS9.2AI score0.05258EPSS
Exploits1References3
Prion
Prion
added 2019/10/02 4:15 p.m.14 views

Memory corruption

An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn't handled properly, resulting in arbitrary code execution. An attacker needs ...

6.8CVSS8.9AI score0.0604EPSS
Exploits1References1Affected Software2
RedhatCVE
RedhatCVE
added 2019/08/26 10:21 a.m.30 views

CVE-2019-15215

A use-after-free vulnerability was found in the Linux kernel's cpia2usb driver. An attacker must have physical access to the system to utilize a malicious USB device to trigger the disconnect functionality which is required to trigger this flaw. A local account is also required to take advantage ...

4.9CVSS0.00762EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2018/12/13 12:0 a.m.42 views

Microsoft Windows JScript Array concat Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows JScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS4.2AI score0.09906EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/08/18 6:0 p.m.21 views

CVE-2014-9972

In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition...

9AI score0.00964EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/12/08 12:0 a.m.30 views

xen-tools -- libxl leak of pv kernel and initrd on error

The Xen Project reports: When constructing a guest which is configured to use a PV bootloader which runs as a userspace process in the toolstack domain e.g. pygrub libxl creates a mapping of the files to be used as kernel and initial ramdisk when building the guest domain. However if building the...

7.8CVSS8.3AI score0.02043EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/29 12:0 a.m.43 views

CentOS 5 : xen (CESA-2012:1130)

Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

2.7CVSS7.4AI score0.00923EPSS
Exploits0References2
Rows per page
Query Builder