Lucene search
K

54 matches found

OSV
OSV
added 2021/06/21 5:15 p.m.2 views

CVE-2021-0520

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7CVSS5.9AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 4:15 p.m.26 views

CVE-2020-1918

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

7.5CVSS0.01218EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/03/10 4:15 p.m.46 views

CVE-2020-1918

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

7.5CVSS7.1AI score0.01218EPSS
Exploits0References3
Prion
Prion
added 2021/03/10 4:15 p.m.17 views

Memory corruption

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

5CVSS7.5AI score0.01218EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2020/05/19 8:33 p.m.178 views

USN-4364-1: Linux kernel vulnerabilities

It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2019-19060 It was discovered that the vhost net driver in the Linux kernel...

7.8CVSS7AI score0.03755EPSS
Exploits1
CNVD
CNVD
added 2020/02/25 12:0 a.m.2 views

Memory Corruption Vulnerability in HollySys HT8001 at Beijing HollySys Automation Drive Technology Co.

Beijing HOLLIS Automation Drive Technology Co., Ltd. is China's leading automation and information technology solutions provider HT8001CN configuration software is the company's HT series of touch-screen configuration screen development system, is an integrated development environment, has a very...

6.9AI score
Exploits0
OSV
OSV
added 2017/04/17 12:59 a.m.3 views

DEBIAN-CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

7.8CVSS7.6AI score0.00308EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/09 12:0 a.m.7 views

Android on Nexus Information Disclosure Vulnerability

Android on Nexus 6 and 7 is an open source operating system for the Nexus 6 and 7 smartphones based on Linux, developed by Google and the Open Handset Alliance OHA.The Linux kernel is the kernel used by the Linux Foundation's operating system Linux. Linux kernel is the kernel used by the operatin...

5.5CVSS6.6AI score0.00593EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/09/29 7:41 p.m.5 views

Kernel: mm/shmem: denial of service

A race condition flaw was found in the way the Linux kernel's mmap2, madvise2, and fallocate2 system calls interacted with each other while operating on virtual memory file system files. A local user could use this flaw to cause a denial of service...

4.7CVSS6.6AI score0.0044EPSS
Exploits0References4
Prion
Prion
added 2013/08/21 12:17 p.m.15 views

Design/Logic Flaw

The SharedMemory::Create function in memory/sharedmemoryposix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file...

5CVSS5.9AI score0.0084EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2013/08/21 10:0 a.m.25 views

CVE-2013-2905

The SharedMemory::Create function in memory/sharedmemoryposix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file...

5.2AI score0.0084EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2013/08/21 10:0 a.m.23 views

CVE-2013-2905

Removed by vendor...

5CVSS6.6AI score0.0084EPSS
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.17 views

ADODB.Stream object from Internet Explorer (KB870669)

An ADO stream object represents a file in memory. The stream object contains several methods for reading and writing binary files and text files. When this by-design functionality is combined with known security vulnerabilities in Microsoft Internet Explorer, an Internet Web site could execute...

7.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2005/04/20 5:26 p.m.6 views

security flaw

Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file...

5.1CVSS6.4AI score0.03373EPSS
Exploits0References4
Rows per page
Query Builder