Lucene search
K

297 matches found

CVE
CVE
added 2025/03/28 5:34 a.m.59 views

CVE-2025-2027

The CVE-2025-2027 entry describes a double-free vulnerability in the ASUS System Analysis service triggered by specially crafted local RPC requests, potentially causing a service crash and, in rare cases, memory manipulation. Affected component is the local RPC handling within the ASUS System Ana...

5.9CVSS6.5AI score0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.6 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface from Asus China. A security vulnerability exists in ASUS System Control Interface that originates from a double release triggered when sending a specially crafted local RPC request, which could lead to a service crash and memory...

5.9CVSS6.4AI score0.00159EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/10 1:19 p.m.4 views

kernel: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices

A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code...

7.8CVSS7.2AI score0.03558EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/03/07 12:47 p.m.5 views

CVE-2024-12650

An attacker with low privileges can manipulate the requested memory size, causing the application to use an invalid memory area. This could lead to a crash of the application but it does not affected other applications...

5.4CVSS7AI score0.00273EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 11:46 a.m.49 views

CVE-2024-12650

CVE-2024-12650 affects WAGO libwagosnmp. A low-privilege attacker can manipulate the requested memory size, causing the application to access an invalid memory area and potentially crash the affected application only; other applications are not affected. The provided documents do not specify expl...

5.4CVSS7AI score0.00273EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.6 views

The vulnerability of the Linux operating system’s kernel tracing component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel tracing component is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.9AI score0.00255EPSS
Exploits0References43Affected Software6
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.15 views

Google Chrome Security Update (stable-channel-update-for-desktop-2025-01) - Mac OS X

Google Chrome is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS8.4AI score0.07435EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.11 views

Google Chrome Security Update (stable-channel-update-for-desktop-2025-01) - Linux

Google Chrome is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS8.4AI score0.07435EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/01/08 12:0 a.m.14 views

Google Chrome Security Update (stable-channel-update-for-desktop-2025-01) - Windows

Google Chrome is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS8.4AI score0.07435EPSS
Exploits1References1
NVD
NVD
added 2024/12/10 9:15 p.m.19 views

CVE-2024-52990

Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite 'Buffer Underflow' vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulate memory in such a way that they could execu...

7.8CVSS0.00415EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/12/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-53197

Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate system memory, escalate privileges, or execute arbitrary code...

7.8CVSS7.3AI score0.03558EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/11/24 7:20 a.m.564 views

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

cve-2024-21762-poc CVE-2024-21762 is a critical vulnerability...

9.8CVSS8.1AI score0.83428EPSS
Exploits12
Cvelist
Cvelist
added 2024/11/22 3:31 p.m.40 views

CVE-2024-50396 QTS, QuTS hero

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...

7.7CVSS0.00638EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.10 views

Fortinet Fortigate Debug commands allow memory manipulation (FG-IR-21-091)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-091 advisory. - A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute...

6.6CVSS6.3AI score0.0025EPSS
Exploits0References2
Veracode
Veracode
added 2024/10/15 10:23 a.m.8 views

Consensus Attack

github.com/ethereum/go-ethereum is vulnerable to a Consensus Attack. The vulnerability is due to Geth's pre-compiled dataCopy contract performing a shallow copy on invocation, which allows an attacker to manipulate Ethereum Virtual Machine EVM memory and cause a consensus mismatch between nodes...

7.1CVSS6.6AI score0.01081EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2024/09/25 11:47 a.m.16 views

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence AI tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of...

6.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/09/17 9:30 p.m.17 views

Use After Free in MicroPython

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

8.1CVSS7.1AI score0.01029EPSS
Exploits1References11Affected Software2
Cvelist
Cvelist
added 2024/09/17 6:31 p.m.35 views

CVE-2024-8947 MicroPython objarray.c use after free

A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...

6.3CVSS0.01029EPSS
Exploits1References7
0day.today
0day.today
added 2024/09/04 12:0 a.m.318 views

Linux Kernel 5.6.13 Use-After-Free Exploit

Proof of concept exploit that uses a use-after-free vulnerability due to a race condition in MIDI devices in Linux Kernel version 5.6.13. // gcc -o exploit exploit.c -masm=intel -static -s -lpthread define GNUSOURCE include include include include include include include include include include...

7.8CVSS7AI score0.00312EPSS
Exploits2
NVD
NVD
added 2024/06/13 6:15 p.m.25 views

CVE-2024-37022

Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code...

8.5CVSS0.00332EPSS
Exploits0References1
Rows per page
Query Builder