Lucene search
K

577 matches found

RedhatCVE
RedhatCVE
added 2022/01/21 7:46 a.m.25 views

CVE-2021-45941

A flaw was found in libbpf. The vulnerability occurs due to incorrect handling of memory in the bpfobjectopen function and leads to a heap-buffer-overflow. This flaw allows an attacker to execute unauthorized code or commands, read memory, or modify memory...

6.5CVSS5.8AI score0.01097EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/01/21 12:0 a.m.3 views

PT-2022-15190 · Asus · Asus Vivomini/Mini Pc

Name of the Vulnerable Software and Affected Versions: ASUS VivoMini/Mini PC affected versions not specified Description: The issue is related to an improper input validation vulnerability. A local attacker with system privilege can exploit this by using system management interrupt SMI to modify...

7.8CVSS7.6AI score0.0028EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.3 views

ASUS VivoMini/Mini PC 缓冲区错误漏洞

The ASUS VivoMini/Mini PC is an ultra-thin compact mini PC from ASUS of Taiwan, China. The ASUS VivoMini/Mini PC suffers from an input validation error vulnerability that originates from a local attacker with system privileges who can modify the memory using a System Management Interrupt SMI, whi...

7.8CVSS6.2AI score0.0028EPSS
Exploits0References2
Huntr
Huntr
added 2021/12/30 5:45 a.m.9 views

in gpac/gpac

Description Null Pointer Dereference in gfutf8wcslen Proof of Concept POC is here. bt Program received signal SIGSEGV, Segmentation fault. ----------------------------------registers----------------------------------- RAX: 0x24 '$' RBX: 0x5555555e2870 -- 0x5555555e2840 -- 0x2000000020000000 '' RC...

2.3AI score
Exploits0
NVD
NVD
added 2021/09/08 2:15 p.m.20 views

CVE-2021-30741

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

7.1CVSS0.00842EPSS
Exploits0References1
Prion
Prion
added 2021/09/08 2:15 p.m.19 views

Design/Logic Flaw

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

5.8CVSS6.3AI score0.00842EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.5 views

Apple iPadOS 资源管理错误漏洞

iOS is a mobile operating system developed by Apple. iPadOS is a family of mobile operating systems developed by Apple based on iOS. Apple iPadOS and iPadOS versions prior to 14.6 have a post-release reuse vulnerability that stems from a post-release use when handling email messages in the Mail...

7.1CVSS6.8AI score0.00842EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2021/05/03 12:0 a.m.1 views

VulnCheck KEV: CVE-2021-28664

Arm Mali Graphics Processing Unit GPU kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes...

9CVSS7.3AI score0.05464EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/15 12:0 a.m.4 views

Mcafee Data Loss Prevention Endpoint 安全漏洞

Mcafee Data Loss Prevention Endpoint DLPe is an integrated endpoint data protection solution from Mcafee. The solution prevents theft and accidental disclosure of confidential data and provides security policies for file handling and transfer, shared endpoint data flow control, and data encryptio...

5.5CVSS5.7AI score0.00217EPSS
Exploits0References4
CNVD
CNVD
added 2021/03/25 12:0 a.m.9 views

Cisco IOS XE Local Elevation of Privilege Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A local elevation of privilege vulnerability exists in one of the diagnostic test CLI commands for Cisco IOS XE. The vulnerability stems from the fact that the affected software...

7.2CVSS7.3AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2021/03/24 8:15 p.m.21 views

CVE-2021-1390

A vulnerability in one of the diagnostic test CLI commands of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker would need to have valid user credentials at privilege level 15. This...

7.2CVSS0.00328EPSS
Exploits0References1
Cisco
Cisco
added 2021/03/24 4:0 p.m.58 views

Cisco IOS XE Software Local Privilege Escalation Vulnerability

A vulnerability in one of the diagnostic test CLI commands of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker would need to have valid user credentials at privilege level 15. This...

5.1CVSS6.3AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.5 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A local elevation of privilege vulnerability exists in one of the diagnostic test CLI commands for Cisco IOS XE. The vulnerability stems from the fact that the affected software...

7.2CVSS7.2AI score0.00328EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/02/11 12:0 a.m.5 views

The vulnerability of the g_bytes_new function in the gbytes.c component of the Glib library allows a hacker to modify the contents of dynamic memory.

The vulnerability of the gbytesnew function in the gbytes.c component of the Glib library arises from a numerical overflow due to an implicit conversion of the gsize type variable to the guint type. Exploiting this vulnerability could allow an attacker to modify dynamic memory contents by using a...

7.8CVSS7.2AI score0.02993EPSS
Exploits1References13Affected Software5
Cloud Foundry
Cloud Foundry
added 2021/02/10 12:0 a.m.51 views

USN-4680-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service syste...

8.2CVSS7.9AI score0.06692EPSS
Exploits10Affected Software1
OSV
OSV
added 2020/10/22 9:15 p.m.24 views

CVE-2020-27674

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique...

5.3CVSS6.7AI score
Exploits0References7
NVD
NVD
added 2020/10/09 1:15 p.m.18 views

CVE-2020-9105

Taurus-AN00B versions earlier than 10.1.0.156C00E155R7P2 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploi...

6.7CVSS0.00239EPSS
Exploits0References1
Prion
Prion
added 2020/10/09 1:15 p.m.24 views

Input validation

Taurus-AN00B versions earlier than 10.1.0.156C00E155R7P2 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploi...

4.6CVSS6.4AI score0.00239EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/09 12:30 p.m.66 views

CVE-2020-9105

CVE-2020-9105 affects Huawei Taurus-AN00B devices with firmware older than 10.1.0.156 (C00E155R7P2). The root cause is insufficient input validation, allowing a local attacker to perform a sequence of operations that can access and modify device memory, potentially causing service abnormality. Co...

6.7CVSS6.4AI score0.00239EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/09 12:30 p.m.23 views

CVE-2020-9105

Taurus-AN00B versions earlier than 10.1.0.156C00E155R7P2 have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploi...

6.4AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder