Lucene search
K

36 matches found

CNNVD
CNNVD
added 2022/08/11 12:0 a.m.7 views

SAMSUNG mTower 安全漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower version 0.3.0 and prior versions, which stems from a TEEMalloc that allows a trusted application to over-allocate memory by using large len values...

7.5CVSS7.3AI score0.00879EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/01/27 2:8 p.m.5 views

OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allow...

5.3CVSS7.4AI score0.03486EPSS
Exploits0References4
OSV
OSV
added 2021/08/27 7:15 p.m.5 views

ALPINE-CVE-2021-28700

xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...

4.9CVSS6.9AI score0.0187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/08/27 7:15 p.m.2 views

CVE-2021-28700

xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...

6.8CVSS5.4AI score0.0187EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2021/08/27 7:15 p.m.4 views

UBUNTU-CVE-2021-28700

xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. Unfortunately, the memory limit from them is not set. This allow a domain to allocate memory beyond what an administrator originally configured...

4.9CVSS5.8AI score0.0187EPSS
Exploits0References3
OSV
OSV
added 2021/08/25 8:55 p.m.7 views

GHSA-773Q-5334-5GF9 Memory over-allocation in evm-core

Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85...

7AI score
Exploits0References3
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.2 views

Apache Commons Compress 安全漏洞

Apache Commons Compress is a library for processing compressed files from the Apache USA Foundation. A security vulnerability exists in Apache Commons Compress that stems from the fact that when reading specially designed TAR archives, Compress can allocate a large amount of memory, resulting in ...

7.5CVSS6.5AI score0.10614EPSS
Exploits0References50
NVD
NVD
added 2021/05/12 6:15 p.m.26 views

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

6.5CVSS0.0128EPSS
Exploits0References3
OSV
OSV
added 2021/05/12 6:15 p.m.14 views

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

6.5CVSS7AI score
Exploits0References3
Cvelist
Cvelist
added 2021/05/12 5:15 p.m.26 views

CVE-2021-29511 Memory over-allocation in evm crate

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

6.5CVSS6.6AI score0.0128EPSS
Exploits0References3
CVE
CVE
added 2021/05/12 5:15 p.m.66 views

CVE-2021-29511

CVE-2021-29511 affects the Rust EVM implementation (evm crate). Before the patch in commit 19ade85, certain memory-opcodes using memory::copy_large could cause memory over-allocation, enabling a denial-of-service. Remediation: upgrade evm to >=0.26.1, or to specific newer releases (0.21.1, 0.2...

6.5CVSS6.4AI score0.0128EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/05/12 12:0 a.m.6 views

PT-2021-18262 · Evm · Evm

Name of the Vulnerable Software and Affected Versions: evm versions prior to 0.21.1 evm versions prior to 0.23.1 evm versions prior to 0.24.1 evm versions prior to 0.25.1 evm versions prior to 0.26.1 Description: The issue is related to the execution of specific EVM opcodes that use evm...

6.5CVSS6.3AI score0.0128EPSS
Exploits0References6
OSV
OSV
added 2021/05/11 12:0 p.m.14 views

RUSTSEC-2021-0066 Denial of service on EVM execution due to memory over-allocation

Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85...

7AI score
Exploits0References3
CNVD
CNVD
added 2021/01/19 12:0 a.m.8 views

Unspecified Vulnerability in Open Design Alliance Drawings SDK

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

7.8CVSS6.6AI score0.02286EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/12/05 3:22 p.m.4 views

OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS7.4AI score0.03467EPSS
Exploits0References4
OSV
OSV
added 2019/02/24 12:29 a.m.3 views

UBUNTU-CVE-2019-9072

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setupgroup in elf.c...

5.5CVSS5.8AI score0.01159EPSS
Exploits1References2
Rows per page
Query Builder