Lucene search
K

430 matches found

bdu_fstec
bdu_fstec
added 2019/06/14 12:0 a.m.5 views

The vulnerability of the HostScan component of the Cisco AnyConnect Secure Mobility Client software for secure mobile connectivity applications, which runs on Linux operating systems, allows a hacker to disclose protected information.

The vulnerability of the HostScan component of the Cisco AnyConnect Secure Mobility Client software for Linux operating systems relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information through specially...

4.8CVSS5.7AI score0.01563EPSS
Exploits0References5
nvd
nvd
added 2019/05/24 5:29 p.m.17 views

CVE-2018-13885

Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD...

5.5CVSS5.7AI score0.00204EPSS
Exploits0References1
cvelist
cvelist
added 2019/05/24 4:44 p.m.22 views

CVE-2018-13885

Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD...

5.7AI score0.00204EPSS
Exploits0References1
cve
cve
added 2019/05/24 4:44 p.m.88 views

CVE-2018-13885

CVE-2018-13885 describes a memory overread in Qualcomm Snapdragon components (e.g., Snapdragon Auto/Compute/IoT, mobile, wearables) that could allow access to sensitive data. The issue is documented across multiple sources (NVD, Red Hat, CVE list, PRION) with consistent wording: a memory overread...

5.5CVSS5.7AI score0.00204EPSS
Exploits0References1Affected Software1
bdu_fstec
bdu_fstec
added 2019/05/07 12:0 a.m.5 views

(Vulnerability) The vulnerability of the binary system for storing service information via systemd-journald arises from operations that go beyond the buffer in memory. This allows an attacker to trigger a service failure or execute code with journald privileges.

The vulnerabilities of the binary system for storing service information, systemd-journald and systemd-journal-remote, are due to operations that go beyond the buffer boundaries in memory. Exploiting these vulnerabilities can allow an attacker to cause a service failure or execute code with...

7.8CVSS7.3AI score0.02958EPSS
Exploits2References4Affected Software4
bdu_fstec
bdu_fstec
added 2018/12/18 12:0 a.m.7 views

The vulnerability of the multimedia library libvorbis, related to the escape from memory buffer reading, allows attackers to cause service failures or compromise data confidentiality and integrity.

The vulnerability of the multimedia library libvorbis is related to an error that causes reading beyond the allocated buffer memory space. Exploiting this vulnerability can allow a malicious actor to cause service failures or compromise data confidentiality and integrity through the use of...

8.8CVSS7.2AI score0.12054EPSS
Exploits0References4Affected Software2
bdu_fstec
bdu_fstec
added 2018/12/10 12:0 a.m.11 views

The vulnerability of the do_core_note function in the console command “file” allows a perpetrator to trigger a service failure.

The vulnerability of the docorenote function in the console command file is related to an error that causes reading beyond the allocated memory buffer. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially crafted ELF format file...

7.1CVSS6.3AI score0.0341EPSS
Exploits0References10Affected Software5
osv
osv
added 2018/10/29 12:29 p.m.3 views

UBUNTU-CVE-2018-18765

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mgmqttnextsubscribetopic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...

9.1CVSS7.6AI score0.01835EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2018/10/11 12:0 a.m.6 views

Vulnerability of the `rfc_process_mx_message` function in the Android operating system, allowing a hacker to disclose protected information

The vulnerability of the rfcprocessmxmessage function in the rfctsframes.cc library of the Android operating system arises from reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by thi...

7.8CVSS5.7AI score0.02625EPSS
Exploits0References2Affected Software1
osv
osv
added 2018/09/23 6:29 p.m.3 views

UBUNTU-CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

5.5CVSS6.8AI score0.01341EPSS
Exploits1References4
osv
osv
added 2018/07/24 4:29 p.m.11 views

UBUNTU-CVE-2018-14587

An issue has been discovered in Bento4 1.5.1-624. AP4MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read...

8.8CVSS7.5AI score0.0148EPSS
Exploits1References3
nvd
nvd
added 2018/04/18 2:29 p.m.20 views

CVE-2015-9193

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...

7.5CVSS7.8AI score0.00889EPSS
Exploits0References2
prion
prion
added 2018/04/18 2:29 p.m.21 views

Input validation

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...

5CVSS8AI score0.00889EPSS
Exploits0References2
prion
prion
added 2018/04/18 2:29 p.m.24 views

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820...

5CVSS8.1AI score0.00887EPSS
Exploits0References2
cvelist
cvelist
added 2018/04/18 2:0 p.m.26 views

CVE-2015-9210

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...

9.6AI score0.01252EPSS
Exploits0References2
cvelist
cvelist
added 2018/04/18 2:0 p.m.23 views

CVE-2015-9193

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, ...

7.9AI score0.00889EPSS
Exploits0References2
cve
cve
added 2018/04/18 2:0 p.m.72 views

CVE-2014-9986

CVE-2014-9986 concerns Android devices with Qualcomm components (e.g., Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MSM8909W, SD系列) where in playready_licacq_process_response(), the length of the cbResponse is not validated and is controlled by the HLOS. If cbResponse is too large, a...

7.5CVSS7.8AI score0.00887EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2018/03/23 9:29 p.m.3 views

CVE-2018-8960

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read...

8.8CVSS5.7AI score0.04486EPSS
Exploits1References6
bdu_fstec
bdu_fstec
added 2017/04/24 12:0 a.m.8 views

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the ActionScript2 parser in the Flash Player software arises from reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code memory corruption remotely...

10CVSS8.4AI score0.0763EPSS
Exploits0References4Affected Software1
osv
osv
added 2017/04/03 8:59 p.m.1 views

ALPINE-CVE-2017-7407

The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a...

2.4CVSS6.7AI score0.00581EPSS
Exploits0References1
Rows per page
Query Builder