Lucene search
K

68 matches found

CNNVD
CNNVD
added 2022/04/14 12:0 a.m.3 views

Ruby 资源管理错误漏洞

Ruby is a cross-platform, object-oriented, dynamically-typed programming language from the individual developer, Yukihiro Matsumoto. A resource management error vulnerability exists in Ruby. The vulnerability allows an attacker to write to unexpected memory locations using specially crafted regul...

9.8CVSS7.2AI score0.02744EPSS
Exploits0References16
OSV
OSV
added 2021/12/20 11:53 a.m.6 views

SUSE-SU-2021:4120-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. bsc1190487 - CVE-2021-4011: The handlers for the...

7.8CVSS7.6AI score0.00571EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/11 10:29 a.m.3 views

freerdp: improper client input validation for gateway connections allows to overwrite memory

A flaw was found in the FreeRDP client when it fails to validate input data when using gateway connections. This flaw could allow a malicious gateway to send a specially crafted input to a client leading to an out of bounds write in client memory. The highest threat from this flaw is that it coul...

8.8CVSS7.4AI score0.01346EPSS
Exploits0References4
OSV
OSV
added 2021/10/21 7:15 p.m.23 views

CVE-2021-41159

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections /gt:rpc fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue h...

8.8CVSS6.7AI score
Exploits0References3
CNVD
CNVD
added 2021/04/02 12:0 a.m.7 views

Huawei P30 Memory Write Overrun Vulnerability

Huawei P30 is a smartphone from Chinese company Huawei Huawei. Huawei P30 suffers from a memory write out-of-bounds vulnerability. The vulnerability is due to insufficient validation of incoming parameters, a write out-of-bounds occurs in one of the system's protocols when processing a request...

6.5CVSS6.7AI score0.00272EPSS
Exploits0References1
Huawei
Huawei
added 2021/03/31 12:0 a.m.39 views

Security Advisory - Arbitrary Memory Write Vulnerability in Huawei Smart Phone

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Vulnerability ID: HWPSIRT-2020-04031 This vulnerability has been assigned a Common...

6.5CVSS6.5AI score0.00534EPSS
Exploits0Affected Software1
Prion
Prion
added 2019/04/08 4:29 p.m.17 views

Remote code execution

An arbitrary memory write vulnerability exists in the dualonsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers...

7.5CVSS8.2AI score0.03465EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/04/08 4:29 p.m.19 views

CVE-2014-5435

An arbitrary memory write vulnerability exists in the dualonsrv.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, that could lead to possible remote code execution or denial of service. Honeywell strongly encourages and recommends all customers...

9.8CVSS9.8AI score0.03465EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/29 12:0 a.m.14 views

EDK2 Memory Write Vulnerability

EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A security vulnerability exists in EDK2's SMM service that stems from the program's failure to adequately perform memory write checks. A local attacker could exploit the vulnerability to elevate...

6.7CVSS6.4AI score0.00412EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/08 12:0 a.m.5 views

Cisco 807, 809, and 829 Industrial Integrated Services Router Arbitrary Memory Write Vulnerability

The Cisco 807, 809, and 829 Industrial Integrated Services Routers are router products from Cisco, Inc.IOS Software is a set of operating systems developed by Cisco for its network devices that run on them. An arbitrary memory write vulnerability exists in the test subsystem embedded in the IOS...

7.2CVSS6.5AI score0.00327EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/08 12:0 a.m.3 views

Cisco 807, 809, and 829 Industrial Integrated Services Router IOS Software Arbitrary Memory Write Vulnerability

The Cisco 807, 809, and 829 Industrial Integrated Services Router are all Cisco router products.IOS Software is the set of operating systems that run on them that Cisco has developed for its network devices. An arbitrary memory write vulnerability exists in the embedded test subsystem in the IOS...

7.2CVSS6.5AI score0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/10/05 2:0 p.m.13 views

CVE-2018-15375 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities

A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the...

7AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2018/04/29 3:29 p.m.21 views

CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...

7.8CVSS7.4AI score0.02034EPSS
Exploits0References10
OSV
OSV
added 2018/04/03 3:18 p.m.10 views

SUSE-SU-2018:0863-1 Security update for clamav

This update for clamav fixes the following issues: Security issues fixed: - CVE-2012-6706: VMSFDELTA filter inside the unrar implementation allows an arbitrary memory write bsc1045315. - CVE-2017-6419: A heap-based buffer overflow that can lead to a denial of service in libmspack via a crafted CH...

10CVSS8.1AI score0.10027EPSS
Exploits4References11
Debian
Debian
added 2018/03/26 11:5 p.m.42 views

[SECURITY] [DLA 1319-1] firefox-esr security update

Package : firefox-esr Version : 52.7.2esr-1deb7u1 CVE ID : CVE-2018-5146 CVE-2018-5147 Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code. For Debian 7 "Wheezy", these problems have been...

9.8CVSS9.2AI score0.12054EPSS
Exploits0
CNVD
CNVD
added 2018/03/22 12:0 a.m.6 views

NCR S1 Dispenser controller authentication vulnerability

CR S1 Dispenser controller is a dispenser control board product from NCR Corporation. A security vulnerability exists in the memory write mechanism in the NCR S1 Dispenser controller using firmware version 0x0108. An attacker can exploit this vulnerability to upgrade or downgrade the device...

7.8CVSS6.9AI score0.01167EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/22 12:0 a.m.8 views

NCR S2 Dispenser controller authentication vulnerability

NCR S2 Dispenser controller is a dispenser control board product from NCR Corporation. A security vulnerability exists in the memory write mechanism in the NCR S2 Dispenser controller using firmware version 0x0108. An attacker could exploit this vulnerability to upgrade or downgrade the device...

7.8CVSS6.9AI score0.01246EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.25 views

Debian DSA-4141-1 : libvorbisidec - security update

Huzaifa Sidhpurwala discovered that an out-of-bounds memory write in the codebook parsing code of the Libtremor multimedia library could result in the execution of arbitrary code if a malformed Vorbis file is opened. C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS8.8AI score0.02471EPSS
Exploits0References6
CNVD
CNVD
added 2018/02/14 12:0 a.m.5 views

Multiple Adobe Products JavaScript API Out-of-Bounds Memory Write Vulnerability

Adobe Acrobat DC for Windows and Macintosh and so on are the United States of America Odobie Adobe company based on Windows and Macintosh platform products.Adobe Acrobat DC for Windows and Macintosh is a desktop version of the PDF solution; Acrobat Reader DC for Windows and Macintosh is a set of...

8.8CVSS7.4AI score0.15326EPSS
Exploits0References1
CVE
CVE
added 2018/01/18 6:0 a.m.53 views

CVE-2018-0088

The CVE-2018-0088 issue affects Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software. It stems from a diagnostic test CLI command that allows writing to device memory, enabling an authenticated local attacker (privilege level 15) to cause arbitrary code execution or a denial ...

7.2CVSS7.2AI score0.0039EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder