Lucene search
K

321 matches found

CNVD
CNVD
added 2019/07/17 12:0 a.m.3 views

moinejf abcm2ps buffer overflow vulnerability

moinejf abcm2ps is a command line program that converts music tunes from ABC notation to PostScript or SVG format. The 'getkey' function in the parse.c file and the 'delayedoutput' function in the music.c file in moinejf abcm2ps 8.13.16 and earlier versions have a Buffer Overflow Vulnerability. T...

7.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/24 12:0 a.m.43 views

Xen Project Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (XSA-297)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory reads and...

5.9CVSS6.7AI score0.01553EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/03/28 2:52 p.m.6 views

mozilla: Integer overflow in Skia

Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

6.5CVSS7.4AI score0.01192EPSS
Exploits0References4
OSV
OSV
added 2018/11/30 6:29 p.m.4 views

CVE-2018-18987

VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution...

8.8CVSS6AI score0.03199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.33 views

openSUSE Security Update : unzip (openSUSE-2018-1124)

This update for unzip fixes the following security issues : - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...

7.8CVSS7.2AI score0.30469EPSS
Exploits2References13
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/05 9:18 p.m.80 views

Security update for unzip (moderate)

This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...

6.8CVSS1.2AI score0.30469EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2018/08/14 6:49 p.m.6 views

Kernel: speculative bounds check bypass store

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an...

5.6CVSS7.4AI score0.08416EPSS
Exploits0References8
OSV
OSV
added 2018/07/09 7:29 p.m.5 views

CVE-2017-3197

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

9.8CVSS5.9AI score0.05641EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2018/05/24 12:0 a.m.224 views

SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1386-1) (Spectre)

This update for qemu fixes several issues. This security issue was fixed : - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all pri...

5.6CVSS7.3AI score0.74041EPSS
Exploits11References8
OSV
OSV
added 2018/05/22 12:29 p.m.23 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Stor...

5.5CVSS5.6AI score0.60631EPSS
Exploits2References147
OSV
OSV
added 2018/04/29 3:29 p.m.1 views

DEBIAN-CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...

7.8CVSS7.5AI score0.02034EPSS
Exploits0References1
0day.today
0day.today
added 2018/03/09 12:0 a.m.143 views

Broadcom BCM43xx Wi-Fi - BroadPWN Denial of Service Exploit

Exploit for Android platform in category dos / poc This Exploit allows arbitrary memory writes and reads. Running the specified payload within this package will write to the device's main CPU kernel, causing it to crash. More information about its origins here: http://boosterok.com/blog/broadpwn2...

7.5CVSS8.8AI score0.47537EPSS
Exploits1
OSV
OSV
added 2018/01/16 7:29 p.m.5 views

CVE-2017-16550

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls...

7.8CVSS5.9AI score0.00331EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.15 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to perform out-of-memory writes, related to the decodezbuf function in libavcodec/pngdec.c...

7.5CVSS7.9AI score0.02508EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/06/07 12:0 a.m.27 views

Debian DLA-980-1 : ming security update

It was found that ming, a library to parse and generate SWF Flash files, is susceptible to an integer overflow that would lead into out of bound memory writes via a maliciously crafted file. For Debian 7 'Wheezy', these problems have been fixed in version 1:0.4.4-1.1+deb7u3. We recommend that you...

6.5CVSS6.9AI score0.0146EPSS
Exploits1References3
CNVD
CNVD
added 2017/06/01 12:0 a.m.3 views

Google Chrome V8 JavaScript Engine Out-of-Bounds Write Vulnerability

Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. A security vulnerability exists in the V8 JavaScript Engine in Google Chrome. A remote attacker can exploit the vulnerability to cause out-of-bounds memory writes wi...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2017/04/26 12:0 a.m.6 views

Google Chrome Buffer Overflow Vulnerability (CNVD-2017-06708)

Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. An integer overflow vulnerability exists in FFmpeg in Google Chrome. A remote attacker can exploit this vulnerability to cause out-of-bounds memory writes with the...

8.8CVSS7.1AI score0.00858EPSS
Exploits0References1
CNVD
CNVD
added 2017/04/26 12:0 a.m.26 views

Google Chrome Buffer Overflow Vulnerability (CNVD-2017-06710)

Google Chrome is a fast, secure and free web browser that is well suited to meet the browser requirements of new types of websites. An integer overflow vulnerability exists in FFmpeg in Google Chrome. A remote attacker can exploit this vulnerability to cause out-of-bounds memory writes with the...

8.8CVSS7.1AI score0.00858EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.7 views

Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

8.6CVSS7.5AI score0.02067EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/01/23 12:0 a.m.49 views

SUSE SLES11 Security Update : gstreamer-0_10-plugins-good (SUSE-SU-2017:0225-1)

gstreamer-010-plugins-good was updated to fix six security issues. These security issues were fixed : - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 -...

9.8CVSS7.2AI score0.09267EPSS
Exploits4References19
Rows per page
Query Builder