Lucene search
+L

525 matches found

OSV
OSV
added 2021/05/12 3:15 p.m.9 views

AZL-36997 CVE-2020-27840 affecting package samba for versions less than 4.18.3-1

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

7.5CVSS6.8AI score0.03833EPSS
Exploits0References1
OSV
OSV
added 2021/05/12 3:15 p.m.3 views

ALPINE-CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

7.5CVSS6.6AI score0.03833EPSS
Exploits0References1
OSV
OSV
added 2021/05/12 3:15 p.m.2 views

DEBIAN-CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

7.5CVSS6.8AI score0.03833EPSS
Exploits0References1
Prion
Prion
added 2021/05/12 3:15 p.m.23 views

Out-of-bounds

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

5CVSS7.2AI score0.03833EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2021/04/14 7:15 a.m.2 views

DEBIAN-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS7.6AI score0.02025EPSS
Exploits0References1
OSV
OSV
added 2021/04/07 11:2 a.m.4 views

OESA-2021-1112 libtiff security update

This libtiff provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libti...

7.8CVSS8.2AI score0.01922EPSS
Exploits0References5
NVD
NVD
added 2021/04/07 8:15 a.m.22 views

CVE-2020-11237

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

8.4CVSS0.00202EPSS
Exploits0References1
Prion
Prion
added 2021/04/07 8:15 a.m.23 views

Design/Logic Flaw

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

7.2CVSS7.7AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2021/04/07 7:55 a.m.227 views

CVE-2020-11237

The CVE-2020-11237 entry concerns a memory crash caused by not checking the histogram definition before accessing it in Qualcomm Snapdragon components (Snapdragon Auto/Compute/Connectivity/Mobile). The issue is triggered during histogram KPI input handling and is documented as a local issue with ...

8.4CVSS7.6AI score0.00202EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/07 7:55 a.m.42 views

CVE-2020-11237

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

8.4CVSS8.4AI score0.00202EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/04/06 5:15 p.m.6 views

kernel: out-of-bounds read in libiscsi module

A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability...

7.1CVSS6.7AI score0.00957EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.4 views

Qualcomm 芯片 输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in...

8.4CVSS7.3AI score0.00202EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/04 1:44 a.m.5 views

httpd: read-after-free in h2 connection shutdown

A read-after-free vulnerability was discovered in Apache httpd, in modhttp2. A specially crafted http/2 client session could cause the server to read memory that was previously freed during connection shutdown, potentially leading to a crash...

9.1CVSS6.7AI score0.16549EPSS
Exploits0References5
OSV
OSV
added 2020/09/18 3:15 p.m.4 views

CVE-2020-9744

Adobe Media Encoder version 14.3.2 and earlier versions has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations. User interaction is required to...

7.1CVSS5.7AI score0.02244EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/09/08 10:6 a.m.5 views

php: Out of bounds read when parsing EXIF information

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure o...

6.5CVSS7.4AI score0.07624EPSS
Exploits1References4
OSV
OSV
added 2020/08/19 5:1 p.m.4 views

USN-4467-1 qemu vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

6.8CVSS6.9AI score0.02409EPSS
Exploits0References14
OSV
OSV
added 2020/07/09 2:15 p.m.3 views

DEBIAN-CVE-2018-12371

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.1, Thunderbird 60, an...

8.8CVSS8.4AI score0.01446EPSS
Exploits1References1
OSV
OSV
added 2020/06/15 6:15 p.m.4 views

ALPINE-CVE-2020-14147

An integer overflow in the getnum function in luastruct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox restrictions via a large...

7.7CVSS7.8AI score0.03085EPSS
Exploits0References1
OSV
OSV
added 2020/06/09 5:15 p.m.6 views

CVE-2020-9818

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination...

8.8CVSS7.3AI score0.02286EPSS
Exploits0References4
CVE
CVE
added 2020/05/28 2:13 p.m.128 views

CVE-2020-13649

The CVE-2020-13649 entry refers to JerryScript 2.2.0, specifically the parser/js/js-scanner.c component. The described vulnerability arises from mishandling errors during certain out-of-memory conditions, demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all ...

7.5CVSS7.5AI score0.02125EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder