Lucene search
+L

85 matches found

Prion
Prion
added 2021/02/18 4:15 a.m.25 views

Information disclosure

An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...

7.5CVSS9.4AI score0.01448EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/02/18 3:35 a.m.38 views

CVE-2021-27376

An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...

9.7AI score0.01448EPSS
Exploits1References1
CVE
CVE
added 2021/02/18 3:35 a.m.102 views

CVE-2021-27376

CVE-2021-27376 affects the Rust crate nb-connect , file/socket handling. The issue arises from a direct cast of std::net::SocketAddrV4 and SocketAddrV6, relying on the wrong assumption about memory layout, which can lead to invalid memory access. The Red Hat and GHSA/RustSec entries confirm the r...

9.8CVSS9.3AI score0.01448EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/02/17 12:0 a.m.8 views

Rust nb-connect buffer error vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust nb-connect. The vulnerability stems from a forced data type conversion using std::net::SocketAddrV4 and std::net::SocketAddrV6 in some versions of the standard library,...

9.8CVSS7.3AI score0.01448EPSS
Exploits1References2
OSV
OSV
added 2021/02/14 12:0 p.m.45 views

RUSTSEC-2021-0021 `nb-connect` invalidly assumes the memory layout of std::net::SocketAddr

The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...

9.8CVSS9.4AI score0.01448EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2020/10/20 2:21 p.m.6 views

nb-allstar.com Cross Site Scripting vulnerability OBB-1429258

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/10/10 12:33 p.m.4 views

nb-md.com.cn Cross Site Scripting vulnerability OBB-1395630

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/08/07 10:57 p.m.87 views

Black Hat 2019: 5G Security Flaw Allows MiTM, Targeted Attacks

LAS VEGAS — 5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, and smart sensor networks where the nodes have 10-year battery lives. To go along with these possibilities are new security requirements; notably, improvements in device...

0.4AI score
Exploits0References6
Openbugbounty
Openbugbounty
added 2018/12/03 1:13 p.m.9 views

nb-radiotreff.de XSS vulnerability

Open Bug Bounty ID: OBB-706451 Description| Value ---|--- Affected Website:| nb-radiotreff.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/09/18 3:8 p.m.7 views

nb-blizzards.de XSS vulnerability

Open Bug Bounty ID: OBB-677763 Description| Value ---|--- Affected Website:| nb-blizzards.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
CNVD
CNVD
added 2018/01/15 12:0 a.m.6 views

Dotclear admin/users.php file cross-site scripting vulnerability

Dotclear is a software developer Olivier Meunier developed a free PHP and MySQL-based blog Blog publishing software. A cross-site scripting vulnerability exists in the admin/users.php file in Dotclear version 2.12.1. A remote attacker can exploit this vulnerability by injecting arbitrary web scri...

5.4CVSS6.1AI score0.00904EPSS
Exploits0References1
NVD
NVD
added 2018/01/14 4:29 a.m.27 views

CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.4CVSS5.1AI score0.00904EPSS
Exploits0References2
Prion
Prion
added 2018/01/14 4:29 a.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

3.5CVSS5AI score0.00904EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/01/14 4:0 a.m.28 views

CVE-2018-5690

Cross-site scripting XSS vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter aka the page limit number...

5.1AI score0.00904EPSS
Exploits0References2
CVE
CVE
added 2018/01/14 4:0 a.m.51 views

CVE-2018-5690

CVE-2018-5690 is an XSS vulnerability in Dotclear 2.12.1 affecting the admin/users.php page. The issue occurs when processing the nb parameter (page limit number), allowing remote authenticated users to inject arbitrary web script or HTML. The affected component is the admin interface (users mana...

5.4CVSS5AI score0.00904EPSS
Exploits0References2Affected Software1
Mageia
Mageia
added 2017/08/13 1:17 p.m.45 views

Updated kernel-tmb packages fixes security and other bugs

This kernel-tmb update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS0.9AI score0.03763EPSS
Exploits0References6
Mageia
Mageia
added 2017/07/30 6:27 p.m.54 views

Updated kernel packages fixes security and other bugs

This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

7.8CVSS1AI score0.03763EPSS
Exploits0References6
Openbugbounty
Openbugbounty
added 2016/12/06 10:28 p.m.8 views

search.mlb.nb.ca XSS vulnerability

Vulnerable URL:...

6.3AI score
Exploits0
OSV
OSV
added 2013/12/07 9:55 p.m.5 views

DEBIAN-CVE-2013-0856

The lpcprediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec ALAC data, related to a large nbsamples value...

9.3CVSS6.9AI score0.02115EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/05/29 11:0 p.m.41 views

CVE-2008-2508

Cross-site scripting XSS vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode...

5.7AI score0.01436EPSS
Exploits1References3
Rows per page
Query Builder