Lucene search
K

135 matches found

Prion
Prion
added 2018/06/04 7:29 p.m.29 views

Cross site request forgery (csrf)

Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...

7.1CVSS5.7AI score0.02625EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/06/04 7:0 p.m.23 views

CVE-2017-16026

Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...

5.7AI score0.02625EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2018/06/04 7:0 p.m.50 views

CVE-2017-16026

Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...

7.1CVSS6AI score0.02625EPSS
Exploits1
OSV
OSV
added 2017/11/28 11:29 p.m.2 views

DEBIAN-CVE-2017-17046

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled...

6.5CVSS8.6AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2017/11/28 11:29 p.m.3 views

UBUNTU-CVE-2017-17046

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled...

6.5CVSS6.9AI score0.00364EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/12 12:0 a.m.5 views

Linux kernel denial of service vulnerability (CNVD-2017-30420)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. Security/keys/keyctl.c in the Linux kernel does not take into account the combination of NULL payloads and...

5.5CVSS5.5AI score0.00452EPSS
Exploits0References1
Veracode
Veracode
added 2017/07/19 2:42 a.m.13 views

Uninitialized Memory Disclosure

openwhisk is vulnerable to uninitialized memory disclosure. The library initializes a buffer by providing a numeric value to the Buffer class, resulting in a buffer being created with non zero-ed out memory. This can lead to information on the uninitialized memory being disclosed...

6.5AI score
Exploits0
OSV
OSV
added 2016/09/21 12:0 a.m.2 views

UBUNTU-CVE-2016-5418

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file...

7.5CVSS7.3AI score0.04707EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2016/09/12 7:54 p.m.4 views

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS5.8AI score0.04707EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/09/12 5:34 p.m.127 views

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS5.8AI score0.04707EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/09/12 5:33 p.m.116 views

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS5.8AI score0.04707EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/02/16 3:39 p.m.7 views

glibc: calloc may return non-zero memory

It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes...

7.5CVSS7.1AI score0.02238EPSS
Exploits0References4
CNVD
CNVD
added 2015/10/22 12:0 a.m.6 views

Red Hat Enterprise Linux kernel usbvision driver denial of service vulnerability

Red Hat Enterprise Linux RHEL is a Linux operating system for business users maintained and distributed by Red Hat, Inc. The Linux kernel is the kernel used by the operating system and is distributed by the Linux Foundation. A security vulnerability exists in the usbvision driver in the Linux...

4.9CVSS6.7AI score0.00675EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2015/07/22 9:40 a.m.6 views

glibc: calloc may return non-zero memory

It was discovered that the calloc implementation in glibc could return memory areas which contain non-zero bytes. This could result in unexpected application behavior such as hangs or crashes...

7.5CVSS7.1AI score0.02238EPSS
Exploits0References4
OSV
OSV
added 2014/12/12 3:59 p.m.3 views

DEBIAN-CVE-2014-9374

Double free vulnerability in the WebSocket Server reshttpwebsocket module in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2, and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9 allows remote attackers to cause a denial of service crash by sending a zero length frame...

5CVSS6.4AI score0.09525EPSS
Exploits0References1
Rows per page
Query Builder