Lucene search
K

115 matches found

OSV
OSV
added 2023/01/01 12:0 a.m.19 views

ASB-A-258741356

A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...

5.5CVSS7.4AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2023/01/01 12:0 a.m.18 views

ASB-A-258749708

A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...

5.5CVSS7.4AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2023/01/01 12:0 a.m.16 views

ASB-A-258736883

A wlan driver function lacks parameter checks, resulting heap overflow vulnerability...

5.5CVSS7.4AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2022/12/01 12:0 a.m.9 views

ASB-A-253957344

A wlan driver function lacks parameter checks, resulting EOP issue...

5.5CVSS7.1AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2022/12/01 12:0 a.m.11 views

ASB-A-253957345

A wlan driver function lacks parameter checks, resulting Out-of-bounds Write issues...

5.5CVSS7.1AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2022/12/01 12:0 a.m.13 views

ASB-A-253978054

A wlan driver function lacks parameter checks, resulting Out-of-bounds Write issues...

9.8CVSS7.1AI score0.0036EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/01 12:0 a.m.8 views

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional diagnostic devices lies in the improper checking of POST request parameters. This allows a perpetrator to cause malfunctions during maintenance or execute arbitrary codes.

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices is related to incorrect verification of POST request parameters. Exploiting this vulnerability can allow an attacker to trigger a service failure or execute arbitrary code...

10CVSS8.1AI score0.01371EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/18 12:0 a.m.7 views

The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns allows a hacker to exit the container and gain root access to the host.

The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns function, a software tool for managing clusters of virtual machines in Kubernetes, is related to the lack of proper checks on kernel parameters. Exploiting this vulnerability could allow an attacker to exi...

9CVSS7.8AI score0.18561EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/08/18 12:0 a.m.7 views

The vulnerability of the libxcb library in operating systems such as ALT Linux, ROSA Linux, and MSVSphere allows attackers to cause service failures.

The vulnerability of the libxcb library in ALT Linux, ROSA Linux, and MSVSphere operating systems is related to the lack of checks for the correctness of input parameters for the export function xcbgetpropertyvalueend. Exploiting this vulnerability can allow attackers to cause failures in...

5CVSS5.5AI score
Exploits0Affected Software1
CNVD
CNVD
added 2021/02/01 12:0 a.m.9 views

TerraMaster TOS Dynamic Class Method Invocation Vulnerability

TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A dynamic class method call vulnerability exists in include/exportUser.php in TerraMaster TOS versions prior to 4.1.29. The vulnerability stems from invalid parameter checking. An attacker can...

10CVSS6.9AI score0.28495EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/12 12:0 a.m.3 views

Zephyr Input Validation Error Vulnerability (CNVD-2020-29631)

Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. Zephyr suffers from an input validation error vulnerability that stems from the program not performing parameter validation when making multiple system calls. No details of the vulnerability are...

7.8CVSS6.8AI score0.00396EPSS
Exploits0References1
OSV
OSV
added 2019/11/13 3:15 p.m.4 views

CVE-2019-5287

P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R2P1 have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters ...

7.8CVSS6AI score0.00942EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/10/16 5:38 p.m.4 views

bouncycastle: Other party DH public keys are not fully validated

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are...

4.3CVSS7.3AI score0.02303EPSS
Exploits0References4
CNVD
CNVD
added 2018/01/31 12:0 a.m.3 views

Huawei TripAdvisor Catwalk App Loads Arbitrary URL Vulnerability

TripAdvisor offers a wealth of travel planning and booking features, as well as powerful offline downloads and local services, making it a "must-have" tool for your outbound travel. A load arbitrary URL vulnerability exists in the Huawei TripAdvisor Catwalk application due to insufficient paramet...

6.8CVSS7AI score0.0063EPSS
Exploits0References1
OSV
OSV
added 2017/11/22 7:29 p.m.4 views

CVE-2017-8170

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone,...

7.8CVSS6.3AI score0.01001EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.6 views

The vulnerability of the alloc_heap_pages function in Xen hypervisors allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the allocheappages function in Xen hypervisors arises due to insufficient checking of parameters. Exploiting this vulnerability allows a local attacker to execute arbitrary code or cause a service failure by exceeding memory limits, using the NUMA parameter for memory...

8.8CVSS7.8AI score0.0041EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/06/13 12:0 a.m.5 views

Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12926)

Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...

9.8CVSS7.2AI score0.01047EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/13 12:0 a.m.5 views

Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12930)

Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...

9.8CVSS7.2AI score0.01345EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/13 12:0 a.m.7 views

Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12932)

Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...

9.8CVSS7.2AI score0.01047EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/13 12:0 a.m.5 views

Huawei UMA Product Elevation of Privilege Vulnerability (CNVD-2017-12925)

Huawei Unified Maintenance Audit UMA is a unified IT core resource operation and maintenance management and security audit platform designed for carriers, government, finance, electric power and large enterprises. An elevation of privilege vulnerability exists in the Huawei UMA product. Due to...

9.8CVSS7.2AI score0.01047EPSS
Exploits0References1
Rows per page
Query Builder