Lucene search
K

83 matches found

OSV
OSV
added 2023/01/12 3:15 p.m.9 views

AZL-13005 CVE-2022-3515 affecting package gnupg2 for versions less than 2.4.0-1

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

9.8CVSS7.1AI score0.01635EPSS
Exploits1References1
OSV
OSV
added 2022/12/20 11:15 p.m.3 views

DEBIAN-CVE-2022-47629

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...

9.8CVSS7.5AI score0.0155EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2022/11/14 9:1 a.m.9 views

libksba: integer overflow may lead to remote code execution

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

9.8CVSS7.7AI score0.01635EPSS
Exploits1References5
OSV
OSV
added 2022/10/21 9:49 a.m.7 views

SUSE-SU-2022:3683-1 Security update for libksba

This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser bsc1204357...

9.8CVSS9.6AI score0.01635EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.2 views

libksba 输入验证错误漏洞

libksba is an open source library from GnuPG Mirrors that makes the task of working with X.509 certificates, CMS data and related objects easier. A security vulnerability exists in libksba version 1.3.5-2+deb10u1 that stems from an integer overflow in the CRL parser, which could lead to a denial ...

9.8CVSS7.5AI score0.01635EPSS
Exploits1References29
OSV
OSV
added 2022/10/17 12:0 a.m.2 views

UBUNTU-CVE-2022-3515

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

9.8CVSS7.1AI score0.01635EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/03/02 7:28 p.m.3 views

grub2: Stack buffer overflow in grub_parser_split_cmdline()

A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...

7.2CVSS6.1AI score0.00573EPSS
Exploits0References4
Talos
Talos
added 2021/02/05 12:0 a.m.125 views

Accusoft ImageGear GIF LZW decoder heap overflow vulnerability

Summary A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...

9.8CVSS9.1AI score0.01917EPSS
Exploits1
OSV
OSV
added 2019/06/19 4:15 p.m.2 views

CVE-2019-6114

An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code...

8.8CVSS7.6AI score0.02638EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/14 12:0 a.m.1 views

Tcpdump ISO IS-IS parser buffer overflow vulnerability (CNVD-2017-28238)

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.ISO IS-IS parser is one of the routing protocol parsers. A buffer...

9.8CVSS9.4AI score0.03241EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/14 12:0 a.m.1 views

Tcpdump IKEv1 Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the 'ikev1idprint' of th...

9.8CVSS9.3AI score0.03241EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.0 views

DEBIAN-CVE-2017-5341

The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otvprint...

9.8CVSS7.7AI score0.05333EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.1 views

DEBIAN-CVE-2016-7992

The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cipifprint...

9.8CVSS8AI score0.03265EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.2 views

DEBIAN-CVE-2016-7983

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootpprint...

9.8CVSS7.7AI score0.03903EPSS
Exploits0References1
OSV
OSV
added 2017/01/27 12:0 a.m.2 views

UBUNTU-CVE-2017-5205

The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2eprint...

9.8CVSS7.6AI score0.0357EPSS
Exploits0References4
OSV
OSV
added 2017/01/27 12:0 a.m.3 views

UBUNTU-CVE-2016-7936

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udpprint...

9.8CVSS7.6AI score0.03172EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2016/09/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2016-6909

Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER...

10CVSS7.7AI score0.49856EPSS
Exploits2References1
CNVD
CNVD
added 2016/09/14 12:0 a.m.23 views

Wireshark Catapult DCT2000 Parser Stack Buffer Overflow Vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A stack buffer overflow vulnerability exists in the...

5.9CVSS7.9AI score0.02652EPSS
Exploits0References1
OSV
OSV
added 2014/03/11 1:1 p.m.1 views

DEBIAN-CVE-2014-2299

Buffer overflow in the mpegread function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a large record in MPEG data...

9.3CVSS8AI score0.47422EPSS
Exploits6References1
OSV
OSV
added 2014/03/08 9:43 p.m.8 views

MGASA-2014-0125 Updated wireshark packages fix multiple vulnerabilies

Updated wireshark packages fix security vulnerabilities: The NFS dissector could crash CVE-2014-2281. The RLC dissector could crash CVE-2014-2283. The MPEG file parser could overflow a buffer CVE-2014-2299...

9.3CVSS6.7AI score0.47422EPSS
Exploits10References7
Rows per page
Query Builder