Lucene search
K

54 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.4 views

SUSE CVE-2016-1840

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

7.8CVSS7.9AI score0.03239EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2022/10/29 12:0 a.m.2 views

PT-2022-36720 · Oracle · Java

Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue is related to a security exception in the Double.parseDouble function, which is called by FloatingDecimal.readJavaFormatString and FloatingDecimal.parseDouble. This suggests a...

6.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/02/16 11:39 a.m.5 views

ruby: Cookie prefix spoofing in CGI::Cookie.parse

A flaw was found in Ruby. RubyGems cgi gem could allow a remote attacker to conduct spoofing attacks caused by the mishandling of security prefixes in cookie names in the CGI::Cookie.parse function. By sending a specially-crafted request, an attacker could perform cookie prefix spoofing attacks...

7.5CVSS7.4AI score0.02931EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/03 12:0 a.m.7 views

Kicad 缓冲区错误漏洞

Kicad is a free software for printed circuit board design from the KiCad Eda community. A security vulnerability exists in KiCad EDA, which stems from a stack buffer overflow vulnerability in the Viewer gerber and excellon GCodeNumber parsing functions in KiCad EDA 6.0.1 and master branches. An...

7.8CVSS7.8AI score0.01736EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2021/07/21 12:0 a.m.4 views

PT-2021-5833 · Curl +10 · Curl +10

Name of the Vulnerable Software and Affected Versions: curl affected versions not specified Description: The issue is related to the use of an uninitialized resource in the cURL command-line tool. It affects the -t command line option, also known as CURLOPT TELNETOPTIONS in libcurl, which is used...

10CVSS7.2AI score0.87816EPSS
Exploits25References520
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.8 views

kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow

A flaw was found in the HDLCPPP module of the Linux kernel. Memory corruption and a read overflow is caused by improper input validation in the pppcpparsecr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data...

7.5CVSS7.1AI score0.03292EPSS
Exploits0References5
CNVD
CNVD
added 2021/04/07 12:0 a.m.7 views

RIOT Buffer Overflow Vulnerability (CNVD-2021-29118)

RIOT is a real-time multi-threaded IoT operating system that supports a range of devices commonly found in the Internet of Things. A buffer overflow vulnerability exists in the parseoptions function in /sys/net/gnrc/routing/rpl/gnrcrplcontrolmessages.c in RIOT version 2021.01. No detailed...

9.8CVSS7.4AI score0.01236EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/07 12:0 a.m.7 views

PHP Input Validation Error Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is primarily used for web development and supports a variety of databases and operating systems. PHP suffers from an input validation error...

5.3CVSS6.7AI score0.02983EPSS
Exploits1References26
Cvelist
Cvelist
added 2019/10/09 8:40 p.m.23 views

CVE-2019-5053

An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability...

7.5CVSS7.6AI score0.01331EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.4 views

PT-2023-14945 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev505-gb9577e6ad-master Description: A memory leak was discovered in GPAC via the gf isom box parse ex function at box funcs.c. This issue may allow for unauthorized access or other malicious activities. Recommendations:...

9.8CVSS7.6AI score0.04615EPSS
Exploits93References237
Talos
Talos
added 2018/07/11 12:0 a.m.53 views

Computerinsel Photoline ANI Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this...

8.8CVSS8.2AI score0.01469EPSS
Exploits1
OSV
OSV
added 2018/05/16 3:29 p.m.6 views

UBUNTU-CVE-2018-11210

DISPUTED TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...

9.8CVSS7.5AI score0.02103EPSS
Exploits0References3
Talos
Talos
added 2016/01/08 12:0 a.m.34 views

Apple Quicktime mdat Corruption Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0021 Apple Quicktime mdat Corruption Denial of Service Vulnerability January 8, 2016 CVE Number CVE-2015-7089 Description There is a denial of service vulnerability in Apple Quicktime. An attacker who can control the content of the mdat section of a .mov file...

6.8CVSS6.4AI score0.01648EPSS
Exploits0
Prion
Prion
added 2014/07/23 2:55 p.m.16 views

Heap overflow

Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...

10CVSS7.6AI score0.03296EPSS
Exploits1References6Affected Software2
Rows per page
Query Builder