Lucene search
K

128 matches found

CNNVD
CNNVD
added 2024/01/02 12:0 a.m.4 views

OpenHarmony Resource Management Error Vulnerability

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v3.2.2 and earlier versions, which originates from the reuse of a multimedia camera component pointer after...

5.5CVSS6.7AI score0.00154EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/02 12:0 a.m.5 views

OpenHarmony Resource Management Error Vulnerability

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v3.2.2 and earlier versions, which originates from the reuse of a multimedia audio component pointer after...

4CVSS6.7AI score0.00152EPSS
Exploits0References2
NVD
NVD
added 2022/10/11 9:15 p.m.49 views

CVE-2022-41168

Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part .catpart, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

7.8CVSS0.00491EPSS
Exploits0References2
Prion
Prion
added 2022/10/11 9:15 p.m.17 views

Stack overflow

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD .dxf, TeighaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflo...

4.4CVSS7.9AI score0.00553EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.44 views

CVE-2022-41168

Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part .catpart, CatiaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

8.2AI score0.00491EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.32 views

CVE-2022-39806

Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing .slddrw, CoreCadTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a...

8.2AI score0.00515EPSS
Exploits0References2
OSV
OSV
added 2021/09/23 1:15 p.m.3 views

ALPINE-CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.1CVSS6.9AI score0.06216EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2021/09/16 12:0 a.m.45 views

Microsoft Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOC...

7.8CVSS5.7AI score0.04617EPSS
Exploits0References1
curl security advisories
curl security advisories
added 2021/09/15 8:0 a.m.13 views

UAF and double free in MQTT sending

When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

9.1CVSS6.2AI score0.06216EPSS
Exploits1References1Affected Software2
UbuntuCve
UbuntuCve
added 2020/12/15 12:0 a.m.46 views

CVE-2020-29569

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring-xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the...

8.8CVSS6.7AI score0.00388EPSS
Exploits0References6
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.6 views

Linux kernel resource management error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in the Linux kernel through 5.10.1 when used with Xen 4.14.x. The vulnerability stems from the Linux kernel PV block backend...

8.8CVSS6.7AI score0.00388EPSS
Exploits0References19
Zero Day Initiative
Zero Day Initiative
added 2020/09/10 12:0 a.m.43 views

Microsoft Windows State Repository Service Race Condition Use-After-Free Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Sta...

2.5CVSS4.2AI score0.01079EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/19 8:55 p.m.31 views

CVE-2020-15637

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS5.7AI score0.04074EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2020/05/12 12:0 a.m.39 views

Microsoft Internet Explorer JScript Garbage Collection Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.4AI score0.1425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2020/01/15 12:0 a.m.33 views

Microsoft Windows CLFS Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CLFS.SYS drive...

8.8CVSS6AI score0.01232EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/09/10 12:0 a.m.27 views

Adobe Flash Player PSDK Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS2.3AI score0.06054EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/06/11 12:0 a.m.40 views

Microsoft Word DOCX Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS2.4AI score0.04885EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/05/15 12:0 a.m.25 views

Adobe Flash Player PSDK Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

7.5CVSS2.1AI score0.09732EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/05/15 12:0 a.m.31 views

Microsoft Edge CDXImageRenderTarget Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rendering of...

7.5CVSS1.9AI score0.23102EPSS
Exploits0References1
OSV
OSV
added 2019/03/21 4:1 p.m.5 views

CVE-2019-6734

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.5CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder