Lucene search
K

239 matches found

cnnvd
cnnvd
added 2023/10/19 12:0 a.m.5 views

Motorola MTM5000 Security Vulnerability

The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability in the Motorola MTM5000, which stems from a lack of pointer validation of parameters passed to the Trusted Execution Environment TEE module, can be exploited by an attacker to obtain secure supervised code executi...

8.2CVSS7.5AI score0.00197EPSS
Exploits0References2
atlassian
atlassian
added 2023/10/06 5:45 p.m.49 views

FasterXML Vulnerability in Bamboo Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.1.0, 9.2.1, and 9.3.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS6.8AI score0.02824EPSS
Exploits2
nessus
nessus
added 2023/09/27 12:0 a.m.35 views

Amazon Linux 2 : ansible (ALASANSIBLE2-2023-006)

The version of ansible installed on the remote host is prior to 2.9.12-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-006 advisory. An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive da...

5.5CVSS7AI score0.00568EPSS
Exploits2References8
f5
f5
added 2023/08/15 4:54 p.m.38 views

K000135852: FasterXML jackson-databind vulnerability CVE-2022-42003

Security Advisory Description In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled. Additional fix version in 2.13.4.1 a...

7.5CVSS7.1AI score0.02824EPSS
Exploits2Affected Software1
packetstorm
packetstorm
added 2023/06/30 12:0 a.m.661 views

Chrome v8::internal::Object::SetPropertyWithAccessor Type Confusion

Chrome: Type confusion in v8::internal::Object::SetPropertyWithAccessor VULNERABILITY DETAILS When SetSuperProperty can't find the requested property in the holder, it performs an OWN lookup on the receiver. If the receiver has a property interceptor installed, the function invokes the...

8.8CVSS7.1AI score0.23855EPSS
Exploits1
redhat
redhat
added 2023/06/15 3:23 p.m.8 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
susecve
susecve
added 2023/06/03 2:13 a.m.4 views

SUSE CVE-2023-23597

A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This vulnerability affects Firefo...

6.5CVSS7AI score0.0034EPSS
Exploits0References4
cve
cve
added 2023/06/02 12:0 a.m.340 views

CVE-2023-23597

Summary: CVE-2023-23597 affects Mozilla Firefox and concerns a compromised web child process that could bypass web security opening restrictions, allowing a new child process to spawn in the file:// context and potentially read arbitrary files. The issue is described as a vulnerability in Firefox...

6.5CVSS6.7AI score0.0034EPSS
Exploits0References2Affected Software1
redhat
redhat
added 2023/05/18 9:54 a.m.8 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
ptsecurity
ptsecurity
added 2023/05/18 12:0 a.m.5 views

PT-2023-19813 · Facebook · Hermes

Name of the Vulnerable Software and Affected Versions: Hermes versions prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 Description: A use-after-free in BigIntPrimitive addition could have been used by an attacker to leak raw data from Hermes VM’s heap. This issue is only exploitable in...

7.5CVSS7.4AI score0.00644EPSS
Exploits0References8
metasploit
metasploit
added 2023/03/30 7:50 p.m.512 views

Ancillary Function Driver (AFD) for WinSock Elevation of Privilege

A vulnerability exists in the Windows Ancillary Function Driver for Winsock afd.sys can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can b...

7.8CVSS7.9AI score0.65417EPSS
Exploits13
githubexploit
githubexploit
added 2023/03/21 1:58 a.m.338 views

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2023-21768 Local Privilege Escalation POC authors: chomp...

7.8CVSS8.6AI score0.65417EPSS
Exploits13
redhat
redhat
added 2023/03/08 2:54 p.m.9 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
redhat
redhat
added 2023/03/07 7:10 p.m.7 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
redhat
redhat
added 2023/03/06 9:1 a.m.17 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
redhat
redhat
added 2023/03/01 10:2 p.m.10 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
redhat
redhat
added 2023/03/01 9:58 p.m.9 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
susecve
susecve
added 2023/02/15 5:51 a.m.2 views

SUSE CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as ...

6.8CVSS7.8AI score0.04418EPSS
Exploits1References3
redhat
redhat
added 2023/01/31 1:18 p.m.7 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
redhat
redhat
added 2023/01/31 1:15 p.m.9 views

jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAPSINGLEVALUEARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting...

7.5CVSS6.7AI score0.02824EPSS
Exploits2References4
Rows per page
Query Builder