CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2017/05/01 6:59 p.m.•15 views

Design/Logic Flaw

5CVSS8.2AI score0.00442EPSS

OSV•added 2017/05/01 6:59 p.m.•20 views

CVE-2017-8396

7.5CVSS6.3AI score

OSV•added 2017/05/01 6:59 p.m.•16 views

CVE-2017-8394

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of bfdelflargecomsection. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library,...

7.5CVSS6.4AI score

Prion•added 2017/05/01 6:59 p.m.•16 views

Null pointer dereference

5CVSS8.1AI score0.00381EPSS

UbuntuCve•added 2017/05/01 6:59 p.m.•18 views

CVE-2017-8396

7.5CVSS6.9AI score0.0038EPSS

Debian CVE•added 2017/05/01 6:0 p.m.•19 views

CVE-2017-8392

7.5CVSS7.5AI score0.00442EPSS

CVE•added 2017/05/01 6:0 p.m.•83 views

CVE-2017-8392

CVE-2017-8392 refers to a vulnerability in the Binary File Descriptor (BFD) library (libbfd) as distributed with GNU Binutils 2.28. The issue is an invalid read of size 8 caused by a missing check for NULL symbols in the _bfd_dwarf2_find_nearest_line function, which can cause programs analyzing b...

7.5CVSS6.9AI score0.00442EPSS

Debian CVE•added 2017/05/01 6:0 p.m.•18 views

CVE-2017-8395

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc return-value check to see if memory had actually been allocated in the bfdgenericgetsectioncontents function. This vulnerability causes...

7.5CVSS7.4AI score0.00504EPSS

Debian CVE•added 2017/05/01 6:0 p.m.•19 views

CVE-2017-8398

dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...

7.5CVSS7.4AI score0.00566EPSS

CVE•added 2017/05/01 6:0 p.m.•77 views

CVE-2017-8398

Technical details for CVE-2017-8398 are not publicly provided in the supplied documents. The materials mention Binutils 2.28 but do not specify affected products/versions beyond that, root cause, impact, or fixes; monitor for updates.

7.5CVSS7.5AI score0.00566EPSS

Fedora•added 2017/04/28 2:36 p.m.•40 views

[SECURITY] Fedora 26 Update: community-mysql-5.7.18-2.fc26

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

7.7CVSS2.7AI score0.01049EPSS

ThreatPost•added 2017/04/27 11:47 a.m.•13 views

The Time Has Arrived to Embrace Hackers

BOSTON—More than ever, hackers are getting a welcoming embrace from law enforcement, governments and business. Bug bounties and vulnerability disclosure programs are becoming the norm across industry, and hackers are no longer universally viewed as a pariah. Simultaneously, however, groups such a...

7.2AI score

Exploits0References1

Trend Micro Simply Security•added 2017/04/26 5:34 p.m.•6 views

Machine learning and the fight against ransomware

Ransomware is now everywhere. The number of emails containing ransomware rose 6,000 percent since 2015, and in 2016, 40 percent of all spam emails had one of these malicious programs hidden within, according to IBM. Other reports highlight the sophistication of ransomware nowadays and it's...

6.9AI score

OSV•added 2017/04/26 2:59 p.m.•1 views

DEBIAN-CVE-2017-8284

The disasinsn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated...

7CVSS7.2AI score0.00108EPSS

Exploits0References1

Schneier on Security•added 2017/04/25 5:7 p.m.•13 views

Advances in Ad Blocking

Ad blockers represent the largest consumer boycott in human history. They're also an arms race between the blockers and the blocker blockers. This article discusses a new ad-blocking technology that represents another advance in this arms race. I don't think it will "put an end to the ad-blocking...

6.7AI score

Trend Micro Simply Security•added 2017/04/21 1:0 p.m.•24 views

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

7.2AI score