CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

OSV•added 2020/05/07 8:15 p.m.•0 views

UBUNTU-CVE-2020-11049

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0...

5.5CVSS6.6AI score0.00168EPSS

Exploits1References6

CVE•added 2020/05/07 12:0 a.m.•177 views

CVE-2020-11049

CVE-2020-11049 : In FreeRDP, there is an out-of-bounds read of client memory that is then passed on to the protocol parser. This vulnerability affects FreeRDP releases prior to the patch and has been explicitly fixed in version 2.0.0. The available documents describe the issue as an OOB read in t...

5.5CVSS5.4AI score0.00168EPSS

Exploits1References7Affected Software1

Cvelist•added 2020/05/07 12:0 a.m.•18 views

CVE-2020-11049 Out-of-bounds Read in FreeRDPrdp_read_share_control_header

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0...

5.5CVSS6.3AI score0.00168EPSS

Exploits1References7

Positive Technologies•added 2020/04/09 12:0 a.m.•9 views

PT-2020-12510 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue involves an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in version 2.0.0. Recommendations: For versions 1.1 through 1.9, updat...

9.8CVSS6.2AI score0.02202EPSS

Exploits26References297

Oracle linux•added 2020/04/06 12:0 a.m.•46 views

dovecot security and bug fix update

1:2.2.36-6 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741787 1:2.2.36-5 - fix CVE-2019-3814: improper certificate validation 1674369 - fix CVE-2019-7524: buffer overflow in...

9.8CVSS2.4AI score0.38348EPSS

Exploits2

CNVD•added 2019/10/09 12:0 a.m.•1 views

Tcpdump BGP parser override vulnerability

tcpdump is a message analysis tool. Tcpdump BGP parser print-bgp.c:bgpattrprint suffers from an out-of-bounds read vulnerability, which can be exploited by a remote attacker to submit a special request that can crash the application...

7.5CVSS6.1AI score0.01608EPSS

Exploits0References1

Oracle linux•added 2019/09/23 12:0 a.m.•54 views

dovecot security update

1:2.2.36-5.1 - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes 1741788...

9.8CVSS1.7AI score0.38348EPSS

Exploits1

CNVD•added 2018/10/12 12:0 a.m.•1 views

Wireshark Denial of Service Vulnerability (CNVD-2019-12362)

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A denial-of-service vulnerability exists in the MS-WSP protocol parser in Wireshark, whi...

7.5CVSS7.5AI score0.01831EPSS

Exploits0References1

OSV•added 2018/09/11 2:29 a.m.•2 views

UBUNTU-CVE-2018-16807

In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser...

7.5CVSS7.1AI score0.00328EPSS

Exploits0References3

UbuntuCve•added 2018/09/11 2:29 a.m.•28 views

CVE-2018-16807

In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser...

7.5CVSS7.1AI score0.00328EPSS

Exploits0References2

CVE•added 2018/09/11 2:0 a.m.•68 views

CVE-2018-16807

CVE-2018-16807 affects Bro/Zeek (Kerberos protocol parser) through version 2.5.5, where a memory leak could lead to denial of service. The root cause is a memory leak in scripts/base/protocols/krb/main.bro within the Kerberos parser. Impact is described as potential DoS, with availability potenti...

7.5CVSS7.2AI score0.00328EPSS

Exploits0References1Affected Software1

Debian CVE•added 2018/09/11 2:0 a.m.•22 views

CVE-2018-16807

Removed by vendor...

7.5CVSS7.6AI score0.00328EPSS

Exploits0

OSV•added 2018/05/17 2:29 p.m.•1 views

ALPINE-CVE-2018-7159

The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the Node.js HTTP parser has been...

5.3CVSS8.8AI score0.00902EPSS

Exploits0References1