Lucene search
K

2525 matches found

OSV
OSV
added 2017/03/18 8:59 p.m.2 views

DEBIAN-CVE-2016-10253

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...

9.8CVSS9.4AI score0.01479EPSS
Exploits0References1
Prion
Prion
added 2017/03/14 10:59 p.m.20 views

Improper access control

Access control vulnerability in Intel Security Data Loss Prevention Endpoint DLPe 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get...

4.6CVSS6.8AI score0.00311EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2017/03/06 12:0 a.m.61 views

Security Advisory - Arbitrary Memory Read Write Vulnerability in Huawei Smart Phones

There is a arbitrary memory read/write vulnerability in the hardware security module of some Huawei smart phones due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute...

7.2CVSS6.7AI score0.00309EPSS
Exploits0Affected Software2
myhack58
myhack58
added 2017/03/01 12:0 a.m.480 views

HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net

For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...

7.2CVSS7.7AI score0.87042EPSS
Exploits23
OSV
OSV
added 2017/02/24 4:59 a.m.1 views

DEBIAN-CVE-2017-6305

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."...

7.8CVSS7.6AI score0.01223EPSS
Exploits0References1
OSV
OSV
added 2017/02/23 12:0 a.m.3 views

UBUNTU-CVE-2017-6305

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."...

7.8CVSS7.1AI score0.01223EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2017/02/21 12:0 a.m.5 views

PT-2017-2443 · Aerospike · Aerospike Database Server

Name of the Vulnerable Software and Affected Versions: Aerospike Database Server version 3.10.0.3 Description: The issue is related to an out-of-bounds indexing vulnerability in the RW fabric message particle type. This can be triggered by a specially crafted packet, causing the server to fetch a...

9.8CVSS9.7AI score0.07249EPSS
Exploits2References4
Exploit DB
Exploit DB
added 2017/02/15 12:0 a.m.33 views

NVIDIA Driver 375.70 - DxgkDdiEscape 0x100008b Out-of-Bounds Read/Write

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=985 The DxgkDdiEscape handler for 0x100008b accepts a user supplied size as the limit for a loop, leading to OOB reads and writes. The supplied PoC passes an invalid size of 0x41414141, which causes a crash in: int64 sub30A500int64...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2017/02/13 5:26 a.m.17 views

shopify-scripts: Interger overflow in str_substr leading to read/write out of bound memory

Failed check len & beg in strsubstr when call mrbstrarefm by String. This can lead to read/write into invalid memory which may be memory corruption or RCE. this snippet causes a crash in mrubyi can't check mruby-engine by error undefined symbol rbutf8strnew : $b="B"2048 $expand=$b0x40,0x7fffffff...

1.6AI score
Exploits0
OSV
OSV
added 2017/01/27 10:59 p.m.4 views

CVE-2017-3363

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

8.2CVSS7.3AI score0.01237EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2017/01/23 12:0 a.m.48 views

Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution

Advisory ID: SGMA16-004 Title: Microsoft Remote Desktop Client for Mac Remote Code Execution Product: Microsoft Remote Desktop Client for Mac Version: 8.0.36 and probably prior Vendor: www.microsoft.com Type: Arbitrary file read/write leads to RCE Risk level: 4 / 5 Credit:...

Exploits0
Prion
Prion
added 2017/01/19 5:59 a.m.32 views

Design/Logic Flaw

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page...

6.8CVSS6.4AI score0.34703EPSS
Exploits1References5Affected Software1
Kaspersky
Kaspersky
added 2017/01/19 12:0 a.m.53 views

KLA10951 ACE vulnerability in Google Chrome

Incorrect optimisation assumptions in V8 engine were found in Google Chrome. By exploiting this vulnerability malicious users can perform arbitrary read/write operations and execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML page. Original advisorie...

8.8CVSS9.1AI score0.34703EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2017/01/19 12:0 a.m.28 views

CVE-2016-5198

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. Rece...

8.8CVSS3.7AI score0.34703EPSS
In wildExploits1References6
Cvelist
Cvelist
added 2016/12/29 10:0 p.m.29 views

CVE-2015-8743

QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...

7.6AI score0.00445EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2016/12/29 10:0 p.m.32 views

CVE-2015-8817

QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...

5.5CVSS6.4AI score0.00402EPSS
Exploits0
Prion
Prion
added 2016/12/28 7:59 a.m.32 views

Design/Logic Flaw

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

7.2CVSS6.8AI score0.00437EPSS
Exploits0References19Affected Software1
OSV
OSV
added 2016/12/28 7:59 a.m.2 views

DEBIAN-CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

7.8CVSS7.5AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2016/12/28 7:59 a.m.2 views

UBUNTU-CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

7.8CVSS6.8AI score0.00437EPSS
Exploits0References6
Cvelist
Cvelist
added 2016/12/28 7:42 a.m.26 views

CVE-2016-9576

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...

7.1AI score0.00437EPSS
Exploits0References19
Rows per page
Query Builder