Lucene search
K

33 matches found

Snyk
Snyk
added 2025/10/30 5:10 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

8.7CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/10/30 5:10 p.m.3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

8.7CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/10/30 5:10 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

8.7CVSS7AI score
Exploits0References2
OSV
OSV
added 2025/10/30 5:10 p.m.3 views

GHSA-FJ2X-735W-74VQ gnark-crypto allows unchecked memory allocation during vector deserialization

The issue has been reported by @raefko from @fuzzinglabs. Excerpts from the report: A critical vulnerability exists in the gnark-crypto library's Vector.ReadFrom function that allows an attacker to trigger arbitrary memory allocation by crafting malicious input data. An attacker can cause the...

7.5CVSS7.4AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.4 views

CVE-2023-21272

In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.9AI score0.00168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.4 views

PT-2023-18052 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a possible bad URI permission grant due to improper input validation in the readFrom method of Uri.java. This could lead to local escalation of privilege with no...

7.8CVSS6.8AI score0.00168EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/08/14 12:0 a.m.4 views

Google Android 输入验证错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from improper input validation in the readFrom module of Uri.java, which can be exploited by an attacker to gain elevated privileges...

7.8CVSS7.2AI score0.00168EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.6 views

CVE-2022-20338

In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User...

3.3CVSS5.9AI score0.00201EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/18 12:0 a.m.6 views

LIM OpenEXR Denial of Service Vulnerability (CNVD-2017-32289)

LIM OpenEXR is an image file format developed by Industrial Light and Magic LIM in the United States for high dynamic range HDR images. A security vulnerability exists in the 'Header::readfrom' function in the IlmImf/ImfHeader.cpp file in LIM OpenEXR version 2.2.0. A remote attacker can exploit...

5.5CVSS5.6AI score0.00963EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/10/10 12:50 p.m.21 views

CVE-2017-14988

DISPUTED Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties...

5.5CVSS5.7AI score0.00963EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/10/03 1:29 a.m.35 views

CVE-2017-14988

Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe tha...

5.5CVSS6.4AI score0.00963EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/07/05 7:23 p.m.5 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/07/05 7:19 p.m.6 views

RESTEasy: XML eXternal Entity (XXE) flaw

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding JAXB input, aka an XML external entity XXE injection attack, a similar vulnerability to...

5CVSS7.5AI score0.03213EPSS
Exploits0References4
Rows per page
Query Builder