Lucene search
K

1886 matches found

Cvelist
Cvelist
added 2020/03/05 8:56 a.m.33 views

CVE-2019-14061

Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

7.7AI score0.00794EPSS
Exploits0References1
NVD
NVD
added 2020/03/04 2:15 a.m.36 views

CVE-2020-5535

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

8.8CVSS8.9AI score0.00855EPSS
Exploits0References2
Prion
Prion
added 2020/03/04 2:15 a.m.21 views

Authentication flaw

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

5.8CVSS8.7AI score0.00578EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/04 1:35 a.m.32 views

CVE-2020-5535

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

9AI score0.00855EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/03/03 8:41 a.m.6 views

kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver

A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...

7.8CVSS7.3AI score0.00909EPSS
Exploits1References5
NVD
NVD
added 2020/02/21 10:15 a.m.16 views

CVE-2020-5534

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

8CVSS8AI score0.0087EPSS
Exploits0References2
Prion
Prion
added 2020/02/21 10:15 a.m.22 views

Design/Logic Flaw

Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function...

8.3CVSS8.9AI score0.01019EPSS
Exploits0References3Affected Software3
Prion
Prion
added 2020/02/21 10:15 a.m.17 views

Design/Logic Flaw

Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen...

7.7CVSS8.2AI score0.0087EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2020/02/21 9:15 a.m.18 views

CVE-2020-5534

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

8.1AI score0.0087EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/02/21 9:15 a.m.18 views

CVE-2020-5525

Aterm series Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen...

8.3AI score0.0087EPSS
Exploits0References2
OSV
OSV
added 2020/02/17 7:15 p.m.4 views

CVE-2019-20474

An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role read-only access to use and abuse it. One of the abuses allows performing network and port scan...

4.3CVSS5.8AI score0.01441EPSS
Exploits0References2
NVD
NVD
added 2020/02/07 5:15 a.m.20 views

CVE-2019-14044

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24...

7.8CVSS7.7AI score0.00204EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/02/04 8:53 a.m.4 views

kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver

A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...

7.8CVSS7.3AI score0.00909EPSS
Exploits1References5
Debian
Debian
added 2020/01/30 3:30 p.m.42 views

[SECURITY] [DLA 2087-1] suricata security update

Package : suricata Version : 2.0.7-2+deb8u5 CVE ID : CVE-2019-18625 CVE-2019-18792 Two vulnerabilities have recently been discovered in the stream-tcp code of the intrusion detection and prevention tool Suricata. CVE-2019-18625 It was possible to bypass/evade any tcp based signature by faking a...

9.1CVSS7.1AI score0.02521EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.4 views

The vulnerability of the `__remove_dirty_segment` function in Linux operating system kernels, which allows a malicious actor to trigger a service failure

The vulnerability of the removedirtysegment function in Linux operating systems is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by manipulating the mounted file system f2fs...

7.8CVSS7.5AI score0.03297EPSS
Exploits1References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.4 views

Vulnerability of functions f2fs_build_segment_manager and init_min_max_mtime in Linux kernel, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information

The vulnerability of the f2fsbuildsegmentmanager function in the Linux kernel’s fs/f2fs/segment.c file, as well as the initminmaxmtime function in the same file, relates to reading beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to compromise the...

7.8CVSS7AI score0.02014EPSS
Exploits1References15Affected Software3
Cvelist
Cvelist
added 2020/01/21 6:30 a.m.32 views

CVE-2019-14003

Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

8AI score0.00814EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.3 views

The vulnerability of the kernel of operating systems such as Linux, Windows, Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, macOS, and EulerOS allows attackers to increase their privileges.

The vulnerability of the kernels of Linux, Windows, Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, macOS, and EulerOS is related to errors in interpreting instructions that describe behavior related to MOV SS/POP SS. Exploiting this vulnerability can allow attackers to gain increased...

7.8CVSS6.6AI score0.18404EPSS
Exploits9References32Affected Software6
CNVD
CNVD
added 2019/12/19 12:0 a.m.3 views

tree-kill code injection vulnerability (CNVD-2019-46973)

tree-kill is a package for killing processes in the process tree. A code injection vulnerability exists in tree-kill Windows. The vulnerability arises from a network system or product that does not properly filter specific elements of externally input data during the construction of a code segmen...

9.8CVSS7.6AI score0.02742EPSS
Exploits0References1
OSV
OSV
added 2019/12/17 6:15 a.m.2 views

UBUNTU-CVE-2019-19814

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...

7.8CVSS7.1AI score0.03297EPSS
Exploits1References3
Rows per page
Query Builder