Lucene search
K

1886 matches found

Cvelist
Cvelist
added 2019/01/09 10:0 p.m.34 views

CVE-2018-16198

Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device...

8.7AI score0.0047EPSS
Exploits0References2
NVD
NVD
added 2018/12/20 5:29 p.m.19 views

CVE-2018-1000856

DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting XSS vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear t...

4.8CVSS5AI score0.01424EPSS
Exploits1References1
Prion
Prion
added 2018/12/20 5:29 p.m.16 views

Cross site scripting

DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting XSS vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear t...

3.5CVSS5AI score0.01424EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/20 4:0 p.m.24 views

CVE-2018-1000856

DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting XSS vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear t...

5AI score0.01424EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2018/12/20 12:0 a.m.4 views

The vulnerability of the libdwfl library in the ELF Elfutils utility for modifying and analyzing binary files allows a attacker to cause a service failure.

The vulnerability of the libdwfl library’s dwflsegmentreportmodule.c file, a tool for modifying and analyzing binary ELF files, is due to a buffer overflow segmentation fault. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created ELF file...

5.5CVSS6.7AI score0.01464EPSS
Exploits1References10Affected Software5
Cvelist
Cvelist
added 2018/12/11 3:0 p.m.21 views

CVE-2018-18358

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...

6AI score0.00443EPSS
Exploits0References6
pentestit
pentestit
added 2018/12/03 10:28 p.m.4101 views

UPDATE: Infection Monkey 1.6.1

PenTestIT RSS Feed I'm sure you must have read my previous post title the List of Adversary Emulation Tools. In that post, I briefly mentioned about the Guardicore Infection Monkey. Good news now is that it has been updated! We now have Infection Monkey 1.6.1. An important change about this versi...

10CVSS0.3AI score0.99999EPSS
Exploits89
CNVD
CNVD
added 2018/11/30 12:0 a.m.2 views

FreeRDP Buffer Overflow Vulnerability (CNVD-2019-00654)

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. A heap buffer overflow vulnerability in the 'zgfxdecompresssegment' function in versions prior to FreeRDP 2.0.0-rc4 can be exploited by a remote attacker to cause a denial of service...

9.8CVSS8AI score0.07293EPSS
Exploits1References1
Veracode
Veracode
added 2018/11/19 5:45 a.m.24 views

Memory Overwrite

github.com/google/gvisor is vulnerable to memory overwrite attacks. The vulnerability through repeated calls of shmctlIPCRMID which forces a segment to be destroyed prematurely. This could be reused and accessible by a different process...

9.8CVSS9AI score0.00786EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2018/11/15 3:29 p.m.21 views

Design/Logic Flaw

BlueStacks App Player BlueStacks App Player for Windows 3.0.0 to 4.31.55, BlueStacks App Player for macOS 2.0.0 and later allows an attacker on the same network segment to bypass access restriction to gain unauthorized access...

5.8CVSS8.6AI score0.00571EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2018/10/16 2:50 p.m.5 views

kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)

A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcpcollapseofoqueue and tcppruneofoqueue functions by sending specially modified packets within ongoing T...

7.8CVSS7.1AI score0.7354EPSS
Exploits0References7
OSV
OSV
added 2018/10/15 2:29 a.m.1 views

DEBIAN-CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

5.5CVSS6AI score0.01464EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2018/10/15 2:0 a.m.26 views

CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

5.5CVSS5.7AI score0.01464EPSS
Exploits1
OSV
OSV
added 2018/10/14 12:0 a.m.2 views

UBUNTU-CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

5.5CVSS6.5AI score0.01464EPSS
Exploits1References5
Talos
Talos
added 2018/10/03 12:0 a.m.653 views

Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability

Summary An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2 parsing code of Google Chrome version 67.0.3396.99. A specially crafted PDF document can trigger an out-of-bounds read, which can possibly lead to an information leak that could be used as part of an exploit. ...

8.8CVSS8.9AI score0.01469EPSS
Exploits0
OSV
OSV
added 2018/09/07 2:29 p.m.5 views

CVE-2018-0662

Multiple I-O DATA network camera products TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code...

6.8CVSS6AI score0.0042EPSS
Exploits0References2
CNVD
CNVD
added 2018/09/07 12:0 a.m.4 views

Artifex MuPDF Denial of Service Vulnerability (CNVD-2020-54496)

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'fzappendbyte' function in the fitz/buffer.c file in Artifex MuPDF version 1.13.0. A remote attacker can exploit this vulnerability to cause a denial of service segmentation error with th...

5.5CVSS6.3AI score0.0147EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/07 12:0 a.m.3 views

Unspecified Vulnerability in Artifex MuPDF

Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in the 'pdfgetxrefentry' function in the pdf/pdf-xref.c file in Artifex MuPDF version 1.13.0. A remote attacker can exploit this vulnerability with the help of a specially crafted pdf file to...

5.5CVSS6.4AI score0.0147EPSS
Exploits1References1
Mageia
Mageia
added 2018/08/15 3:45 p.m.60 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.62 and fixes at least the following security issues: kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled...

8CVSS8.3AI score0.7354EPSS
Exploits22References20
Mageia
Mageia
added 2018/08/15 3:45 p.m.50 views

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.62 and fixes at least the following security issues: kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled...

8CVSS8.4AI score0.7354EPSS
Exploits22References20
Rows per page
Query Builder