Lucene search
K

28 matches found

Snyk
Snyk
added 2023/06/14 12:0 a.m.4 views

Privilege Escalation

Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 6.0.18, 7.0...

7.5CVSS6.9AI score0.01558EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.8 views

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A denial of service vulnerability exists in Bento4 version v1.6.0-639, which stems from the AP4TrunAtom::SetDataOffsetint function in Ap4TrunAtom.h containing a segmentation violation. An attacker can exploit this vulnerabili...

5.5CVSS5.4AI score0.00291EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/04 12:0 a.m.6 views

PT-2023-2375 · Liblouis +7 · Liblouis +7

Name of the Vulnerable Software and Affected Versions: Liblouis version 3.24.0 Description: The issue is related to a buffer overflow that can be triggered by a remote attacker, potentially causing a denial of service. This is associated with the compileTranslationTable.c and the lou setDataPath...

7.8CVSS8.8AI score0.01498EPSS
Exploits2References73
RedHat Linux
RedHat Linux
added 2023/01/25 3:18 p.m.12 views

Mozilla: Arbitrary file read from GTK drag and drop on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:30 a.m.5 views

Mozilla: Arbitrary file read from GTK drag and drop on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.7 views

PT-2022-14709 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: In the setDataSource function of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure...

5.5CVSS7.2AI score0.0013EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/05/18 3:49 p.m.4 views

kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c

A flaw was found in the Linux kernel’s sofsetgetlargectrldata function, in the way it handled memory cleanup in a specific error path. A local attacker could use this flaw to crash the system...

5.5CVSS7.1AI score0.00393EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/08/06 2:22 p.m.6 views

exiv2: integer overflow in getData function in preview.cpp

Exiv2 0.26 has integer overflows in LoaderTiff::getData in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp...

8.8CVSS5.8AI score0.02891EPSS
Exploits1References4
Rows per page
Query Builder