Lucene search
K

1833 matches found

OSV
OSV
added 2022/10/02 1:42 p.m.12 views

GSD-2022-1006398 swiotlb: avoid potential left shift overflow

swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.143 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/10/02 1:39 p.m.10 views

GSD-2022-1006368 swiotlb: avoid potential left shift overflow

swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.68 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/10/02 1:37 p.m.10 views

GSD-2022-1006331 swiotlb: avoid potential left shift overflow

swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.9 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.5 views

PT-2022-34655 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.143 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.2 views

PT-2022-34588 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. It was introduced in version v5.12 and fixed in Linux...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.3 views

PT-2022-34625 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. It was introduced in version v5.12 and fixed in Linux...

7.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/30 12:0 a.m.5 views

PT-2025-53128

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the fs/ntfs3 component. A UBSAN Undefined Behavior Sanitizer error can occur in the true sectors per clst function, specifically due to a...

4.7CVSS6.3AI score0.00209EPSS
Exploits0References34
Code423n4
Code423n4
added 2022/09/27 12:0 a.m.8 views

Incorrect Shift Operation

Lines of code Vulnerability details Impact There is an incorrect left shift operation in . The shift operation shl64, 1 would result in a value not equivalent to uint64 cast instead of value of 264 A left shift operation, x y is equivalent to the mathematical expression x 2y Proof of Concept...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/25 12:0 a.m.25 views

GLSA-202209-13 : libaacplus: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202209-13 libaacplus: Denial of Service - auchannel.h in HE-AAC+ Codec aka libaacplus 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service application crash or possibly have...

7.8CVSS7.6AI score0.01506EPSS
Exploits3References5
OSV
OSV
added 2022/09/09 11:4 a.m.4 views

OESA-2022-1904 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Protobuf-c v1.4.0 was discovered to contain an invalid...

5.5CVSS7.2AI score0.01058EPSS
Exploits1References2
OSV
OSV
added 2022/08/30 5:15 a.m.5 views

CVE-2022-26528

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service...

6.5CVSS6.1AI score0.00435EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/30 4:2 a.m.1 views

CVE-2022-26528

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service...

6.5CVSS6.1AI score0.00435EPSS
Exploits0References2
OSV
OSV
added 2022/08/26 11:4 a.m.5 views

OESA-2022-1867 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by...

7.5CVSS6.6AI score0.01508EPSS
Exploits1References2
OSV
OSV
added 2022/08/26 11:4 a.m.4 views

OESA-2022-1868 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by...

7.5CVSS6.6AI score0.01508EPSS
Exploits1References2
NVD
NVD
added 2022/08/23 4:15 p.m.20 views

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

7.5CVSS0.01508EPSS
Exploits1References6
OSV
OSV
added 2022/08/23 4:15 p.m.1 views

DEBIAN-CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

7.5CVSS7.3AI score0.01508EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/08/23 4:15 p.m.39 views

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

7.5CVSS7AI score0.01508EPSS
Exploits1References2
OSV
OSV
added 2022/08/23 4:15 p.m.0 views

UBUNTU-CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

7.5CVSS7.2AI score0.01508EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/08/23 12:0 a.m.18 views

CVE-2021-20304

A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability...

7.4AI score0.01508EPSS
Exploits1References6
CVE
CVE
added 2022/08/23 12:0 a.m.119 views

CVE-2021-20304

OpenEXR contains a vulnerable hufDecode path (CVE-2021-20304). A crafted EXR file can trigger an undefined right-shift error, with the highest impact on availability. Public advisories document affected OpenEXR components and remediation via vendor patches/upgrades. Notably, Amazon Linux 2 ALAS a...

7.5CVSS7.1AI score0.01508EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder