Lucene search
K

37 matches found

Prion
Prion
added 2023/12/14 5:15 p.m.37 views

Buffer overflow

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a...

6.8CVSS7.5AI score0.00793EPSS
Exploits1References4Affected Software7
Cvelist
Cvelist
added 2023/12/14 5:2 p.m.41 views

CVE-2023-42801 Stack buffer overflow due to `strcpy` into fixed size buffer in `extractVersionQuadFromString`

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a...

7.6CVSS8.1AI score0.00793EPSS
Exploits1References4
OSV
OSV
added 2023/12/14 5:2 p.m.31 views

CVE-2023-42801 Stack buffer overflow due to `strcpy` into fixed size buffer in `extractVersionQuadFromString`

Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit f57bd745b4cbed577ea654fad4701bea4d38b44c. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a...

7.6CVSS7.7AI score0.00793EPSS
Exploits1References6
CVE
CVE
added 2023/12/14 5:2 p.m.94 views

CVE-2023-42801

CVE-2023-42801 affects Moonlight-common-c, the core GameStream client code. The vulnerability is a stack-based buffer overflow in the library that begins after pairing, exploitable by sending a malicious game streaming server to a Moonlight client. Exploitation could crash the client and, in theo...

7.6CVSS7.6AI score0.00793EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.5 views

SUSE CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

2.4CVSS8.1AI score0.04252EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2022/10/24 3:36 p.m.40 views

Exploit for Improper Validation of Array Index in Sqlite

CVE-2022-35737 Integer overflow in SQLite3 sqlite3strvappe...

7.5CVSS8.3AI score0.19193EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2018-0126)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.93838EPSS
Exploits17References9
ATTACKERKB
ATTACKERKB
added 2020/02/11 12:0 a.m.30 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ‘Windows Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at March 17, 2020 8:31pm UTC reported: Analysis performed using ipnathlp.dll from Windows Server 2019 x64 sha256:...

9CVSS8.8AI score0.13253EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2020/01/28 4:36 p.m.99 views

New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave

Another month, another speculative execution vulnerability found in Intel processors. If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel,...

5.5CVSS0.9AI score0.00587EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/18 12:0 a.m.59 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4134)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4134 advisory. - x86/fpu: Make eager FPU default Mihai Carabas Orabug: 28156176 CVE-2018-3665 - KVM: Fix stack-out-of-bounds read in writemmio Wanpeng Li Orabug:...

7.5CVSS7.2AI score0.04252EPSS
Exploits11References13
Mageia
Mageia
added 2018/02/15 9:17 p.m.80 views

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. The BPF interpreter has been...

7.8CVSS7.2AI score0.93838EPSS
Exploits17References7
0day.today
0day.today
added 2018/02/07 12:0 a.m.30 views

Vivotek IP Cameras - Remote Stack Overflow (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no...

7.1AI score
Exploits0
OSV
OSV
added 2017/12/07 7:29 p.m.29 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS7.6AI score
Exploits0References13
Prion
Prion
added 2017/12/07 7:29 p.m.36 views

Design/Logic Flaw

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

5CVSS7.8AI score0.16181EPSS
Exploits12References13Affected Software9
UbuntuCve
UbuntuCve
added 2017/12/07 12:0 a.m.48 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS6.7AI score0.04252EPSS
Exploits0References4
Hacker One
Hacker One
added 2017/09/27 8:49 p.m.49 views

Internet Bug Bounty: Perl $ENV Key Stack Buffer Overflow

The CPerlHost::Add method in win32\perlhost.h is vulnerable to a stack buffer overflow. void CPerlHost::AddLPCSTR lpStr char szBuffer1024; LPSTR lpPtr; int index, length = strlenlpStr+1; forindex = 0; lpStrindex != '\0' && lpStrindex != '='; ++index szBufferindex = lpStrindex; szBufferindex = '\0...

7.5CVSS9.5AI score0.06981EPSS
Exploits1
seebug.org
seebug.org
added 2017/06/14 12:0 a.m.66 views

Nexus 9 vs. Malicious Headphones, Take Two

Nexus 9 vs. Malicious Headphones, Take Two In March 2017 we disclosed CVE-2017-0510, a critical vulnerability in Nexus 9, that allowed for quite unique an attack by malicious headphones. Interestingly, its patch was insufficient. We had responsibly reported that finding CVE-2017-0648 to Google,...

9.3CVSS7.6AI score0.02087EPSS
Exploits7
Rows per page
Query Builder