CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7301 matches found

ATTACKERKB•added 2020/02/11 12:0 a.m.•29 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ‘Windows Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at March 17, 2020 8:31pm UTC reported: Analysis performed using ipnathlp.dll from Windows Server 2019 x64 sha256:...

9CVSS8.8AI score0.34121EPSS

Exploits0References2

OSV•added 2020/02/09 7:13 p.m.•8 views

MGASA-2020-0081 Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

7.8CVSS7.8AI score0.88008EPSS

Exploits13References5

Prion•added 2020/02/05 7:15 p.m.•17 views

Stack overflow

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...

10CVSS7.6AI score0.01355EPSS

Exploits0References2Affected Software21

IBM Security Bulletins•added 2020/02/04 4:40 p.m.•28 views

Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)

Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...

9.8CVSS2AI score0.38346EPSS

Exploits0Affected Software1

Tenable Nessus•added 2020/02/03 12:0 a.m.•50 views

FreeBSD : sudo -- Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317)

Todd C. Miller reports : Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key...

7.8CVSS7.6AI score0.88008EPSS

Exploits13References3

Talos•added 2020/02/03 12:0 a.m.•24 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate...

7.5CVSS7.7AI score0.00435EPSS

Exploits1

UbuntuCve•added 2020/01/31 10:15 p.m.•19 views

CVE-2014-8322

Stack-based buffer overflow in the tcptest function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value...

9.8CVSS7.4AI score0.32211EPSS

Exploits3References3

NVD•added 2020/01/31 6:15 p.m.•9 views

CVE-2013-3488

Stack-based buffer overflow in Media Player Classic - Home Cinema MPC-HC before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream M2TS file...

7.8CVSS8AI score0.03754EPSS

Exploits0References2

CVE•added 2020/01/31 5:46 p.m.•103 views

CVE-2013-3488

CVE-2013-3488 affects Media Player Classic - Home Cinema (MPC-HC) prior to 1.7.0.7858. The vulnerability is a stack-based buffer overflow in processing MPEG-2 Transport Stream (M2TS) files, enabling remote attackers to potentially execute arbitrary code. The public documents specify the affected ...

7.8CVSS8AI score0.03754EPSS

Exploits0References2Affected Software1

Prion•added 2020/01/29 6:15 p.m.•26 views

Stack overflow

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...

4.6CVSS7.7AI score0.88008EPSS

Exploits13References26Affected Software2

AlpineLinux•added 2020/01/29 5:23 p.m.•36 views

CVE-2019-18634

7.8CVSS8.2AI score0.88008EPSS

Exploits13

Prion•added 2020/01/27 3:15 p.m.•14 views

Stack overflow

XnView 2.03 has a stack-based buffer overflow vulnerability...

7.5CVSS7.6AI score0.00436EPSS

Exploits0References1Affected Software1

CVE•added 2020/01/27 2:24 p.m.•46 views

CVE-2013-3492

The CVE-2013-3492 entry concerns XnView 2.03 and is documented to have a stack-based buffer overflow vulnerability in XnView. Affected software is XnView 2.03; the underlying cause is a stack-based overflow. The available connected documents confirm the vulnerability but do not provide specifics ...

9.8CVSS9.6AI score0.00436EPSS

Exploits0References1Affected Software1

OpenVAS•added 2020/01/23 12:0 a.m.•20 views

Huawei EulerOS: Security Advisory for librelp (EulerOS-SA-2018-1134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.27155EPSS

Exploits1References2

OpenVAS•added 2020/01/23 12:0 a.m.•23 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2018-1398)

9.8CVSS6.3AI score0.01283EPSS

Exploits0References2

OpenVAS•added 2020/01/23 12:0 a.m.•22 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1398)

9.8CVSS9.7AI score0.15968EPSS

Exploits5References2

OpenVAS•added 2020/01/23 12:0 a.m.•21 views

Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-1879)