Lucene search
K

726 matches found

OSV
OSV
added 2018/08/02 7:29 p.m.3 views

CVE-2017-16342

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the svoldimdelta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a...

9.9CVSS6.2AI score0.0136EPSS
Exploits2References1
Prion
Prion
added 2018/08/02 7:29 p.m.15 views

Buffer overflow

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the sport key is copied using strcpy to the buffer at 0xa00017f4. This buffer is 6 bytes large, sending anything longer will cause a buffer...

8CVSS9.3AI score0.01378EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2018/08/02 7:29 p.m.3 views

CVE-2017-16341

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the svolplay key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large this is the maximum size it could...

9.9CVSS6.2AI score0.0136EPSS
Exploits2References1
Prion
Prion
added 2018/08/02 7:29 p.m.20 views

Buffer overflow

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the svol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large this is the maximum size it could be,...

8CVSS9.2AI score0.01378EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/08/02 7:0 p.m.22 views

CVE-2017-16346

An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the smac key is copied using strcpy to the buffer at 0xa000170c. This buffer is 25 bytes large, sending anything longer will cause a buffer...

8.5CVSS9.4AI score0.01378EPSS
Exploits2References1
exploitpack
exploitpack
added 2018/05/28 12:0 a.m.24 views

Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)

Sony Playstation 4 PS4 5.1 - Kernel PoC log"--- trying kernel exploit --"; function mallocsz var backing = new Uint8Array0x10000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x10000+sz4...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/04/28 12:0 a.m.2 views

EDIMAX IC-3140W, IC-5150W and IC-6220DC Buffer Overflow Vulnerability

EDIMAX IC-3140W, IC-5150W and IC-6220DC are all different series of network camera products from EDIMAX. A stack buffer overflow vulnerability exists in the EDIMAX IC-3140W 3.06 and earlier, IC-5150W 3.09 and earlier, and IC-6220DC 3.06 and earlier, which stems from a program failing to properly...

8.8CVSS7.3AI score0.02843EPSS
Exploits1References1
Prion
Prion
added 2018/04/26 3:29 p.m.22 views

Stack overflow

An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcamcgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUEHERE HTTP...

5.8CVSS8.9AI score0.02843EPSS
Exploits1References4Affected Software3
Cvelist
Cvelist
added 2018/04/26 3:0 p.m.22 views

CVE-2018-8072

An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcamcgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUEHERE HTTP...

9AI score0.02843EPSS
Exploits1References4
ossfuzz
ossfuzz
added 2018/04/12 11:41 p.m.20 views

imagemagick/crop_fuzzer: Strcpy-param-overlap in LibRaw::identify

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6194991601811456 Project: imagemagick Fuzzer: libFuzzerimagemagickcropfuzzer Fuzz target binary: cropfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

6.7AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2017/12/21 3:0 a.m.31 views

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

6.5AI score0.01244EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2017/12/21 3:0 a.m.24 views

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

5.5CVSS7.1AI score0.01244EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2017/12/20 12:0 a.m.32 views

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

5.5CVSS6.9AI score0.01244EPSS
Exploits1References2
exploitpack
exploitpack
added 2017/09/14 12:0 a.m.24 views

EMC AlphaStor Library Manager 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit)

EMC AlphaStor Library Manager 4.0 build 910 - Opcode 0x4f Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'EMC AlphaStor Library Manager Opcode 0x4f', 'Description' = %q This module exploits a stack based buffer overflow found in EMC Alphastor Library Manager version 'james...

0.7AI score0.28547EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2017/09/01 12:0 a.m.8 views

The vulnerability of the Linux operating system’s kernel, which arises due to the lack of checks for buffer length, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Linux operating system’s kernel arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to trigger buffer overflows and compromise the confidentiality, integrity, and accessibility of protect...

10CVSS6.8AI score0.05233EPSS
Exploits0References24Affected Software1
OSV
OSV
added 2017/08/09 9:29 p.m.2 views

DEBIAN-CVE-2017-12762

In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree...

9.8CVSS8.7AI score0.05233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/08/09 9:29 p.m.3 views

CVE-2017-12762

In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree...

10CVSS6AI score0.05233EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2017/08/02 12:0 a.m.5 views

PT-2017-2720 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.18-stable through 4.12-stable Description: The issue is caused by a buffer overflow in the Linux kernel due to a user-controlled buffer being copied into a local buffer of constant size using the strcpy function withou...

10CVSS7.5AI score0.20797EPSS
Exploits86References378
UbuntuCve
UbuntuCve
added 2017/06/05 11:29 a.m.21 views

CVE-2017-9430

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv0. An example threat model is a web application...

9.8CVSS7.4AI score0.1132EPSS
Exploits8References2
Debian CVE
Debian CVE
added 2017/06/05 11:12 a.m.16 views

CVE-2017-9430

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv0. An example threat model is a web application...

9.8CVSS10AI score0.1132EPSS
Exploits8
Rows per page
Query Builder