Lucene search
K

35 matches found

SUSE CVE
SUSE CVE
added 2025/03/05 2:31 a.m.5 views

SUSE CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...

8.3CVSS7.3AI score0.00373EPSS
Exploits0References11
Mageia
Mageia
added 2024/03/23 1:0 a.m.105 views

Updated python python3 packages fix security vulnerabilities

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

9.8CVSS7.4AI score0.20459EPSS
Exploits8References8
Veracode
Veracode
added 2023/10/13 1:8 p.m.33 views

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial of service attack. The vulnerability is caused by a lack of validation of the contents of stream data. Availability of the system is impacted as a results of exploitation of this vulnerability...

7.5CVSS6.7AI score0.02152EPSS
Exploits1References7Affected Software1
RedHat Linux
RedHat Linux
added 2023/02/20 12:21 p.m.6 views

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

8.8CVSS7.3AI score0.00737EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/09/23 12:0 a.m.5 views

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from a global buffer overflow in the DCTStream::transformDataUnit location of /xpdf/Stream.cc...

5.5CVSS6AI score0.00397EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/03/01 3:7 p.m.28 views

CVE-2021-25829

An improper binary stream data handling issue was found in the core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server...

7.6AI score0.07445EPSS
Exploits1References10
NVD
NVD
added 2020/06/04 3:15 p.m.21 views

CVE-2020-13808

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

7.5CVSS7.5AI score0.0153EPSS
Exploits0References1
Prion
Prion
added 2020/06/04 3:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

5CVSS7.5AI score0.0153EPSS
Exploits0References1Affected Software2
AlpineLinux
AlpineLinux
added 2020/06/04 2:53 p.m.15 views

CVE-2020-13808

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via crafted cross-reference stream data...

7.5CVSS6.9AI score0.0153EPSS
Exploits0References1
Prion
Prion
added 2017/04/12 2:59 p.m.13 views

Memory corruption

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF TrueType font format stream data. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.4AI score0.03983EPSS
Exploits0References5Affected Software4
NVD
NVD
added 2015/03/21 1:59 a.m.20 views

CVE-2015-0670

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482...

6.4CVSS6.6AI score0.0175EPSS
Exploits0References2
Prion
Prion
added 2015/03/21 1:59 a.m.12 views

Default configuration

The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482...

6.4CVSS7.2AI score0.0175EPSS
Exploits0References2Affected Software2
n0where
n0where
added 2015/01/26 12:2 p.m.60 views

socat – Multipurpose Relay (SOcket CAT)

socat socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 – raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin...

1.6AI score
Exploits0
Kitploit
Kitploit
added 2014/08/20 12:52 a.m.32 views

SearchMyFiles v2.50 - Alternative to 'Search For Files And Folders' module of Windows + Duplicates Search

SearchMyFiles is an alternative to the standard "Search For Files And Folders" module of Windows. It allows you to easily search files in your system by wildcard, by last modified/created/last accessed time, by file attributes, by file content text or binary search, and by the file size...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2012/09/12 10:0 a.m.28 views

CVE-2012-2407

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted AAC file that is not properly handled during stream-data...

7.5AI score0.0205EPSS
Exploits0References2
Rows per page
Query Builder