Lucene search
+L

151 matches found

CVE
CVE
added 2019/11/07 5:7 p.m.50 views

CVE-2011-2337

The CVE-2011-2337 entry concerns WebKit in Google Chrome (pre-Blink M12) on 64-bit platforms, where a return value from strlen uses the wrong type. The Connected documents reiterate this same issue across multiple sources, without providing concrete exploit details, impacted versions beyond the C...

9.8CVSS9.1AI score0.00809EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.4 views

The vulnerability of the __strlen_sse2_pminub function in the infotocap utility from the ncurses-bin package allows a hacker to induce a service failure.

The vulnerability of the strlensse2pminub function located in the file sysdeps/x8664/multiarch/strlen-sse2-pminub.S:50 in the infotocap utility from the ncurses-bin package is related to errors in pointer arithmetic. Exploiting this vulnerability could allow an attacker to cause a system failure ...

6.2CVSS5.5AI score
Exploits0Affected Software1
CNVD
CNVD
added 2018/07/05 12:0 a.m.4 views

Memory Corruption Vulnerability in NAPro

Nanda Aotuo Technology Jiangsu Co., Ltd. specializes in the research, development, production and sales of programmable logic controllers PLC, has formed a large and medium-sized PLC products as the main products, supplemented by small PLC products, remote measurement and control unit RTU, touch...

7.1AI score
Exploits0
OSV
OSV
added 2018/01/16 9:29 a.m.29 views

CVE-2018-5710

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the Key Distribution Center KDC, which allows remote authenticated users to cause a denial of servi...

6.5CVSS6.7AI score
Exploits0References1
0day.today
0day.today
added 2018/01/12 12:0 a.m.20 views

Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)

/ Title: Linux/ARM - execve"/bin/sh",NULL,0 - 31 bytes Date: 2010-08-31 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM without 0x20, 0x0a and 0x00 00008054 : 8054: e28f3001 add r3, pc, 1 ; 0x1 8058: e12fff13 bx r3 805c: 4678 mov r0, p...

7.4AI score
Exploits0
Prion
Prion
added 2017/10/31 9:29 p.m.21 views

Heap overflow

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

6.4CVSS8.9AI score0.06224EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2017/10/31 9:29 p.m.5 views

ALPINE-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7AI score0.06224EPSS
Exploits0References1
OSV
OSV
added 2017/10/31 9:29 p.m.1 views

DEBIAN-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS9.3AI score0.06224EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/10/31 9:0 p.m.25 views

CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.2AI score0.06224EPSS
Exploits0References8
curl security advisories
curl security advisories
added 2017/10/23 8:0 a.m.10 views

IMAP FETCH response out of bounds read

libcurl contains a buffer overrun flaw in the IMAP handler. An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data...

9.1CVSS7.2AI score0.06224EPSS
Exploits0Affected Software2
OSV
OSV
added 2017/10/23 12:0 a.m.4 views

UBUNTU-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7.4AI score0.06224EPSS
Exploits0References5
NVD
NVD
added 2017/05/18 6:29 a.m.20 views

CVE-2017-9048

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...

7.5CVSS6.2AI score0.04888EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2017/05/18 6:13 a.m.77 views

CVE-2017-9048

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...

7.5CVSS8.4AI score0.04888EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2017/03/23 2:18 p.m.17 views

CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

9.1CVSS1.5AI score0.02456EPSS
Exploits0References1
Prion
Prion
added 2017/03/22 4:59 p.m.16 views

Heap overflow

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

6.4CVSS8.8AI score0.02456EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/03/22 4:59 p.m.6 views

UBUNTU-CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

9.1CVSS7.1AI score0.02456EPSS
Exploits0References3
OSV
OSV
added 2017/03/22 4:59 p.m.3 views

DEBIAN-CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

9.1CVSS9.1AI score0.02456EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/03/22 4:0 p.m.24 views

CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

6.9AI score0.02456EPSS
Exploits0References1
Hacker One
Hacker One
added 2016/11/10 12:50 p.m.16 views

Paragon Initiative Enterprises: Not using Binary::safe* functions for substr/strlen function

Several places in the code don't use Binary::safe or CryptoUtil::safe functions, but use raw functions instead strlen/substr which can act as mbfuncname instead not count bytes for strlen/etc... 1...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Linux/ARM - execve("/bin/sh", [0], [0 vars]) - 27 bytes

No description provided by source. / Title: Linux/ARM - execve/bin/sh, 0, 0 vars - 27 bytes Date: 2010-08-31 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM with not a 0x20, 0x0a and 0x00 Disassembly of section .text: 00008054 start...

7.1AI score
Exploits0
Rows per page
Query Builder