Lucene search
K

36 matches found

Prion
Prion
added 2022/10/13 7:15 p.m.17 views

Buffer overflow

Azure RTOS USBX is a high-performance USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in uxhostclasspimaread, there is data length from device response, returned in the very first packet, and read by L165 code, as headerlength. Th...

7.5CVSS9.4AI score0.00642EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/08/17 9:15 p.m.3 views

DEBIAN-CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

3.2CVSS5.1AI score0.00363EPSS
Exploits1References1
NVD
NVD
added 2019/03/08 11:29 p.m.17 views

CVE-2019-8276

UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...

7.5CVSS8.3AI score0.05722EPSS
Exploits0References3
NVD
NVD
added 2017/12/16 7:29 p.m.15 views

CVE-2017-17715

The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak...

8.8CVSS8.4AI score0.01741EPSS
Exploits0References1
Prion
Prion
added 2017/11/16 7:29 a.m.14 views

Arbitrary file deletion

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

5CVSS5.7AI score0.01604EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/03/14 2:59 p.m.15 views

CVE-2017-5668

bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...

9.8CVSS8AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/03/14 2:59 p.m.22 views

CVE-2017-5668

bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...

9.8CVSS7.3AI score0.02983EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/03/14 2:0 p.m.21 views

CVE-2016-10189

BitlBee before 3.5 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list...

8.8AI score0.04041EPSS
Exploits0References6
OSV
OSV
added 2016/11/04 9:59 p.m.2 views

ALPINE-CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.4AI score0.00386EPSS
Exploits0References1
Prion
Prion
added 2016/11/04 9:59 p.m.30 views

Cross site request forgery (csrf)

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

2.1CVSS6.4AI score0.00386EPSS
Exploits0References10Affected Software5
AlpineLinux
AlpineLinux
added 2016/11/04 9:0 p.m.123 views

CVE-2016-8576

The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...

6CVSS6.4AI score0.00386EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

The vulnerability of the Dnsmasq software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability in the tftprequest function of tftp.c in dnsmasq when using --enable-tftp allows malicious actors to trigger a service failure by using a TFTP-read request RRQ with an improperly configured blksize parameter...

4.3CVSS5.4AI score0.10382EPSS
Exploits7References3Affected Software1
ThreatPost
ThreatPost
added 2015/01/28 12:47 p.m.11 views

FBI: Business Email Compromise Scams Steal $214m in 2014

The FBI’s Internet Crime Complaint Center IC3 is sounding the alarm on a type of fraud they are calling business email compromise BEC scams. The scheme, formerly known as a man-in-the-email attack, comes in three distinct flavors, each of which is ultimately designed to dupe corporate employees o...

0.4AI score
Exploits0References2
Cvelist
Cvelist
added 2009/03/03 4:0 p.m.25 views

CVE-2008-6393

PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer...

8AI score0.18201EPSS
Exploits1References14
Symantec
Symantec
added 2004/03/09 12:0 a.m.14 views

Microsoft MSN Messenger Information Disclosure Vulnerability

Description Microsoft MSN Messenger is prone to an information disclosure vulnerability. When a malformed file transfer request is initiated by a remote user, they may be able to view the contents of files on the remote system. Technologies Affected Microsoft MSN Messenger Service 6.0 Microsoft M...

6.6AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2003/07/04 4:0 a.m.18 views

CVE-2003-0505

Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "...." dot dot sequences in a file transfer request...

6.7AI score0.13507EPSS
Exploits0References2
Rows per page
Query Builder