Lucene search
+L

120 matches found

OSV
OSV
added 2017/07/02 10:29 p.m.5 views

UBUNTU-CVE-2017-10794

When GraphicsMagick 1.3.25 processes an RGB TIFF picture with metadata indicating a single sample per pixel in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode...

5.5CVSS6.8AI score0.01537EPSS
Exploits0References5
NVD
NVD
added 2017/03/20 4:59 p.m.22 views

CVE-2017-5987

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local OS guest privileged users to cause a denial of service infinite loop and QEMU process crash via vectors involving the transfer mode register during multi block transfer...

5.5CVSS5.7AI score0.00419EPSS
Exploits0References7
OSV
OSV
added 2017/03/20 4:59 p.m.3 views

DEBIAN-CVE-2017-5987

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local OS guest privileged users to cause a denial of service infinite loop and QEMU process crash via vectors involving the transfer mode register during multi block transfer...

5.5CVSS8AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2017/03/20 4:59 p.m.24 views

CVE-2017-5987

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local OS guest privileged users to cause a denial of service infinite loop and QEMU process crash via vectors involving the transfer mode register during multi block transfer...

5.5CVSS6AI score
Exploits0References7
Prion
Prion
added 2017/03/20 4:59 p.m.23 views

Code injection

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local OS guest privileged users to cause a denial of service infinite loop and QEMU process crash via vectors involving the transfer mode register during multi block transfer...

2.1CVSS6.3AI score0.00419EPSS
Exploits0References7Affected Software2
Debian CVE
Debian CVE
added 2017/03/20 4:0 p.m.58 views

CVE-2017-5987

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local OS guest privileged users to cause a denial of service infinite loop and QEMU process crash via vectors involving the transfer mode register during multi block transfer...

5.5CVSS5.9AI score0.00419EPSS
Exploits0
OSV
OSV
added 2017/03/14 2:59 p.m.4 views

UBUNTU-CVE-2017-6335

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service out-of-bounds read and application crash via a small samples per pixel value in a CMYKA TIFF file...

5.5CVSS6.8AI score0.01932EPSS
Exploits0References3
OSV
OSV
added 2017/03/14 2:59 p.m.2 views

DEBIAN-CVE-2017-6335

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service out-of-bounds read and application crash via a small samples per pixel value in a CMYKA TIFF file...

5.5CVSS6.6AI score0.01932EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/16 12:0 a.m.36 views

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...

6.2CVSS6.5AI score0.0135EPSS
Exploits2References12
Ubuntu
Ubuntu
added 2013/06/14 6:10 a.m.89 views

USN-1878-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. CVE-2013-0160 A flaw was discovered in the Linux...

4.9CVSS6.3AI score0.00732EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.13 views

Kernel: atm: update msg_namelen in vcc_recvmsg()

The vccrecvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6.4AI score0.00392EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2013/04/25 7:52 a.m.77 views

USN-1808-1: Linux kernel (EC2) vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

6.8CVSS6.5AI score0.00946EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2013/04/23 6:18 p.m.4 views

Kernel: atm: information leak in getsockopt & getsockname

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS6.7AI score0.00402EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2013/04/19 7:32 a.m.92 views

USN-1805-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer llc sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. CVE-2012-6542 Mathias Krause discovered information leaks in the Linux kernel's...

6.8CVSS6.5AI score0.00946EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2013/04/16 6:55 p.m.4 views

Kernel: atm: information leak in getsockopt & getsockname

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS6.7AI score0.00402EPSS
Exploits0References4
OSV
OSV
added 2013/03/07 12:0 a.m.8 views

UBUNTU-CVE-2012-6546

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

1.9CVSS6.8AI score0.00402EPSS
Exploits0References11
Ubuntu
Ubuntu
added 2012/10/09 8:19 a.m.79 views

USN-1599-1: Linux kernel (OMAP4) vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

7.8CVSS6.6AI score0.0048EPSS
Exploits3
Check Point Advisories
Check Point Advisories
added 2011/12/06 12:0 a.m.32 views

HP Intelligent Management Center tftpserver.exe Remote Code Execution (CVE-2011-1851)

A remote code execution vulnerability has been reported in HP Intelligent Management Center. The vulnerability is due to improper verification of the destination buffer's size while handling the transfer mode field within the tftpserver.exe component. A remote attacker could exploit this...

10CVSS7.3AI score0.12855EPSS
Exploits0
Metasploit
Metasploit
added 2008/10/15 11:21 a.m.69 views

Quick FTP Pro 2.1 Transfer-Mode Overflow

This module exploits a stack buffer overflow in the Quick TFTP Pro server product. MS Update KB926436 screws up the opcode address being used in oledlg.dll resulting in a DoS. This is a port of a sploit by Mati "muts" Aharoni. This module requires Metasploit: https://metasploit.com/download Curre...

7.5CVSS7.9AI score0.53906EPSS
Exploits4
Metasploit
Metasploit
added 2006/09/12 5:58 a.m.69 views

FutureSoft TFTP Server 2000 Transfer-Mode Overflow

This module exploits a stack buffer overflow in the FutureSoft TFTP Server 2000 product. By sending an overly long transfer-mode string, we were able to overwrite both the SEH and the saved EIP. A subsequent write-exception that will occur allows the transferring of execution to our shellcode via...

10CVSS0.7AI score0.62916EPSS
Exploits4
Rows per page
Query Builder