Lucene search
K

33 matches found

ATTACKERKB
ATTACKERKB
added 2022/02/16 7:15 p.m.2 views

CVE-2021-3578

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote co...

7.8CVSS6.6AI score0.00998EPSS
Exploits0References12
Prion
Prion
added 2022/02/16 7:15 p.m.20 views

Remote code execution

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote co...

7.2CVSS7.9AI score0.00998EPSS
Exploits0References9Affected Software3
CVE
CVE
added 2022/02/16 6:35 p.m.140 views

CVE-2021-3578

CVE-2021-3578 affects isync/mbsync before versions 1.3.6 and 1.4.2. The root cause is an unchecked pointer cast that lets a malicious or compromised IMAP server write an arbitrary integer past the end of a heap-allocated structure via an unexpected APPENDUID response, potentially enabling remote ...

7.8CVSS7.9AI score0.00998EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2021/06/07 12:0 p.m.34 views

CVE-2021-3578

A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote co...

7.8CVSS7.2AI score0.00998EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/07 12:0 a.m.3 views

PT-2021-21062 · Mbsync +2 · Mbsync +2

Name of the Vulnerable Software and Affected Versions: mbsync versions prior to 1.3.6 mbsync versions prior to 1.4.2 Description: A flaw was found in mbsync where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocate...

9.8CVSS7.7AI score0.03662EPSS
Exploits1References38
Prion
Prion
added 2021/03/11 9:15 p.m.17 views

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS7.5AI score0.00841EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.7 views

The vulnerability of Intel Graphics Driver drivers lies in the lack of checking for the value of the pointer before its assignment, which allows a malicious actor to trigger a service failure.

The vulnerability of Intel Graphics Driver drivers is related to the lack of checking for the value of the pointer before it is reassigned. Exploiting this vulnerability can allow an attacker to cause a service failure...

1.9CVSS5.9AI score0.00235EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.4 views

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Asylo up to 0.6.0, which allows an...

5.5CVSS6.2AI score0.00156EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.5 views

The numerous vulnerabilities of the Webvrpcs software, a remote monitoring solution from Advantech, allow a intruder to execute arbitrary code.

The multiple vulnerabilities of the Webvrpcs software for remote monitoring from Advantech WebAccess are related to the lack of checking for the value of the pointer before it is assigned. Exploiting these vulnerabilities could allow a malicious actor to execute arbitrary code remotely...

9.8CVSS6.1AI score0.10665EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2019/02/18 12:0 a.m.8 views

PT-2019-1108 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.19.13 Description: A local attacker can exploit an issue in the i915 gem execbuffer2 ioctl function where a provided address with access ok is not checked, allowing for a malicious IOCTL function call to...

10CVSS7.5AI score0.93838EPSS
Exploits103References1086
Prion
Prion
added 2018/08/25 9:29 p.m.12 views

Null pointer dereference

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers...

2.1CVSS6AI score0.00433EPSS
Exploits0References6Affected Software3
seebug.org
seebug.org
added 2017/10/16 12:0 a.m.21 views

Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability(CVE-2016-3591)

Description Partially controlled memory write vulnerability exists in Mac Works Database file format parsing code of Oracle Outside In Technology Content Access SDK. An unchecked pointer arithmetic causes an out of bounds memory write which can lead to denial of service or possibly code execution...

9CVSS8.5AI score0.0393EPSS
Exploits1
FreeBSD
FreeBSD
added 2005/05/10 12:0 a.m.32 views

gaim -- MSN remote DoS vulnerability

The GAIM team reports: Potential remote denial of service bug resulting from not checking a pointer for non-NULL before passing it to strncmp, which results in a crash. This can be triggered by a remote client sending an SLP message with an empty body...

5CVSS6.3AI score0.01898EPSS
Exploits0References1
Rows per page
Query Builder