Lucene search
K

114 matches found

RedHat Linux
RedHat Linux
added 2023/11/07 8:49 a.m.16 views

krb5: Denial of service through freeing uninitialized pointer

A vulnerability was found in the xdrkadm5principalentrec function in lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 krb5. This issue occurs due to lack of validation in the relationship between nkeydata and the keydata array count, leading to the freeing of uninitialized pointers. This may allow a remo...

6.5CVSS6.9AI score0.02107EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/10/27 12:0 a.m.2 views

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A security vulnerability exists in Rockwell Automation Arena Simulation, which can be exploited by an attacker to submit unauthorized code...

7.8CVSS6.9AI score0.00249EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/10 12:0 a.m.5 views

Adobe Acrobat Reader Buffer Error Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDFs. A buffer error vulnerability previously existed in Adobe Acrobat Reader version 23.003.20244, which stems from being affected by the Access to Uninitialized Pointer...

7.8CVSS7.3AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/07 12:0 a.m.2 views

MIT Kerberos Buffer Error Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability...

6.5CVSS6.9AI score0.02107EPSS
Exploits0References8
Prion
Prion
added 2023/07/19 2:15 p.m.15 views

Heap overflow

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...

7.5CVSS9.7AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/19 1:40 p.m.43 views

CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow

All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...

6.6CVSS9.9AI score0.00382EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.8 views

kernel: RDMA/rxe: Fix "kernel NULL pointer dereference" error

A NULL pointer dereference vulnerability was found in the RXE Soft-RoCE RDMA driver in the Linux kernel. When rxequeueinit fails during queue pair initialization in rxeqpinitreq, the task function and argument pointers qp-req.task.func and qp-req.task.arg remain uninitialized. The cleanup functio...

7.1AI score0.00239EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.3 views

Autodesk 3ds Max 缓冲区错误漏洞

Autodesk 3ds Max is a full-featured, three-dimensional computer graphics software from the American company Autodesk. A security vulnerability exists in Autodesk 3ds Max USD version 0.4, which originates from the possibility that an attacker could trick a user into opening a malicious USD file,...

7.8CVSS7.6AI score0.00226EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.2 views

SUSE CVE-2006-6144

The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon kadmind and other products that use this library, allows remote attackers to cause a denial of service crash via unspecified vectors that cause mechglue to free...

5CVSS7AI score0.05216EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.2 views

SUSE CVE-2020-5972

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10....

7.1CVSS6.7AI score0.00315EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/12 12:0 a.m.4 views

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. A security vulnerability exists in the Bluetooth module of the Qualcomm chip,...

8.8CVSS8AI score0.00326EPSS
Exploits0References2
CVE
CVE
added 2022/10/11 12:0 a.m.66 views

CVE-2022-38138

The CVE-2022-38138 vulnerability affects Triangle Microworks IEC 61850 Library (C: 11.2.0 and earlier) and IEC 60870-6 ICCP/TASE.2 Library (C++: 4.4.3 and earlier); as well as the C++, C#, or Java variants (5.0.1 and earlier). Root cause: access to a small set of uninitialized pointers in the lib...

7.5CVSS7.4AI score0.00764EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/10/11 12:0 a.m.5 views

CVE-2022-38138

The Triangle Microworks IEC 61850 Library Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C, or Java language library with a version number of 5.0.1 or earlier and 60870-6 ICCP/TASE.2 Library Any client or server...

7.5CVSS7.4AI score0.00764EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.2 views

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A security vulnerability exists in Ansys SpaceClaim 2022 R1, which arises from the parsing of XB files that are not properly initialized before accessing pointers, allowing an attacker to execute code in the context of the...

7.8CVSS7.6AI score0.00551EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.6 views

多款Triangle Microworks产品缓冲区错误漏洞

Triangle Microworks TMW IEC 61850 Software Library and Triangle Microworks TMW IEC 60870-6 ICCP/TASE.2 Software Library are both SCADA communication protocol software libraries from Triangle Microworks, Inc. Triangle Microworks TMW IEC 60870-6 ICCP/TASE.2 Software Library are SCADA communication...

7.5CVSS7.8AI score0.00764EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:2292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.6AI score0.5838EPSS
Exploits4References2
OSV
OSV
added 2022/07/06 11:5 a.m.6 views

SUSE-SU-2022:2292-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2021-21707: Fixed a special character breaks path in xml parsing. bsc1193041 - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. bsc1200645 - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using...

8.8CVSS7.5AI score0.5838EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:2275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.4AI score0.5838EPSS
Exploits3References5
OSV
OSV
added 2022/07/05 3:34 p.m.7 views

SUSE-SU-2022:2275-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. bsc1200645 - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdomysql extension with mysqlnd driver. bsc1200628...

8.8CVSS8.9AI score0.5838EPSS
Exploits3References5
CNNVD
CNNVD
added 2022/06/24 12:0 a.m.3 views

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in several CODESYS products, which can be exploited by a low-privileged remote attacker to craft a request that results in read access to uninitialized pointers, leading to a deni...

6.5CVSS6.9AI score0.00951EPSS
Exploits0References2
Rows per page
Query Builder