Lucene search
+L

18 matches found

nvd
nvd
added 2026/05/21 9:16 a.m.19 views

CVE-2026-44057

A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, which may allow a remote authenticated attacker to obtain limited information via crafted Spotlight RPC requests...

3.1CVSS0.00186EPSS
Exploits0References1
nessus
nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003176 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also...

5.5CVSS6.5AI score0.00437EPSS
Exploits0References13
packetstormnews
packetstormnews
added 2025/11/25 12:0 a.m.7 views

A Reality Check on SBOM-Based Vulnerability Management: An Empirical Study and a Path Forward

The Software Bill of Materials SBOM is a critical tool for securing the software supply chain SSC, but its practical utility is undermined by inaccuracies in both its generation and its application in vulnerability scanning. This paper presents a large-scale empirical study on 2,414 open-source...

7AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9009

Malware in sbrugna...

5.5CVSS6.7AI score0.00437EPSS
Exploits0References15
nessus
nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-17862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also...

5.5CVSS6.4AI score0.00437EPSS
Exploits0References2
nvd
nvd
added 2024/04/16 9:15 a.m.13 views

CVE-2024-32634

In huge memory get unmapped area check, code can never be reached because of a logical contradiction...

6.1CVSS6.4AI score0.00266EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/04/16 12:0 a.m.5 views

PT-2024-24734

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description The issue is related to a logical contradiction in the code for checking unmapped areas in huge memory, which results in a section of code that can never ...

6.1CVSS6.7AI score0.00266EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 4:36 a.m.2 views

SUSE CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS6.5AI score0.00437EPSS
Exploits0References9
osv
osv
added 2020/04/17 4:15 p.m.5 views

CVE-2020-11876

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code...

7.5CVSS5.8AI score0.01664EPSS
Exploits1References1
nvd
nvd
added 2020/04/17 4:15 p.m.20 views

CVE-2020-11876

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code...

7.5CVSS7.6AI score0.01664EPSS
Exploits1References1
cvelist
cvelist
added 2020/04/17 3:45 p.m.25 views

CVE-2020-11877

airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector IV for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code...

7.6AI score0.01524EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2020/04/17 12:0 a.m.4 views

PT-2020-12911 · Zoom · Zoom Client For Meetings

Name of the Vulnerable Software and Affected Versions: Zoom Client for Meetings version 4.6.11 Description: The issue concerns the use of a static Initialization Vector IV for AES-256 CBC encryption in the airhost.exe component. Specifically, the IV used is 3423423432325249. The vendor notes that...

7.5CVSS7AI score0.01524EPSS
Exploits1References5
nessus
nessus
added 2018/01/10 12:0 a.m.90 views

Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown)

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

7.8CVSS7.3AI score0.84172EPSS
Exploits19References6
osv
osv
added 2017/12/27 5:8 p.m.10 views

CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS6.4AI score
Exploits0References10
osv
osv
added 2017/12/27 5:8 p.m.2 views

DEBIAN-CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS7.6AI score0.00437EPSS
Exploits0References1
attackerkb
attackerkb
added 2017/12/27 5:8 p.m.3 views

CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS7.7AI score0.00437EPSS
Exploits0References15
osv
osv
added 2017/12/27 12:0 a.m.6 views

UBUNTU-CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS6.7AI score0.00437EPSS
Exploits0References9
cvelist
cvelist
added 2017/12/23 5:0 p.m.27 views

CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

6.1AI score0.00437EPSS
Exploits0References10
Rows per page
Query Builder