Lucene search
+L

73 matches found

Prion
Prion
added 2020/03/30 10:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

7.5CVSS9.3AI score0.01977EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2020/03/30 10:15 p.m.17 views

CVE-2020-11104

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

5.3CVSS1.3AI score0.01534EPSS
Exploits1
Prion
Prion
added 2020/03/30 10:15 p.m.12 views

Stack overflow

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

5CVSS5.2AI score0.01534EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2020/03/30 10:15 p.m.22 views

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

9.8CVSS1.3AI score0.01977EPSS
Exploits1
CVE
CVE
added 2020/03/30 9:30 p.m.71 views

CVE-2020-11104

CVE-2020-11104 affects USC iLab cereal up to version 1.3.0. Its serialization of an initialized long double into BinaryArchive/PortableBinaryArchive leaks several bytes of stack/heap memory, enabling leakage of sensitive information (memory layout or private keys) if the archive is distributed in...

5.3CVSS5.1AI score0.01534EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/03/30 9:30 p.m.19 views

CVE-2020-11104

An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if...

5.2AI score0.01534EPSS
Exploits1References1
CVE
CVE
added 2020/03/30 9:30 p.m.73 views

CVE-2020-11105

CVE-2020-11105 affects USC iLab cereal up to version 1.3.0, where serialization fidelity of std::shared_ptrs can be broken because the library caches shared_ptr raw addresses as identifiers. When a shared_ptr goes out of scope and a new one is allocated at the same address, serialized values may ...

9.8CVSS9.3AI score0.01977EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/03/30 9:30 p.m.26 views

CVE-2020-11105

An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same...

9.4AI score0.01977EPSS
Exploits1References1
GitLab Advisory Database
GitLab Advisory Database
added 2020/03/30 12:0 a.m.25 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

An issue was discovered in USC iLab cereal. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if the archive is...

5.3CVSS1.6AI score0.01534EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/03/30 12:0 a.m.28 views

Release of Invalid Pointer or Reference

An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...

9.8CVSS1.6AI score0.01977EPSS
Exploits1References1Affected Software1
Openbugbounty
Openbugbounty
added 2019/11/06 9:7 a.m.22 views

s3research.usc.edu Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1008579 Security Researcher devl00p Helped patch 2753 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting s3research.usc.edu websi...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/10/24 7:35 a.m.6 views

crsl.usc.edu Cross Site Scripting vulnerability

Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting crsl.usc.edu website and its users. Following coordinate...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/11 3:56 a.m.13 views

usc-scv.ch XSS vulnerability

Open Bug Bounty ID: OBB-630028 Description| Value ---|--- Affected Website:| usc-scv.ch Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/07 7:25 a.m.10 views

usc-calis.net XSS vulnerability

Open Bug Bounty ID: OBB-613230 Description| Value ---|--- Affected Website:| usc-calis.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/04/21 8:15 a.m.13 views

vectors.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-605689 Description| Value ---|--- Affected Website:| vectors.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/02/20 2:31 p.m.8 views

hospitality.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-564139 Description| Value ---|--- Affected Website:| hospitality.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/01/13 12:55 p.m.10 views

vectors.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-519258 Description| Value ---|--- Affected Website:| vectors.usc.edu Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/11 8:4 p.m.12 views

web-app.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-452199 Description| Value ---|--- Affected Website:| web-app.usc.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/06 7:25 p.m.12 views

dornsifecms.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-449420 Description| Value ---|--- Affected Website:| dornsifecms.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/21 5:55 a.m.11 views

visionsandvoices.usc.edu XSS vulnerability

Open Bug Bounty ID: OBB-427712 Description| Value ---|--- Affected Website:| visionsandvoices.usc.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Rows per page
Query Builder