Lucene search
K

62 matches found

CNNVD
CNNVD
added 2023/07/12 12:0 a.m.3 views

WordPress Plugin MStore API 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6AI score0.00298EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/04/19 12:0 a.m.13 views

Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

Lines of code Vulnerability details Impact The token quantity is sent to 0 and then the token is internally burned, causing a logic problem. Proof of Concept 1. burnWithReserve - reservePPM = 0 2. calculateFreedAmount call - The result is scaled by the ratio of currentReserve and minterReserve...

6.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.5 views

SUSE CVE-2014-4322

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or...

7.2CVSS6.9AI score0.02038EPSS
Exploits4References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:37 a.m.4 views

SUSE CVE-2021-41495

Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error ca...

5.5CVSS9.4AI score0.01154EPSS
Exploits1References11
Veracode
Veracode
added 2022/12/13 2:14 a.m.39 views

HTTP Response Splitting

netty-codec-http is vulnerable to HTTP response splitting attack. The vulnerability exists in the setObject function of DefaultHeaders.java as it takes the arrays and iterators as arguments, providing a way to bypass value validation allowing an attacker to inject malicious header values into the...

6.5CVSS6.8AI score0.00885EPSS
Exploits1References8Affected Software2
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.5 views

Siemens LOGO! 8 BM 输入验证错误漏洞

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for the Windows platform used in industrial environments from Siemens, Germany. The vulnerability stems from the inability to properly validate offset values defined in TCP packets when calling methods. An attacker coul...

5.3CVSS6.7AI score0.0038EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/04/01 12:0 a.m.5 views

PT-2022-10422 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible out of bound write due to improper validation of the number of timer values received from firmware while syncing timers. This affects various...

7.8CVSS7.5AI score0.0019EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/03/07 12:0 a.m.4 views

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products...

7.8CVSS7.3AI score0.0019EPSS
Exploits0References8
CNVD
CNVD
added 2021/12/21 12:0 a.m.31 views

NumPy has an unspecified vulnerability

NumPy is a Python scientific computing package. The product supports a large number of dimensional arrays and matrices, while providing a large library of mathematical functions for data operations. numPy 1.19 has a security vulnerability that stems from a null pointer dereference vulnerability i...

5.3CVSS2.1AI score0.01154EPSS
Exploits1References1
Prion
Prion
added 2021/12/17 8:15 p.m.24 views

Null pointer dereference

DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an...

3.5CVSS5.2AI score0.01154EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/09/01 5:15 p.m.6 views

CVE-2021-29853

IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529...

4.3CVSS6AI score0.00781EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2019/07/02 12:0 a.m.21 views

Advantech WebAccess Node viewsrv SQLFreeEnv Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27D9 IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.5AI score0.10665EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/10 12:0 a.m.3 views

Denial of service vulnerability in the mp110005.sys driver of Micropoint Intelligent Defense Software Personal Free Edition (CNVD-2018-20118)

Micropoint Intelligent Defense Software Personal Free Edition is a set of third-generation anti-virus software of Micropoint Baihui Beijing Information Security Technology Co., Ltd. and adopts AI Intelligent Defense Technology to independently analyze and judge viruses. A denial of service...

6.5AI score
Exploits0
CNVD
CNVD
added 2017/12/07 12:0 a.m.4 views

Unspecified Vulnerability in Google Android Qualcomm Closed Source Component

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. Qualcomm is one of the Qualcomm components used in Qualcomm devices. An unspecified vulnerability exists in the Qualcomm closed-source component in Android, which stems...

10CVSS7.3AI score0.00726EPSS
Exploits0References1
OSV
OSV
added 2017/10/18 3:29 p.m.5 views

UBUNTU-CVE-2015-2156

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name a...

7.5CVSS7.2AI score0.05434EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.6 views

php: imagegammacorrect allows arbitrary write access

The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact by providing different signs for the second an...

9.8CVSS7.4AI score0.06842EPSS
Exploits1References4
CNVD
CNVD
added 2016/11/02 12:0 a.m.2 views

NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2016-10566)

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. A local elevation of privilege vulnerability exists in NVIDIA Windows GPU Display Driver, which arises from the program failing to properly validate values. A local attacker could...

7.8CVSS6.8AI score0.01535EPSS
Exploits1References1
CNVD
CNVD
added 2016/11/02 12:0 a.m.11 views

NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2016-10568)

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. A local elevation of privilege vulnerability exists in NVIDIA Windows GPU Display Driver, which arises from the program failing to properly validate values. A local attacker could...

7.8CVSS6.8AI score0.01535EPSS
Exploits1References1
CNVD
CNVD
added 2016/11/01 12:0 a.m.5 views

NVIDIA Windows GPU Display Driver Local Privilege Vulnerability

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. The NVIDIA Windows GPU Display Driver is vulnerable to a local elevation of privilege vulnerability that arises from the program failing to properly validate values. A local attacke...

7.8CVSS6.8AI score0.01496EPSS
Exploits2References1
OSV
OSV
added 2012/09/14 6:55 p.m.1 views

DEBIAN-CVE-2012-4922

The tortimegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed directory object, a different vulnerability than...

5CVSS8.8AI score0.02233EPSS
Exploits0References1
Rows per page
Query Builder