Lucene search
K

653 matches found

Cvelist
Cvelist
added 2017/08/09 6:0 p.m.27 views

CVE-2015-2674

Restkit allows man-in-the-middle attackers to spoof TLS servers by leveraging use of the ssl.wrapsocket function in Python with the default CERTNONE value for the certreqs argument...

5.5AI score0.01352EPSS
Exploits0References3
OSV
OSV
added 2017/03/03 4:59 p.m.1 views

DEBIAN-CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

7.5CVSS6.8AI score0.04227EPSS
Exploits0References1
OSV
OSV
added 2017/03/03 4:59 p.m.4 views

ALPINE-CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

7.5CVSS6.8AI score0.04227EPSS
Exploits0References1
OSV
OSV
added 2017/03/03 4:59 p.m.2 views

UBUNTU-CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

7.5CVSS7.1AI score0.04227EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2016/12/19 12:47 p.m.30 views

CVE-2016-2123

A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndrpulldnspname contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndrpulldnspname parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute ov...

8.8CVSS4.1AI score0.06226EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2016/07/08 10:30 a.m.10 views

On the Android Crypto Weakness, FDE Bypass, Hummingbad, and More

Mike Mimoso, Tom Spring and Chris Brook discuss the news of the week, including all things Android: the crypto weakness, the full disk encryption bypass, and new malware, Hummingbad, which impacts the mobile operating system. The three also discuss the TP-Link router fiasco. Download:...

1.6AI score
Exploits0References2
hackapp
hackapp
added 2016/04/01 9:21 a.m.14 views

Luxury Photo Wrap - Insta Pro - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Luxury Photo Wrap - Insta Pro published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/06/17 12:0 a.m.1 views

RSA Validation Manager 'displayMode' and 'wrapPreDisplayMode' Cross-Site Scripting Vulnerabilities

RSA Validation Manager is a validation program for RSA. The RSA Validation Manager user interface fails to properly handle the 'displayMode' and 'wrapPreDisplayMode' parameters, allowing remote attackers to exploit vulnerabilities by injecting malicious script or HTML code that can be used to gai...

4.3CVSS7.1AI score0.0136EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/05/25 3:25 a.m.5 views

chromium-browser: Sandbox escape in Chrome.

common/partialcircularbuffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service out-of-bounds write via vectors that trigger a write operation with a large amount of data,...

7.5CVSS7.4AI score0.01701EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.40 views

Mandriva Linux Security Advisory : perl (MDVSA-2015:136)

Updated perl package fixes security vulnerability : The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which...

2.1CVSS7.3AI score0.00554EPSS
Exploits3References2
Ubuntu
Ubuntu
added 2014/10/14 3:18 p.m.65 views

USN-2345-1: Oxide vulnerabilities

Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process...

10CVSS8.6AI score0.0595EPSS
Exploits0
OSV
OSV
added 2014/10/14 3:18 p.m.2 views

USN-2345-1 oxide-qt vulnerabilities

Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process...

10CVSS7.6AI score0.0595EPSS
Exploits0References13
Mageia
Mageia
added 2014/10/09 2:6 p.m.47 views

Updated perl packages fix CVE-2014-4330

Updated perl package fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which trigge...

2.1CVSS7.4AI score0.00554EPSS
Exploits3References4
OSV
OSV
added 2014/10/09 2:6 p.m.9 views

MGASA-2014-0406 Updated perl packages fix CVE-2014-4330

Updated perl package fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which trigge...

2.1CVSS6.4AI score0.00554EPSS
Exploits3References5
Oracle linux
Oracle linux
added 2014/08/11 12:0 a.m.48 views

unbreakable enterprise kernel security update

2.6.39-400.215.7 - sctp: Fix skackbacklog wrap-around problem Xufeng Zhang Orabug: 19404245 CVE-2014-4667...

5CVSS0.9AI score0.05926EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

SGI IRIX 6.2 cgi-bin wrap Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/373/info A vulnerability exists in the cgi-bin program 'wrap', as included with Irix 6.2 from SGI. A failure to validate input results in a vulnerability that allows any remote attacker to view the contents of any world...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Apache Win32 Chunked Encoding

No description provided by source. $Id: apachechunked.rb 9719 2010-07-07 17:38:59Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2014/06/28 12:0 a.m.46 views

[oss-security] CVE request -- Linux kernel: sctp: sk_ack_backlog wrap-around problem

Description of the problem: For a TCP-style socket, while processing the COOKIEECHO chunk in sctpsfdo51Dce, after it has passed a series of sanity check, a new association would be created in sctpunpackcookie, but afterwards, some processing maybe failed, and sctpassociationfree will be called to...

7.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2014/06/23 2:4 p.m.10 views

HIMSS Privacy & Security Forum – West 2014 Wrap-Up

The first HIMSS Privacy & Security Forum in the western U.S. proved to be a success and was attended by over 300 people including attendees CEs and BAs, speakers, exhibitors, and partners. We reconnected with several clients and met new friends at our booth, which was located right in the middle ...

1.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/04/16 12:0 a.m.4 views

Google Android Vold Volume Manager Integer Wrap Root Exploit Privilege Escalation - Ver2 (CVE-2011-1823)

A privilege escalation vulnerability has been reported in Google Android Operating System. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS6.7AI score0.41634EPSS
Exploits1
Rows per page
Query Builder