Lucene search
K

92 matches found

CVE
CVE
added 2024/06/19 1:56 p.m.97 views

CVE-2024-38616

CVE-2024-38616 affects the Linux kernel wifi: carl9170 stack. The issue is a fortified-memset warning triggered in carl9170_tx_release (inlined via kref_put and carl9170_tx_put_skb) in randconfig builds. The root cause is a Fortify warning in fortify_memset_chk due to memory bounds handling; patc...

8.2CVSS8.6AI score0.00651EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/06/19 1:35 p.m.24 views

CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

0.00234EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/06/19 1:35 p.m.20 views

CVE-2024-38569 drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisipcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writing...

6.9AI score0.00234EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/06/19 1:35 p.m.21 views

CVE-2024-38568 drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/04/03 5:15 p.m.2 views

CVE-2024-27342

Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS6.2AI score0.00421EPSS
Exploits0References1
OSV
OSV
added 2023/09/09 11:5 a.m.4 views

OESA-2023-1606 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal...

9.8CVSS6.8AI score0.06341EPSS
Exploits5References4
Vulnrichment
Vulnrichment
added 2023/08/25 7:49 p.m.28 views

CVE-2023-40031 Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...

7.8CVSS8AI score0.00494EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.5 views

SUSE CVE-2017-10699

avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...

9.8CVSS10AI score0.04476EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10979

An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in radcoalesce" - this allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code...

9.8CVSS7.9AI score0.22202EPSS
Exploits0References4
Filippo.io
Filippo.io
added 2022/11/02 5:22 p.m.1035 views

Why Did the OpenSSL Punycode Vulnerability Happen

Some room-temperature takes on yesterdays not-quite-RCE vulnerabilities in OpenSSL 3.0, and on what there is to learn about safe cryptography engineering. A recap Yesterday OpenSSL published version 3.0.7, which was pre-announced to contain a fix for a CRITICAL vulnerability, the first one since...

5CVSS8.3AI score0.9077EPSS
Exploits6
BDU FSTEC
BDU FSTEC
added 2021/12/16 12:0 a.m.6 views

The vulnerability of the `system login block-for` command in Cisco NX-OSS routing devices allows a attacker to cause a service failure.

The vulnerability of the system login block-for command in the Cisco NX-OS networking operating system’s routers is related to data writing beyond the buffer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

5.3CVSS5.9AI score0.01572EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.7 views

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation can exceed the buffer boundaries into memory. This allows a malicious actor to execute arbitrary code or cause a service failure.

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation goes beyond the buffer boundaries into memory during PDW-file syntax analysis. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...

7.8CVSS7.9AI score0.00912EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/09/20 4:15 p.m.4 views

CVE-2021-39544

An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...

7.8CVSS7.5AI score0.00739EPSS
Exploits1References1
OSV
OSV
added 2021/08/08 12:15 a.m.5 views

UBUNTU-CVE-2021-38185

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is...

7.8CVSS7.2AI score0.0415EPSS
Exploits1References8
OSV
OSV
added 2021/02/09 6:15 p.m.4 views

CVE-2020-17419

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.1AI score0.0372EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/03 9:10 p.m.28 views

CVE-2020-1894

A stack write overflow in WhatsApp for Android prior to v2.20.35, WhatsApp Business for Android prior to v2.20.20, WhatsApp for iPhone prior to v2.20.30, and WhatsApp Business for iPhone prior to v2.20.30 could have allowed arbitrary code execution when playing a specially crafted push to talk...

8.9AI score0.01752EPSS
Exploits0References1
OSV
OSV
added 2019/09/27 7:15 p.m.3 views

CVE-2019-9357

In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995...

8.8CVSS7.7AI score0.00714EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.2 views

CVE-2019-2007

In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for...

9.8CVSS7.5AI score0.00921EPSS
Exploits0References1
OSV
OSV
added 2018/08/21 12:29 p.m.1 views

DEBIAN-CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

7.5CVSS9.2AI score0.08028EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/08/13 12:0 a.m.25 views

FreeBSD : GraphicsMagick -- SVG/Rendering vulnerability (e714b7d2-39f6-4992-9f48-e6b2f5f949df)

GraphicsMagick News : Fix heap write overflow of PrimitiveInfo and PointInfo arrays. This is another manefestation of CVE-2016-2317, which should finally be fixed correctly due to active detection/correction of pending overflow rather than using estimation. C Tenable Network Security, Inc. The...

5.5CVSS7.2AI score0.0199EPSS
Exploits0References3
Rows per page
Query Builder