Lucene search
K

255 matches found

NVD
NVD
added 2019/04/22 4:29 p.m.20 views

CVE-2011-3151

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.9CVSS5.2AI score0.00601EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/03/25 12:0 a.m.45 views

Fedora 29 : libssh2 (2019-f31c14682f)

This update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.3CVSS7.4AI score0.09219EPSS
Exploits0References10
Veracode
Veracode
added 2019/03/19 3:7 a.m.29 views

Denial Of Service (DoS)

libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process by sending a malicious SFTP packet with zero value for the payload length, causing zero-byte allocation that results in an out-of-bounds read...

9.1CVSS8.7AI score0.06448EPSS
Exploits0References18Affected Software2
FreeBSD
FreeBSD
added 2019/03/14 12:0 a.m.32 views

libssh2 -- multiple issues

libssh2 developers report: Defend against possible integer overflows in compmethodzlibdecomp. Defend against writing beyond the end of the payload in libssh2transportread. Sanitize paddinglength - libssh2transportread. This prevents an underflow resulting in a potential out-of-bounds read if a...

9.3CVSS2.4AI score0.09219EPSS
Exploits0References10
OSV
OSV
added 2019/02/27 11:29 p.m.2 views

DEBIAN-CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

5.9CVSS8.7AI score0.17139EPSS
Exploits0References1
OSV
OSV
added 2019/02/26 12:0 a.m.4 views

UBUNTU-CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

5.9CVSS6.7AI score0.17139EPSS
Exploits0References6
OSV
OSV
added 2018/06/10 11:29 p.m.3 views

DEBIAN-CVE-2018-12088

S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...

7.5CVSS6.9AI score0.01885EPSS
Exploits1References1
Veracode
Veracode
added 2018/04/18 5:40 a.m.15 views

Denial Of Service Through Stack Buffer Overflow

libiniparser.so is vulnerable to denial of service DoS through stack-base buffer overflow. The vulnerability exists in iniparserload of iniparser.c and occurs when parsing a zero-byte file, causing a denial of service DoS attack...

6.5AI score
Exploits0
OSV
OSV
added 2018/03/14 8:0 a.m.8 views

CURL-CVE-2018-1000120 FTP path trickery leads to NIL byte out of bounds write

curl can be fooled into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen o...

9.8CVSS9.1AI score0.12058EPSS
Exploits0
curl security advisories
curl security advisories
added 2018/03/14 8:0 a.m.5 views

FTP path trickery leads to NIL byte out of bounds write

curl can be fooled into writing a zero byte out of bounds. This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command --ftp-method singlecwd or the libcurl alternative CURLOPTFTPFILEMETHOD. curl then URL-decodes the given path, calls strlen o...

9.8CVSS7.7AI score0.12058EPSS
Exploits0Affected Software2
OSV
OSV
added 2017/10/31 9:29 p.m.4 views

ALPINE-CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

9.1CVSS7AI score0.06224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2017/10/31 9:0 p.m.8 views

CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...

6AI score0.06224EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2017/10/26 12:0 a.m.9 views

The vulnerability of the FileUploadServlet class in the software for managing workstations through the ManageEngine Desktop Central web interface allows a malicious individual to upload and execute any file they desire.

The vulnerability of the FileUploadServlet class in the software for managing workstations through the web interface of ManageEngine Desktop Central is related to the lack of restrictions on file uploads. Exploiting this vulnerability allows an unauthorized intruder, operating remotely, to upload...

10CVSS7.8AI score0.73603EPSS
Exploits6References6
curl security advisories
curl security advisories
added 2017/10/23 8:0 a.m.6 views

IMAP FETCH response out of bounds read

libcurl contains a buffer overrun flaw in the IMAP handler. An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data...

9.1CVSS7.2AI score0.06224EPSS
Exploits0Affected Software2
NVD
NVD
added 2017/07/31 2:29 p.m.19 views

CVE-2017-11757

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte...

9.8CVSS9.8AI score0.02494EPSS
Exploits1References3
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

WordPress WP Rocket Plugin Security Bypass Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . WP Rocket plugin is one of the cache optimization plugin . A security vulnerability exists in version 2.9.3 of...

7.5CVSS7.3AI score0.03327EPSS
Exploits1References1
OSV
OSV
added 2017/07/26 3:29 p.m.4 views

CVE-2017-11658

In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters .. -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack...

7.5CVSS5.8AI score0.03327EPSS
Exploits1References3
Broadcom
Broadcom
added 2017/03/31 12:0 a.m.9 views

BSA-2017-210

Security Advisory ID : BSA-2017-210 Component : libidn Revision : 2.0: Final idnin GNUlibidnbefore 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read...

7.5CVSS6.7AI score0.06721EPSS
Exploits0
Broadcom
Broadcom
added 2017/03/31 12:0 a.m.9 views

BSA-2017-213

Security Advisory ID : BSA-2017-213 Component : libidn Revision : 2.0: Final idninlibidnbefore 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948...

7.5CVSS6.8AI score0.06721EPSS
Exploits0
OSV
OSV
added 2017/01/27 12:0 a.m.6 views

UBUNTU-CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

7.5CVSS7.2AI score0.04975EPSS
Exploits0References4
Rows per page
Query Builder