Page 75 of 733 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2

CVE-2019-14250

https://notcve.org/view.php?id=CVE-2019-14250

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils versión 2.32. simple_object_elf_match in simple-object-elf.c no comprueba un valor shstrndx de cero, lo que lleva a un desbordamiento de enteros y un desbordamiento de búfer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/109354 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924 https://gcc.gnu.org/ml/gcc • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-2877

https://notcve.org/view.php?id=CVE-2019-2877

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 5.5 (Availability impacts). • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://security.gentoo.org/glsa/202101-09 •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-2874

https://notcve.org/view.php?id=CVE-2019-2874

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://security.gentoo.org/glsa/202101-09 •

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-2867 – Oracle VirtualBox shader_get_registers_used Out-Of-Bounds Write Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2019-2867

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://security.gentoo.org/glsa/202101-09 https://www.zerodayinitiative.com/advisories/ZDI-19-963 https://www.zerodayinitiative.com/advisories/ZDI-19-964 https://www.zerodayinitiative.com/advisories/ZDI-19-965 • CWE-787: Out-of-bounds Write •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-2876

https://notcve.org/view.php?id=CVE-2019-2876

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://security.gentoo.org/glsa/202101-09 •