| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18491. |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| An issue in ETSI Open-Source MANO (OSM) 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component. |
| Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option. |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Issue of inconsistent read/write serialization in the ad module.
Impact: Successful exploitation of this vulnerability may affect the availability of the ad service. |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of returning released pointers in the distributed notification service.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of improper processing of abnormal conditions in huge page separation.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds read vulnerability in the register configuration of the DMA module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit `65c44883f` which has been included in release `2.25.8`. Users are advised to upgrade. Users unable to upgrade should disable wiki integration ( `$g_wiki_enable = OFF;`). |
| Memory corruption when the IOCTL call is interrupted by a signal. |
| Memory corruption when IOCTL call is invoked from user-space to read board data. |
| Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. |
| Memory corruption during the image encoding process. |
| Memory corruption while processing the TESTPATTERNCONFIG escape path. |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
