映射到 CWE-119,CWE-120 的搜索结果 (8267)

CVE-2015-3249(发布:2017-10-30 10:29:00)NMS
CVSS7.5

[原文]The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.

CVE-2017-6162(发布:2017-10-27 10:29:00)NMS
CVSS4.3

[原文]In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects TMM via a virtual server configured with TCP profile. Traffic processing is disrupted while Traffic Management Microkernel (TMM) restarts. If the affected BIG-IP system is configured to be part of a device group, it will trigger a failover to the peer device.

CVE-2017-6163(发布:2017-10-27 10:29:00)NMS
CVSS4.3

[原文]In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams beyond the advertised limit can cause a disruption of service. Remote client initiating stream beyond the advertised limit can cause a disruption of service. The Traffic Management Microkernel (TMM) data plane is exposed to this issue; the control plane is not exposed.

CVE-2017-5112(发布:2017-10-27 01:29:02)NMP
CVSS6.8

[原文]Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2017-5113(发布:2017-10-27 01:29:02)NMP
CVSS6.8

[原文]Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2017-5114(发布:2017-10-27 01:29:02)NMP
CVSS6.8

[原文]Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.

12345678下一页尾页 第1页 / 共1378页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站