22 matches found
Ghost Robotics Vision 60 授权问题漏洞
Ghost Robotics Vision 60 is a quadrupedal ground robot from Ghost Robotics, USA. Ghost Robotics Vision 60 version v0.27.2 suffers from an authorization issue vulnerability that stems from WiFi and SSH credential disclosure, which could lead to an attacker connecting to the robot's WiFi and SSH to...
EUVD-2019-4961
Malware in sbrugna...
EUVD-2020-0427
Malware in sbrugna...
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.
...
CVE-2019-25054
An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault upon attempted dereference of an uninitialized descriptor because of an erroneous IcmpTransportChannelIterator compiler optimization...
Oracle Linux 8 : exiv2 (ELSA-2021-1758)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1758 advisory. 0.27.3-2 - Avoid duplicating Changelog file Resolves: bz1880984 0.27.3-1 - Update to 0.27.3 Resolves: bz1880984 Tenable has extracted the preceding description...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
Input validation
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
Input validation
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11072 False-negative validation results in MINT transactions with invalid baton
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
False-negative validation results in MINT transactions with invalid baton
Impact Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Patches npm package slpjs has been patched and published a...
CVE-2020-11071 False-negative validation results in MINT transactions with invalid baton
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
ALPINE-CVE-2019-20421
In Jp2Image::readMetadata in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file...
Exiv2 Denial of Service Vulnerability (CNVD-2020-13547)
Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. A denial of service vulnerability exists in Exiv2 version 0.27.2, which can be exploited by an attacker to cause a denial of service...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
PT-2019-5691 · Exiv2 +8 · Exiv2 +8
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.2 Description: The issue is related to a lack of validation in the Exiv2 library, specifically in the crwimage int.cpp module, which can lead to a crash when the getULong function is called from CiffDirectory::readDirectory...
CVE-2019-13504
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...
PT-2019-6321 · Exiv2 +2 · Exiv2 +2
Name of the Vulnerable Software and Affected Versions: Exiv2 versions through 0.27.2 Description: The issue is related to an out-of-bounds read in the mrwimage.cpp component of the Exiv2 library, which manages media file metadata. This could allow a remote attacker to cause a denial of service...
PT-2019-5330 · Exiv2 +7 · Exiv2 +7
Name of the Vulnerable Software and Affected Versions: Exiv2 versions prior to 0.27.2 Description: The issue is related to insufficient input validation in the Exiv2 library for managing media file metadata. An attacker can exploit this by using a specially crafted CRW image file, potentially...