DEBIAN-CVE-2023-30362

Buffer Overflow vulnerability in coapsend function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu...

PT-2023-7997 · Ofono +4 · Ofono +4

Name of the Vulnerable Software and Affected Versions: oFono affected versions not specified Description: A flaw in oFono, an Open Source Telephony on Linux, is related to a stack overflow bug triggered within the decode submit report function during SMS decoding in PDU format. This issue may all...

kernel: nvmet-tcp: add bounds check on Transfer Tag

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmettcphandleh2cdatapdu, add a bounds check to avoid out-of-bounds access...

PT-2023-13294 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: Memory corruption occurs due to improper validation of an array index when a malformed APDU is sent from a card. Recommendations: At the moment, there is no information about a newer version...

SUSE CVE-2011-1957

The dissectdcmmain function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service infinite loop via an invalid PDU length...

SUSE CVE-2015-5621

The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet...

SUSE CVE-2022-38228

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Nov-2022 Release 1, which stems from an input validation vulnerability in the processing of the SIB...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from a global buffer overflow in the DCTStream::transformDataUnit location of /xpdf/Stream.cc...

UBUNTU-CVE-2022-38228

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc...

XPDF 缓冲区错误漏洞

XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF suffers from a buffer error vulnerability that stems from DCTStream::transformDataUnit in /xpdf/Stream.cc contains a heap buffer overflow...

Espressif ESP-IDF 缓冲区错误漏洞

Espressif ESP-IDF is an IoT development framework from China Lexin Information Technology Espressif.A memory corruption vulnerability exists in Espressif ESP-IDF, which stems from not checking the SegN field of the Transaction Start PDU, and can be exploited by an attacker during configuration to...

ok-file-formats 安全漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and some other file formats. A security vulnerability exists in ok-file-formats master version 2021-9-12, which stems from a buffer overflow issue in okjpgconvertdataunitgrayscale and okjpgconvertYCbCrtoRGB...

The vulnerability of the Junos operating system arises from insufficient validation of input data in the Routing Protocol Data Unit (RPD). This allows attackers to trigger a service failure.

The vulnerability of the Junos operating system exists due to insufficient validation of input data in the routing protocol daemon rpd. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Hitachi Energy Relion 输入验证错误漏洞

Hitachi Energy Relion is a power system for protection, control, measurement and monitoring from Hitachi Energy, Switzerland. A security vulnerability exists in the Hitachi Energy RTU500 series that stems from incorrect input validation in the APDU parser in the IEC 60870-5-104 function...

PT-2021-20956 · Hitachi Energy · Rtu500 Series Cmu Firmware

Name of the Vulnerable Software and Affected Versions: Hitachi Energy RTU500 series CMU Firmware version 12.0. Hitachi Energy RTU500 series CMU Firmware version 12.2. Hitachi Energy RTU500 series CMU Firmware version 12.4. Description: The issue is related to an Improper Input Validation...

CVE-2020-22552

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

Code injection

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed...

PT-2020-15480 · Snap7 · Snap7

Name of the Vulnerable Software and Affected Versions: Snap7 version 1.4.1 Description: The issue occurs when an attacker sends a crafted packet using the COTP protocol with the last-data-unit flag set to No, and the S7 function writes a variable. This results in the Snap7 server crashing...

CVE-2019-15265

A vulnerability in the bridge protocol data unit BPDU forwarding functionality of Cisco Aironet Access Points APs could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless client...