694 matches found
HPE Intelligent Management Center Remote Code Execution Vulnerability
HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services, and users. wireless Service Manager WSM Software is o...
Google Android WLAN Integer Overflow Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and WLAN is a wireless connection module used in it. WLAN in Android suffers from an integer overflow vulnerability that stems from the program not performing a check when...
Integer overflow
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function...
DEBIAN-CVE-2018-17088
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is...
Integer overflow
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is...
PYSEC-2018-21
PyCryptodome before 3.6.6 has an integer overflow in the datalen variable in AESNI.c, related to the AESNIencrypt and AESNIdecrypt functions, leading to the mishandling of messages shorter than 16 bytes...
PT-2018-13086 · Legion Of The Bouncy Castle · Pycryptodome
Name of the Vulnerable Software and Affected Versions: PyCryptodome versions prior to 3.6.6 Description: The issue is related to an integer overflow in the data len variable in AESNI.c, which affects the AESNI encrypt and AESNI decrypt functions. This leads to the mishandling of messages shorter...
PyCryptodome Integer Overflow Vulnerability
PyCryptodome is a cryptographic package for Python consisting of low-level cryptographic primitives. An integer overflow vulnerability exists in the datalen variable of the AESNI.c file in PyCryptodome versions prior to 3.6.6. An attacker can exploit this vulnerability with the help of messages...
Adobe Acrobat Pro DC ImageConversion EMF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Android Qualcomm WLAN Information Disclosure Vulnerability (CNVD-2018-13387)
Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with Qualcomm WLAN being one of the components used. Qualcomm WLAN is a wireless LAN component developed by Qualco...
Advantech WebAccess Node waexec Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within waexec.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...
Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-11852)
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An arbitrary code execution vulnerability exists in the parsing of the U3D 3DView object in Foxit Reader version 9.0.1.1049. The vulnerability stems from the program's failure to properly validate the length of...
CVE-2018-7159
The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the Node.js HTTP parser has been...
(0Day) Delta Industrial Automation DOPSoft DPA File TagTotalSize Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Foxit Reader ConvertToPDF_x86 BMP Parsing Remote Code Execution Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the ConvertToPDFx86.dll implementation that can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of the length of...
Broadcom: Heap overflow when handling 802.11v WNM Sleep Mode Response(CVE-2017-7065)
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow clients to configure...
Broadcom 802.11v WNM Sleep Mode Response Heap Overflow Vulnerability
Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response. Broadcom: Heap overflow when handling 802.11v WNM Sleep Mode Response CVE-2017-7065 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are...
The vulnerability of the Advantech WebAccess remote monitoring software lies in insufficient verification of the data length provided by the user. This allows a intruder to gain unauthorized access to the device and execute arbitrary code.
The vulnerability of Advantech WebAccess remote monitoring software arises due to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the device and execute arbitrary code within the context of the process...
CVE-2017-12704
A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.220170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could...
Advantech WebAccess HEAP Buffer Overflow Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess suffers from a HEAP buffer overflow...