6107 matches found
Sensitive Data Exposure in rails-session-decoder
All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module until a fix...
Western Digital My Cloud Multiple Products < 2.21.111 Multiple Vulnerabilities
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Hack-Tools - The All-In-One Red Team Extension For Web Pentester
The all-in-oneRed Team browser extension for Web Pentesters HackTools, is a web extension facilitating your web application penetration tests , it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer...
CVE-2020-14937
Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer read or write access ...
CVE-2020-14937
The CVE-2020-14937 entry concerns Contiki-NG versions 4.4–4.5 where the SNMP BER encoder/decoder mishandles input/output buffer lengths, causing out-of-bounds reads/writes during BER encoding/decoding. Affected component: Contiki-NG SNMP BER encoder/decoder; root cause: insufficient verification ...
Denial Of Service (DoS)
asyncpg is vulnerable to denial of service DoS. The vulnerability exists due to the access to an uninitialized pointer in the array data decoder through a server response...
DEBIAN-CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
Code injection
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
UBUNTU-CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
PYSEC-2020-24
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
PYSEC-2020-24
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
CVE-2020-17446
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...
OSV-2020-1377 Segv on unknown address in slice_segment_header::operator=
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22924 Crash type: Segv on unknown address Crash state: slicesegmentheader::operator= slicesegmentheader::read decodercontext::readsliceNAL...
OSV-2020-1192 Index-out-of-bounds in decoder_context::has_sps
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13591 Crash type: Index-out-of-bounds Crash state: decodercontext::hassps picparameterset::read decodercontext::readppsNAL...
CVE-2020-0225
In a2dpvendorldacdecoderdecodepacket of a2dpvendorldacdecoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
OSV-2020-819 Use-of-uninitialized-value in fuzzing::memory::memory_test_msan
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22224 Crash type: Use-of-uninitialized-value Crash state: fuzzing::memory::memorytestmsan fuzzing::memory::memorytest FLAC::Decoder::FuzzerStream::writecallback...
jbig2dec: heap-based buffer overflow in jbig2_image_compose in jbig2_image.c
An integer overflow was found in jbig2dec, which causes an out-of-bounds read/write in the jbig2imagecompose function. This flaw could potentially result in the execution of code on the system. Applications that use jbig2dec with untrusted input may be vulnerable to this flaw. The highest threat...
draco:draco_pc_decoder_fuzzer: Heap-use-after-free in draco::Metadata::AddSubMetadata
Detailed Report: https://oss-fuzz.com/testcase?key=6326315129765888 Project: draco Fuzzing Engine: afl Fuzz Target: dracopcdecoderfuzzer Job Type: aflasandraco Platform Id: linux Crash Type: Heap-use-after-free READ 8 Crash Address: 0x6040000000b0 Crash State: draco::Metadata::AddSubMetadata...
draco:draco_mesh_decoder_without_dequantization_fuzzer: Crash in std::__1::__tree<std::__1::__value_type<std::__1::basic_string<char, std::__1::c
Detailed Report: https://oss-fuzz.com/testcase?key=5680036234133504 Project: draco Fuzzing Engine: libFuzzer Fuzz Target: dracomeshdecoderwithoutdequantizationfuzzer Job Type: libfuzzerubsandraco Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x010000400000 Crash State: std::1::tree,...