15 matches found
curl: MQTT: Missing upper bound on incoming Remaining Length allows server-controlled long wait
Curl's MQTT implementation accepts any valid Remaining Length advertised by the server without an explicit upper bound beyond the MQTT spec maximum of 268,435,455 bytes. A malicious server can send a PUBLISH packet claiming this maximum size but provide only minimal payload, causing curl to wait...
EUVD-2003-0387
Malware in sbrugna...
EUVD-2003-1481
Malware in sbrugna...
CVE-2023-53432 firewire: net: fix use after free in fwnet_finish_incoming_packet()
In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnetfinishincomingpacket The netifrx function frees the skb so we can't dereference it to save the skb-len...
Cisco IOS XR 安全漏洞
Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR that stems from a lack of proper error validation of incoming XML packets...
Contiki-NG 缓冲区错误漏洞
Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. Contiki-NG suffers from a buffer error vulnerability that stems from the fact that when reading TCP MSS option values from incoming packets, the Contiki-NG operating system does not...
SUSE CVE-2020-24337
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcpparseoptions in picotcp.c...
PT-2022-2174 · Pjsip +3 · Pjsip +3
Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.11.1 and prior Description: The issue is related to a buffer overflow in memory when handling RTP/RTCP packets, which can be exploited by a remote attacker to cause a denial of service. PJSIP is a free and open source...
CVE-2021-34415
The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash...
CVE-2019-3900
An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostnet kernel thread,...
DEBIAN-CVE-2019-3900
An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handlerx. It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stal...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3742-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3742-1 advisory. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core...
Apache Derby External Control Input Vulnerability
Apache Derby is the United States Apache Apache Software Foundation developed a set of open source database management system. A security vulnerability exists in Apache Derby versions 10.3.1.4 through 10.14.1.0, which is caused by the program failing to properly validate incoming network packets....
ntp: potential infinite loop in ntpq
A flaw was found in the way the ntpq client processed certain incoming packets in a loop in the getresponse function. A remote attacker could potentially use this flaw to crash an ntpq client instance...
CVE-2003-0393
Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans...