230 matches found
CVE-2023-37548
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...
CVE-2023-37547
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...
PT-2023-5006 · 3S Smart Software Solutions · Codesys
Name of the Vulnerable Software and Affected Versions: CODESYS affected versions not specified Description: The issue is related to insufficient input validation in the CmpAppForce component of CODESYS products. This can be exploited by a remote attacker to cause a denial-of-service condition...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
PT-2023-13310 · Qualcomm · Snapdragon +98
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue is related to a memory corruption problem caused by a double free error in automotive systems. This occurs when an invalid HLOS address for one of the lists to be mapped i...
3s-smart Software Solutions CODESYS 输入验证错误漏洞
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in 3s-smart Software Solutions CODESYS. An authenticated, remote attacker could use this vulnerability to read an invalid address, which...
PT-2023-4167 · 3S Smart Software Solutions · Codesys
Name of the Vulnerable Software and Affected Versions: CODESYS products affected versions not specified Description: The issue is related to improper input validation in the CmpApp/CmpAppBP/CmpAppForce Components of CODESYS products. This can be exploited by an authenticated, remote attacker to...
UBUNTU-CVE-2023-28099
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...
PT-2023-21559 · Opensips · Opensis
Name of the Vulnerable Software and Affected Versions: OpenSIPS versions prior to 3.1.9 and 3.2.6 Description: OpenSIPS is a Session Initiation Protocol SIP server implementation. If the ds is in list function is used with an invalid IP address string, OpenSIPS will attempt to print a string from...
SUSE CVE-2009-0935
The inotifyread function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service OOPS via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper...
SUSE CVE-2012-6054
The dissectsflow245addresstype function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service infinite loop via a packet that ...
SUSE CVE-2013-0433
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information...
SUSE CVE-2018-5333
In the Linux kernel through 4.14.13, the rdscmsgatomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rdsatomicfreeop NULL pointer dereference...
SUSE CVE-2019-7663
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file...
SUSE CVE-2021-26372
Insufficient bound checks related to PCIE in the System Management Unit SMU may result in access to an invalid address space that could result in denial of service...
SUSE CVE-2021-26378
Insufficient bound checks in the System Management Unit SMU may result in access to an invalid address space that could result in denial of service...
AMD System Management Unit(SMU) 缓冲区错误漏洞
The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in the AMD System Management Unit SMU that stems from insufficient bind checking and could allow an attacker to update the sender/receiver address space to an invalid value...
CVE-2022-24939 Malformed Zigbee packet with invalid destination address causes Assert
A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error...