Qualcomm 封闭源组件安全漏洞

A security vulnerability exists in the Qualcomm closed source component that stems from a check time or use time window when processing a store SCM command, where a pointer used may be invalid at a specific time when executing a store SCM call...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

Trojan-Proxy.Win32.Daemonize.i Denial Of Service

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/61bec9f22a5955e076e0d5ddf6232f3f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Daemonize.i Vulnerability: Remote Denial of Service Description: Daemonize.i...

Debian LTS Security Vulnerability

Debian LTS is an automated mail handling software for the Debian community in the United States. It provides automated mail processing software features. A security vulnerability exists in Debian LTS, which stems from the fact that unzipping a specially crafted zip file causes an invalid pointer ...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1250)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...

CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

ALPINE-CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

Double free

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

OpenLDAP Invalid Pointer Release Vulnerability

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. An invalid pointer release vulnerability exists in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a slapd crash in saslAuthzTo processing...

OpenLDAP 安全漏洞

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. An invalid pointer release vulnerability exists in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a slapd crash in saslAuthzTo processing...

CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

CVE-2019-16747

In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free leading to memory corruption and a daemon crash via a crafted incoming network message, a different vulnerability than CVE-2019-14431...

CVE-2019-16747

CVE-2019-16747 affects MatrixSSL before 4.2.2 Open. The DTLS server can encounter an invalid pointer free, causing memory corruption and a daemon crash via crafted network messages; this is a separate issue from CVE-2019-14431. Red Hat and related records confirm the vulnerability and point to 4....

CVE-2019-16747

In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free leading to memory corruption and a daemon crash via a crafted incoming network message, a different vulnerability than CVE-2019-14431...

Inside Secure MatrixSSL 缓冲区错误漏洞

MatrixSSL is an embedded, open source SSLv3 stack designed for small applications and devices. An invalid pointer release vulnerability exists in the DTLS server in versions prior to MatrixSSL 4.2.2 Open. An attacker could exploit this vulnerability via specially crafted incoming network messages...

CVE-2020-24340

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in picomdnshandledataasanswersgeneric in picomdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the...

CVE-2020-24340

The CVE-2020-24340 issue affects picoTCP/picoTCP-NG (through 1.7.0) in the DNS response processing code path pico_mdns_handle_data_as_answers_generic() in pico_mdns.c, where it fails to validate that the header’s number of DNS answers matches the actual packet data. This can cause an out-of-bound...

Denial Of Service (DoS)

gpac is vulnerable to denial of serviceDoS. The vulnerability exists in the gflistcount in utils/list.c due to an invalid pointer dereference, allowing a malicious user to crash the application via a crafted MP4 file...

SonicWALL SonicOS Denial of Service Vulnerability

SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A denial of service vulnerability exists in the SSLVPN service in SonicWALL SonicOS that originates from the release of an invalid pointer, which can be exploited by an attacker to cause the firewa...

CVE-2020-5139

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...