Tenda AC21 Buffer Overflow Vulnerability

Tenda AC21 is a wireless router from Tenda China. Tenda AC21 V16.03.08.15 is vulnerable to a buffer overflow vulnerability, which originates in the formfastsettingwifiset function of /bin/httpd for lack of length checking of input data, and can be exploited by an attacker to cause httpd to restar...

Tenda RX9 Pro setIPv6Status buffer overflow vulnerability

Tenda RX9 Pro is a wireless router from Tenda, China. Tenda RX9 Pro is vulnerable to a buffer overflow vulnerability caused by a lack of length checking of incoming data by setIPv6Status, which could be exploited by an attacker to cause code execution or denial of service...

多款Qualcomm产品缓冲区错误漏洞

Qualcomm MSM8996AU and others are products of Qualcomm Incorporated, U.S.A. The MSM8996AU is a central processing unit CPU product.The QCA6574AU is a central processing unit CPU product.The SDX24 is a modem. A security vulnerability exists in Qualcomm that could result in a stack overflow due to...

HAProxy input validation error vulnerability

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy=. =HAProxy suffers from an input validation error vulnerability, which stems from a lack of header name length checking in the htxaddheader and htxaddtrailer functions in HAProxy, and can be exploited by an...

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chips that stems from a lack of da...

SUSE: Security Advisory (SUSE-SU-2016:3080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Qualcomm 组件输入验证错误漏洞

The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides the functionality of Qualcomm devices. An input validation error vulnerability exists in the Qualcomm Component that stems from incorrect length checking of SDES packets. The following products and...

Qualcomm 多款产品资源管理错误漏洞

Qualcomm MDM9206 and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The MDM9206 is a central processing unit CPU product.The MDM9650 is a central processing unit CPU product.The MSM8996AU is a central processing unit CPU product.The MSM8996AU is a central processing unit CPU...

CVE-2019-11848

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

Design/Logic Flaw

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

CVE-2019-11848 ALEOS AT Command API Abuse

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values...

Denial Of Service (DoS)

nss is vulnerable to denial of service DoS. The vulnerability exists through the lack of input length checking for cryptographic primitives...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1533)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-13120

Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which...

Wireshark Security Updates (wnpa-sec-2019-21) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1485)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's Crypto subsystem handled automatic loading of kernel modules. A local user could u...

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, a...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-1426)

The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended...

SUSE-SU-2016:3063-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the afpacket packetsetring function could be used by local attackers to crash the kernel or gain privileges bsc1012754. - CVE-2016-8632:...

CVE-2016-9555

The sctpsfootb function in net/sctp/smstatefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service out-of-bounds slab access or possibly have unspecified other impact via crafted SCTP data...