1386 matches found
The vulnerability of the libzmq library, a library for asynchronous messaging, allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.
The vulnerability of the libzmq library, a library for asynchronous messaging, is related to stack overflow and reallocation due to memory buffer overflow. Exploiting this vulnerability can allow an attacker to compromise data integrity, gain unauthorized access to protected information, and caus...
USN-4127-2 python2.7, python3.4 vulnerabilities
USN-4127-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume...
HHVM Multiple Vulnerabilities (Sep 2019)
HHMV is prone to multiple memory overflow vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:facebook:hhvm"; if...
Apache Tika Memory Overflow Vulnerability
Apache Tika is the United States Apache Apache Software Foundation, an integrated POI using Java programs to provide MicrosoftOffice format documents read and write functions of the open-source library, Pdfbox read and create PDF documents pure Java class library and for text extraction work to...
DEBIAN-CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
The vulnerability of the software-hardware protection system VipNet Coordinator, which allows a perpetrator to trigger a service failure.
The vulnerability of the VipNet Coordinator HW software architecture related to information protection is linked to memory overflow in the hard drive. Exploiting this vulnerability allows a malicious actor to disrupt the MFTP protocol-based information exchange between all nodes of the ViPNet...
CVE-2019-12529
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...
TRENDnet TEW-827DRU Stack Buffer Overflow Vulnerability (CNVD-2019-22208)
The TRENDnet TEW-827DRU is a wireless router from TRENDnet. A buffer overflow vulnerability exists in the ssi binary in the TRENDnet TEW-827DRU using firmware version 2.04B03 and earlier. The vulnerability originates when a network system or product performs an operation on memory without properl...
SUSE-SU-2019:1767-1 Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP2)
This update for the Linux Kernel 4.4.121-92114 fixes several issues. The following security issues were fixed: - CVE-2019-11487: The Linux kernel allowed page-refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c,...
libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1...
The vulnerability of the Windows Jet Database Engine database management system allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Jet Database Engine database management system relates to operations that go beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
The vulnerability of the comctl32.dll library in the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.
The vulnerability of the comctl32.dll library in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, through a specially created...
RDK CcspPandM module buffer overflow vulnerability (CNVD-2019-19286)
RDK is a suite of modular, portable, and customizable open source IoT software solutions from the RDK Management community. ccspPandM is one of the modules used to implement the core configuration and management functions of the device. A buffer overflow vulnerability exists in the cosadhcpv4dml....
WLAN Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2019-18598)
Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU product.MDM9607 is a central processing unit CPU product.MDM9640 is a central processing unit CPU product.WLAN is one of the wireless LAN components. A buffer overflow vulnerability exists i...
The vulnerability of the DHCP server service for Windows Server allows a perpetrator to execute arbitrary code.
The vulnerability of the DHCP server service for Windows operating systems arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted packet...
Intel AMT Subsystem Buffer Overflow Vulnerability
Intel Active Management Technology AMT is a set of hardware-based computer remote active management technology software from Intel Intel. A buffer overflow vulnerability exists in a subsystem in Intel AMT. The vulnerability arises from a networked system or product performing operations on memory...
libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes
A flaw was found in libssh2. A server could send a multiple keyboard interactive response messages, whose total length are greater than the unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. The highest threat from this...
CVE-2018-1000810
A buffer overflow vulnerability was discovered in Rust that affects the str::repeat function in the standard library. An attacker could abuse this flaw by controlling the arguments given to str::repeat and can cause a Rust program to overflow a buffer in memory, potentially leading to a crash or...
Multiple Apple Products WebKit Component Out-of-Bounds Read Vulnerability (CNVD-2019-16414)
Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple macOS Mojave is a specialized operating system developed for Mac computers. webKit is one of the web browser WebKit is a Web browser engine component. An out-of-bounds read...
Cross-site Request Forgery (CSRF)
Samba is an open-source implementation of the Server Message Block SMB or Common Internet File System CIFS protocol, which allows PC-compatible machines to share files, printers, and other information. It was discovered that the Samba Web Administration Tool SWAT did not protect against being...