2315 matches found
Heap Buffer Overflow
Chromium and Electron are vulnerable to a Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write which can result in an application crash...
CVE-2022-29277
Incorrect pointer checks within the the FwBlockServiceSmm driver can allow arbitrary RAM modifications During review of the FwBlockServiceSmm driver, certain instances of SpiAccessLib could be tricked into writing 0xff to arbitrary system and SMRAM addresses. Fixed in: INTEL Purley-R: 05.21.51.00...
samba: server memory information leak via SMB1
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file or printer instead of client-supplied data. The client cannot control the area of the...
protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference
A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory...
Insyde InsydeH2O 缓冲区错误漏洞
Insyde InsydeH2O is a C-language source from Insyde Corporation of Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O, which stems from incorrect pointer...
CVE-2022-0324
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...
CVE-2022-0324 Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC)
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp...
NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2022-0087)
The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2743)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-34569
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory...
CVE-2021-34566
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS...
Design/Logic Flaw
In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to crash the iocheck process and write memory resulting in loss of integrity and DoS...
Design/Logic Flaw
In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory...
PT-2022-10356 · Wago · Wago I/O-Check Service
Name of the Vulnerable Software and Affected Versions: WAGO I/O-Check Service affected versions not specified Description: The issue allows an attacker to send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. Recommendations: At the moment, there is...
WAGO 安全漏洞
WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is designed for use in industrial environments as an electronic system for the operation of digital algorithms. A security vulnerability exists in the WAGO I/O-Check Service that originates from an unauthenticat...
WAGO 缓冲区错误漏洞
WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is a digital algorithmic operating electronics system designed specifically for applications in industrial environments. A buffer error vulnerability exists in the WAGO I/O-Check Service, which originates from a...
CVE-2022-3373
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2022-3373
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
Out-of-bounds
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2022-3373
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...