429 matches found
CVE-2019-10563
Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053...
Input validation
Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053...
CVE-2019-10563
Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053...
CVE-2019-10563
CVE-2019-10563 describes a buffer over-read in the fast message handler when processing a firmware message in Qualcomm Snapdragon firmware across multiple platforms (APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24, etc.). Root cause: improper ...
Linux kernel resource management error vulnerability (CNVD-2019-41704)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the 'the ipmibmcregister' function in the drivers/char/ipmi/ipmimsghandler.c file in Linux kernel 5.3.11 and earlie...
CVE-2019-19046
A memory leak in the ipmibmcregister function in drivers/char/ipmi/ipmimsghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering idasimpleget failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this becau...
UBUNTU-CVE-2019-19046
A memory leak in the ipmibmcregister function in drivers/char/ipmi/ipmimsghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering idasimpleget failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this becau...
Slanger Message handler&request validator command execution vulnerability
Slanger is an open source server implementation of the Pusher protocol written in Ruby.Message handler&request validator is one of the message handler and request validator . A security vulnerability exists in the Message handler&request validator in Slanger version 0.6.0. A remote attacker can...
Slanger Arbitrary command execution
Slanger 0.6.0 is affected by Remote Code Execution RCE. The impact is A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is Message handler & request validator. The attack vector is Remote unauthenticated. The fixed version is after commit...
GHSA-RG32-M3HF-772V Slanger Arbitrary command execution
Slanger 0.6.0 is affected by Remote Code Execution RCE. The impact is A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is Message handler & request validator. The attack vector is Remote unauthenticated. The fixed version is after commit...
CVE-2019-1010306
Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...
CVE-2019-1010306
Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...
Design/Logic Flaw
Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...
CVE-2019-1010306
Slanger 0.6.0 is affected by: Remote Code Execution RCE. The impact is: A remote attacker can execute arbitrary commands by sending a crafted request to the server. The component is: Message handler & request validator. The attack vector is: Remote unauthenticated. The fixed version is: after...
CVE-2019-1010306
Slanger 0.6.0 is affected by a Remote Code Execution (RCE) vulnerability in the Message handler and request validator. A remote, unauthenticated attacker can execute arbitrary commands by sending a crafted request to the server. The issue is addressed by a fix committed as 5267b455caeb2e055cccf0d...
CVE-2017-16253
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow...
CVE-2017-16253
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow...
PT-2019-8045 · Insteon · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub 2245-222 version 1012 Description: A buffer overflow vulnerability exists in the PubNub message handler. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow, overwriting arbitrary dat...
Linux kernel drivers/char/ipmi/ipmi_msghandler.c file memory misreference vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory misreference vulnerability exists in the drivers/char/ipmi/ipmimsghandler.c file in Linux kernel versions prior to 4.20.5. A remote attacker could exploit thi...
UBUNTU-CVE-2019-9003
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmimsghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop...