SUSE CVE-2010-2891

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier aka OID represented as a numerical string containing many components separated by . dot characters...

SUSE CVE-2014-3465

The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...

SUSE CVE-2017-7792

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier OID. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

SUSE CVE-2017-9347

In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID...

SUSE CVE-2019-10896

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes...

SUSE CVE-2019-19553

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection...

SUSE CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

DEBIAN-CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

UBUNTU-CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

UBUNTU-CVE-2022-24808

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

PT-2022-7449 · Net Snmp +8 · Net-Snmp +8

Name of the Vulnerable Software and Affected Versions: net-snmp versions prior to 5.9.2 Description: The issue is related to a NULL pointer dereference in the nsVacmAccessTable function. A user with read-only credentials can exploit this by using a malformed OID in a GET-NEXT request to cause the...

Net-SNMP 输入验证错误漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. An input validation error vulnerability exists in Net-SNMP, which arises from incorrect input validation when setting an incorrect...

Net-SNMP 缓冲区错误漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. Net-SNMP suffers from a buffer error vulnerability that stems from a misformatted OID in a SET request to...

Net-SNMP 代码问题漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. A code issue vulnerability exists in Net-SNMP that stems from a misformatted OID in GET-NEXT of nsVacmAccessTable that could resul...

Net-SNMP 代码问题漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. A code issue vulnerability exists in Net-SNMP that stems from a misformatted OID in the SET of the nsVacmAccessTable that could...

OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...

java security update

CentOS Errata and Security Advisory CESA-2022:1440 An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...

OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...

OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit...