118 matches found
CVE-2024-56805
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...
CVE-2024-56805
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS...
CVE-2024-56805
Summary (CVE-2024-56805): A buffer overflow occurs in QNAP QTS and QuTS hero related to a buffer copy without proper input size checking. This can allow remote attackers who have limited user access to modify memory or crash processes. Affected products/components: QTS and QuTS hero. Root cause: ...
CVE-2021-34201
D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600DIR-2640. Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes...
GNOME Remote desktop 资源管理错误漏洞
GNOME Remote desktop is a remote desktop software from GNOME open source. A resource management error vulnerability exists in GNOME Remote desktop, which stems from resource exhaustion during an RDP connection, and could lead to process crashes and resource leaks...
CVE-2025-23166
The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary...
CVE-2024-53695
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 16.7.9 and iPadOS prior to version 16.7.9, which stems from...
PT-2024-10763 · Abb +1 · Advant Mod 300 Advabuild +1
Name of the Vulnerable Software and Affected Versions: Advant MOD 300 AdvaBuild versions 3.0 through 3.7 SP2 Description: An attacker could exploit the issue by injecting specially crafted data, potentially causing a denial-of-service attack through process crashes or communication issues on the...
CVE-2024-21523
All versions of the package images are vulnerable to Denial of Service DoS due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash. Note: By providing some specific integer values like 0 to the size...
Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service (CVE-2020-3517)
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service DoS condition on an affected device. The attack vector is configuration dependent and...
Cisco NX-OS Software Cisco Fabric Services Denial of Service (CVE-2019-1616)
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An...
Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service (CVE-2019-1962)
A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service DoS condition on an affected system. The vulnerability is due to insufficient validation of TCP packets...
Ubuntu 16.04 ESM / 18.04 ESM : YAJL vulnerabilities (USN-6233-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6233-1 advisory. It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated...
Mozilla Firefox ESR 缓冲区错误漏洞
Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR. An attacker could exploit the vulnerability to cause out-of-bounds memory access using the WebGL API, which could lea...
Rocket Software UniData 和 UniVerse 缓冲区错误漏洞
Rocket Software UniVerse and Rocket Software UniData are both products of Rocket Software, Inc. Rocket Software UniVerse is a suite of database management and support software now owned by Rocket Software. Software UniData is a MultiValue application platform. Rocket Software UniData is a...
ABB Multiple System 800xA Products Incorrect Default Permissions (CVE-2020-8484)
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI all published versions enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash. This plugin only works wi...
CVE-2022-20334
In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552...
Null pointer dereference
In Bluetooth, there are possible process crashes due to dereferencing a null pointer. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178800552...