51 matches found
OESA-2023-1563 perl security update
Perl 5 is a highly capable, feature-rich programming language with over 30 years of development.Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: In Perl 5.34.0, function Sfinduninitvar i...
CVE-2022-48522
In Perl 5.34.0, function Sfinduninitvar in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation...
DEBIAN-CVE-2022-48522
In Perl 5.34.0, function Sfinduninitvar in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation...
UBUNTU-CVE-2022-48522
In Perl 5.34.0, function Sfinduninitvar in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation...
EUVD-2022-51218
In Perl 5.34.0, function Sfinduninitvar in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation...
Perl 缓冲区错误漏洞
Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the PERL community. A security vulnerability exists in Perl version 5.34.0, which stems from a stack crash issue in the function Sfinduninitvar, and can be exploited by an attacker to perform remote code...
Xenstore: recursive operations causing xenstored stack exhaustion (XSA-418)
Xenstore: xenstored is using recursion for some Xenstore operations e.g. for deleting a sub-tree of Xenstore nodes. With sufficiently deep nesting levels this can result in stack exhaustion leading to a crash. Note that Nessus has not tested for this issue but has instead relied only on the...
Siemens SCALANCE LPE9403 Third-Party Vulnerabilities
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely, low attack complexity Vendor: Siemens Equipment: SCALANCE LPE9403 Vulnerabilities: Multiple 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause crashes and unrestricted file access, impacting the...
UBUNTU-CVE-2021-44504
An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as a negative value during a check. This value is then used in a memc...
Mitsubishi Electric MELSEC-Q Series PLCs Uncontrolled Resource Consumption (CVE-2019-6535)
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...
Important: Red Hat Security Advisory: systemd security update
An update for systemd is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash
A flaw was found in systemd. The use of alloca function with an uncontrolled size in function unitnamepathescape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack. The highest threat from th...
CVE-2021-21005
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...
CVE-2021-21005
In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...
GNU Binutils 安全漏洞
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily used to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. A...
Low-power Bluetooth (BLE) connectivity vulnerability in LED smart bulbs at Foshan Electric Lighting Co.
LED smart light bulb is a new technology light source, which has the advantages of beauty, fashion, energy saving, environmental protection, safety and so on, and it can be controlled by intelligent devices. Foshan Electric Lighting Co., Ltd LED smart bulb there is a low-power Bluetooth BLE...
Foxit PhantomPDF Resource Management Error Vulnerability (CNVD-2020-32088)
Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit PhantomPDF versions prior to 8.3.12. An attacker can exploit the vulnerability to exhaust the stack crash...
Stack overflow
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...
CVE-2019-6535
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...
CVE-2019-6535 Mitsubishi Electric MELSEC-Q Series PLCs Resource Exhaustion
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet...