H3C Magic B3 安全漏洞

H3C Magic B3 is a wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic B3 100R002 and prior versions, which stems from incorrect manipulation of parameter param of function AddMacList in file/goform/aspForm, which could result in a buffer overflow...

CVE-2023-34929

A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2023-29911

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm...

SUSE CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

CVE-2022-36475

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList...

PT-2022-22881 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns a lack of filtering on the add mac parameter in the firewall.cgi, leading to command injection in the /cli black list.shtml page...

CVE-2022-30925

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm...

CVE-2017-14495

A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the...

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted DNS packets to trigger an integer underflow and subsequent buffer over-read error in the EDNS0 code and cause the target service to crash. This issue only affects configurations using one of the...

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted DNS packets to cause the addpseudoheader function to allocate memory that is never freed, consuming excessive memory on the target system which leads application to crash.This issue only affects...

BSA-2017-454

Security Advisory ID : BSA-2017-454 Component : dnsmasq Revision : 2.0: Final An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configuration...

BSA-2017-453

Security Advisory ID : BSA-2017-453 Component : EDNS0 Revision : 2.0: Final A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and...

DEBIAN-CVE-2017-14495

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service memory consumption via vectors involving DNS response creation...

ALPINE-CVE-2017-14495

Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service memory consumption via vectors involving DNS response creation...

DEBIAN-CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

ALPINE-CVE-2017-14496

Integer underflow in the addpseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request...

dnsmasq: integer underflow leading to buffer over-read in the EDNS0 code

An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet...

dnsmasq: memory exhaustion vulnerability in the EDNS0 code

A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the...

CVE-2017-14496

An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet...

Dnsmasq 2.78 - Lack of free() Denial of Service

Dnsmasq 2.78 - Lack of free Denial of Service ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the...