99 matches found
EUVD-2022-26967
Malicious code in bioql PyPI...
EUVD-2021-9124
Malicious code in bioql PyPI...
EUVD-2021-9126
Malicious code in bioql PyPI...
EUVD-2021-9123
Malicious code in bioql PyPI...
EUVD-2021-9111
Malicious code in bioql PyPI...
EUVD-2021-9112
Malicious code in bioql PyPI...
EUVD-2021-9122
Malicious code in bioql PyPI...
EUVD-2021-9125
Malicious code in bioql PyPI...
EUVD-2022-30558
Malicious code in bioql PyPI...
EUVD-2022-30641
Malicious code in bioql PyPI...
CVE-2021-21951
An out-of-bounds write vulnerability exists in the CMDDEVICEGETSERVERLISTREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h in function readudppushconfigfile. A specially-crafted network packet can lead to code execution...
CVE-2021-21955
An authentication bypass vulnerability exists in the getaeskeyinfobypacketid function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to trigger this vulnerability...
CVE-2021-21952
An authentication bypass vulnerability exists in the CMDDEVICEGETRSAKEYREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges...
CVE-2021-21940
A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2021-21941
A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution...
CVE-2021-21953
An authentication bypass vulnerability exists in the processmsg function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges...
CVE-2021-21950
An out-of-bounds write vulnerability exists in the CMDDEVICEGETSERVERLISTREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h in function recvserverdeviceresponsemsgprocess. A specially-crafted network packet can lead to code execution...
CVE-2021-21954
A command execution vulnerability exists in the wificountrycodeupdate functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution...
Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based devices
Lilith of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a memory corruption vulnerability in the uClibC library that could affect any Unix-based devices that use this library. uClibC and uClibC-ng are lightweight replacements for the popular gLibc library, which is...
uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities
Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...