28 matches found
EUVD-2021-13397
Malware in sbrugna...
EUVD-2021-13429
Malware in sbrugna...
EUVD-2021-13417
Malware in sbrugna...
EUVD-2021-13409
Malware in sbrugna...
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
CVE-2021-26615
ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...
CVE-2021-26603
A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
Stack overflow
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
CVE-2021-26635
CVE-2021-26635 affects Bandisoft ARK Library: buffer overflow risk due to incorrect data-type use when verifying file size, allowing manipulation of the read offset. CNNVD cites affected versions prior to 7.17, enabling potential remote code execution via a stack overflow. Public details about pa...
CVE-2021-26635 Bandisoft ARK Library buffer overflow vulnerability
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
PT-2022-9783 · Unknown · Ark Library
Name of the Vulnerable Software and Affected Versions: ark library affected versions not specified Description: The issue arises from the incorrect use of data types in the code that verifies file sizes in the ark library. This allows an attacker to manipulate the offset read from the target file...
com.amazon.aes.webservices.client:ec2-java-client (=20080327), com.github.liuzhenghui:weaver-ecology-parent (>=9.00.2110.07.220316 <=9.00.2112.03.220528) +60 more potentially affected by CVE-2012-5817 via org.codehaus.xfire:xfire-core (>=1.0 <=1.2.6)
org.codehaus.xfire:xfire-core MAVEN version =1.0, =9.00.2110.07.220316, =0.0.9, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.3.0 - com.github.rapidark:rapidark =0.0.3 and more Source cves: CVE-2012-5817 Source advisory: OSV:GHSA-5JC8-8XHV-G8QM...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
Remote code execution
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
CVE-2021-26623
The CVE-2021-26623 entry concerns Bandisoft’s ARK library, where a missing parameter-length validation in the xheader_decode_path_record function causes a remote code execution vulnerability. Multiple connected records corroborate: the issue is tied to an incomplete check for parameter length, en...
CVE-2021-26615
ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...
CVE-2021-26615
ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...