CVE-2024-24972

Buffer Copy without Checking Size of Input CWE-120 in the Controller 6000 and Controller 7000 diagnostic web interface allows an authorised and authenticated operator to reboot the Controller, causing a Denial of Service. Gallagher recommend the diagnostic web page is not enabled default is off...

CVE-2024-24972

The CVE-2024-24972 issue affects Gallagher Controller 6000 and Controller 7000 via a Buffer Copy without Checking Size of Input in the diagnostic web interface, enabling an authorized and authenticated operator to reboot the controller and cause a Denial of Service. Affected firmware histories in...

kernel: scsi: qedf: Ensure the copied buf is NUL terminated

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...

The vulnerability of CGI microprogramming software for network devices such as Zyxel ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN allows a hacker to cause service interruptions.

The vulnerability of CGI microprogramming software for network devices such as Zyxel ATP, USG FLEX, and USG FLEX 50W/USG20W-VPN lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to cause service interruptions by sending a...

PT-2024-20682 · Gallagher · Controller 6000 +1

Name of the Vulnerable Software and Affected Versions: Controller 6000 and Controller 7000 versions 8.70 and prior Controller 6000 and Controller 7000 versions 8.80 through 8.80.1938 MR6 Controller 6000 and Controller 7000 versions 8.90 through 8.90.2155 MR5 Controller 6000 and Controller 7000...

QNAP QTS Multiple Vulnerabilities (QSA-24-33)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

QNAP QuTS hero Multiple Vulnerabilities (QSA-24-33)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

CVE-2024-32763

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

CVE-2023-51367

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

CVE-2024-32763

CVE-2024-32763 affects QNAP QTS and QuTS hero. A buffer copy without input size checking can let an authenticated user execute code over the network. Affected products include QTS and QuTS hero, with fixes released in QTS 5.1.8.2823 build 20240712 and later, and QuTS hero h5.1.8.2823 build 202407...

CVE-2024-32763 QTS, QuTS hero

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

CVE-2023-51367

CVE-2023-51367 affects QNAP QTS and QuTS hero. A stack/buffer copy without input size checking allows remote code execution over a network. Root cause is a buffer overflow caused by unchecked input copying in affected QTS/QuTS hero components. Affected versions: QTS 5.1.6.2722 build 20240402 and ...

CVE-2023-51367 QTS, QuTS hero

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

CVE-2023-51367 QTS, QuTS hero

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

PT-2024-24835 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.8.2823 build 20240712 QNAP QuTS hero versions prior to h5.1.8.2823 build 20240712 Description: A buffer copy without checking size of input issue has been reported to affect several QNAP operating system version...

The vulnerability in Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird arises from copying buffers without checking the size of the input data. This allows an attacker to execute arbitrary code.

The vulnerabilities of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird involve copying buffers without checking the size of the input data. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...

The vulnerability in Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird arises from copying buffers without checking the size of the input data. This allows an attacker to execute arbitrary code.

The vulnerabilities of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird are related to memory security vulnerabilities. Exploiting these vulnerabilities can allow a malicious actor to execute arbitrary code remotely...

CVE-2024-33054 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine...

CVE-2024-33052 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host

Memory corruption when user provides data for FM HCI command control operations...

The vulnerability of the NET-SNMP-VACM-MIB() function in the Net-SNMP software suite for the Linux operating system allows a attacker to compromise the integrity of the system.

The vulnerability of the NET-SNMP-VACM-MIB function in the Net-SNMP software suite for the Linux operating system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to compromise the integrity of the system...