CVE-2021-22802

Schneider Electric IGSS Data Collector (dc.exe), affected in IGSS v15.0.0.21243 and earlier, is vulnerable to a CWE-120 buffer overflow due to missing length checks on user-supplied data while processing a network-constructed message. This can lead to remote code execution with the dc.exe process...

Stack overflow

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server V15.0.0.22020...

Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6083)

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

Siemens SIPROTEC 5 relays Buffer Copy Without Checking Size of Input (CVE-2021-33720)

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 All versions V8.80, SIPROTEC 5 relays with CPU variants CP100 All versions V8.80, SIPROTEC 5 relays with CPU variants CP300 All versions V8.80. Specially crafted packets sent to port 4443/tcp could cause a...

Siemens SIPROTEC 5 relays Buffer Copy Without Checking Size of Input (CVE-2021-33719)

A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 All versions V8.80, SIPROTEC 5 relays with CPU variants CP100 All versions V8.80, SIPROTEC 5 relays with CPU variants CP300 All versions V8.80. Specially crafted packets sent to port 4443/tcp could cause a...

Rockwell Automation 1794-AENT Flex I/O Series B Buffer Copy Without Checking Size of Input (CVE-2020-6086)

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen- Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

CVE-2022-22723

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

CVE-2022-22725

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

The vulnerability lies in the implementation of the convert() function or ImagingConvertTransparent(), which is used in the Pillow and PIL image processing libraries. This allows an attacker to cause a denial-of-service attack.

The vulnerability in the implementation of the convert function or ImagingConvertTransparent method of the Pillow and Python Imaging Library for working with images involves copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause...

CVE-2021-43082

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0...

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE500, RS400, WNDR3400v3, WNR3500Lv2, D6220, D6400, and wireless repealers like EX6120, EX6130, EX7500, allows a perpetrator to execute arbitrary code.

The vulnerability of the httpd microprogramming software in NETGEAR Wi-Fi routers such as R6400, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX38v2, RAX40v2, RAX42, RAX43, RAX45, RAX48, RAX50, RAX50S, RAX75, RAX80, RAXE450, RAXE50...

PT-2021-4633 · NetGear · Netgear R6700 +29

Name of the Vulnerable Software and Affected Versions: NETGEAR R6400 versions R6400 through R6400v2 NETGEAR R6700 versions R6700v3 NETGEAR R6900P NETGEAR R7000 versions R7000 through R7000P NETGEAR R7850 NETGEAR R7900P NETGEAR R7960P NETGEAR R8000 versions R8000 through R8000P NETGEAR RAX15 NETGE...

Rockwellautomation Flex Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

Rockwellautomation Micrologix Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...

The vulnerability of the image decoding process in QUIC systems of the Rendering of Remote Virtual Desktops SPICE software lies in the copying of buffers without checking the size of the input data. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the image decoding process in the QUIC rendering system for remote virtual desktops SPICE involves copying buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, a...

CVE-2021-30191

CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input...

CVE-2021-30191

CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input...

Input validation

CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input...

CVE-2021-30191

CVE-2021-30191 affects the CODESYS V2 Web-Server prior to 1.1.9.20. The root cause is a buffer copy without checking input size, causing a classic stack-based buffer overflow. Impact described in sources includes remote execution of code or denial of service by crashing the web server, with high-...

CVE-2021-30191

CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input...