The vulnerability of the cfg80211_mgd_wext_giwessid function (net/wireless/wext-sme.c) in the Linux kernel allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the cfg80211mgdwextgiwessid function in the Linux kernel’s net/wireless/wext-sme.c file is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause service...

The vulnerability of the websSecurityHandler function in the MOXA EDR-810 industrial router’s web server allows a hacker to execute arbitrary code.

The vulnerability of the websSecurityHandler function offset 0x1B4B0 in the web server jffs2-root\fs1\magicP\WebServer\webs of the MOXA EDR-810 industrial router is caused by the lack of checking the size of the data being copied into a buffer of 0x200 bytes. Exploiting this vulnerability allows ...

unixODBC security update

CentOS Errata and Security Advisory CESA-2019:2336 An update for unixODBC is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : unixODBC (CESA-2019:2336)

An update for unixODBC is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Scientific Linux Security Update : unixODBC on SL7.x x86_64 (20190806)

Security Fixes : - unixODBC: Buffer overflow in unicodetoansicopy can lead to crash or other unspecified impact CVE-2018-7409 - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 C Tenable Network Security, Inc. The descriptive text is C...

unixODBC security update

2.3.1-14.0.1 - backport unchecked malloc memory references fix Orabug: 29684195 2.3.1-14 - fixed insecure buffer copy 1571530 - fixed possible buffer overflow 1571528 2.3.1-13 - revert: ltdl bundling 2.3.1-12 - fix the libtool-ltdl compatibility Resolves: rhbz1267438...

RHEL 7 : unixODBC (RHSA-2019:2336)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2336 advisory. The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Security Fixes: unixODBC: Buffer...

Moderate: Red Hat Security Advisory: unixODBC security update

An update for unixODBC is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c

An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could only be exploited via a malicious ODBC database connector package with the maximum impact being a denial of service...

Improper access control

Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/...

CVE-2019-2292

CVE-2019-2292 affects Qualcomm WLAN Host components in Snapdragon devices (e.g., Snapdragon Auto/Consumer IoT/Industrial IoT and mobile families listed). Root cause: out-of-bounds access due to buffer copy without checking input size received from WLAN firmware. Impact: potential local code execu...

CVE-2019-2292

Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/...

TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability

Summary An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP...

CVE-2018-11857

Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850...

CVE-2018-11857

Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850...

Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability

Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET...

Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET reque...

Design/Logic Flaw

Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

CVE-2018-5840

Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

CVE-2018-5840

CVE-2018-5840 is a Buffer Copy without Checking Size of Input in the DRM SDE driver initialization path of Android/Linux kernel (CAF variants). The NVD entry states impact as high (local, user interaction required) with a high both for CVSS3 and CVSS2. Affected component appears in the Qualcomm G...