SnakeYAML 缓冲区错误漏洞

SnakeYAML is a Java-based YAML parser. SnakeYAML suffers from a buffer error vulnerability that stems from the fact that parsing untrusted YAML files may be susceptible to a denial of service attack DOS. If the parser is run on user-supplied input, an attacker can cause the parser to crash due to...

Libraw 缓冲区错误漏洞

Libraw is a C++ library from Libraw Inc. for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images on various operating systems. A security vulnerability exists in Libraw, which is caused by an out-of-bounds write in the "newnode" function...

多款Huawei产品缓冲区错误漏洞

Huawei 576up005 HOTA-CM-H-Shark-BD and others are a headset from the Chinese company Huawei Huawei. A security vulnerability exists in several Huawei products. The vulnerability stems from insufficient validation of some parameter inputs, which can be exploited by an attacker to send a...

Delta Electronics DOPSoft 缓冲区错误漏洞

Delta Electronics DOPSoft is a Human Machine Interface HMI software suite from Delta Electronics Taiwan, China. A buffer error vulnerability exists in Delta Electronics DOPSoft, which arises from the processing of specific project files without properly sanitizing the user input could result in t...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer error vulnerability exists in Contiki-NG versions prior to 4.8, which stems from a lack of length checking in the input function...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer error vulnerability exists in versions of Contiki-NG prior to 4.8 that stems from a lack of boundary checking...

Libraw 缓冲区错误漏洞

Libraw is a C++ library from Libraw for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images, supporting various operating systems. A security vulnerability exists in Libraw, which stems from an out-of-bounds write in the simpledecoderow function that can be triggered by images with lar...

Zephyr 缓冲区错误漏洞

The Zephyr Project is a collaborative project hosted by the Linux Foundation, an open source collaboration. zepher Project zephyr suffers from a binary vulnerability that can be exploited by attackers to cause a denial of service attack...

Kepware KEPServerEX 缓冲区错误漏洞

Kepware Kepserverex is a software application from Kepware USA that communicates with a wide range of industrial equipment. The software supports more than 150 communication protocols and supports the delivery of reliable real-time data to organizations through a single platform. A buffer error...

Fuji Electric D300win 缓冲区错误漏洞

Fuji Electric D300win is a PLC product and solution from Fuji Electric Japan. The Fuji Electric D300win suffers from a buffer error vulnerability that stems from susceptibility to out-of-bounds reads, which can be exploited by an attacker to leak sensitive data from process memory...

Openscad 缓冲区错误漏洞

Openscad is an Openscad open source software for creating solid 3D CAD objects. A security vulnerability exists in Openscad that stems from a .scad file that may cause an out-of-bounds read during parsing of annotations...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from the discovery of an out-of-bounds read vulnerability in the smc protocol stack, leading to a remote denial of...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the fact that an attacker can force a read of an invalid memory address in the Linux kernel via bpftailcal...

Tenda AX12 缓冲区错误漏洞

Tenda AX12 is a dual-band Gigabit Wifi 6 wireless router from Tenda China. A security vulnerability exists in Tenda AX12 version V22.03.01.21CN, no detailed vulnerability details are available at this time...

H3C Magic NX18 Plus 缓冲区错误漏洞

The H3C Magic NX18 Plus is a Gigabit dual-band router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic NX18 Plus NX18PV100R003 version, which stems from a stack overflow issue in the AddMacList method...

FATEK FvDesigner 缓冲区错误漏洞

The FATEK FvDesigner is a hardware device from the Chinese company Yonghong Electric FATEK. It provides a human-machine interface. A buffer error vulnerability exists in FATEK FvDesigner 1.5.103 and earlier versions, which stems from vulnerability to out-of-bounds writes and can be exploited by a...

TOTOLINK N350RT 缓冲区错误漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A buffer error vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a lang parameter command injection issue in the setLanguageCfg method...

TOTOLINK A7000R 缓冲区错误漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. A buffer error vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue with the addEffect parameter in the /setting/setLanguageCfg location...

libpng 缓冲区错误漏洞

libpng is a PNG reference library that enables the creation, reading and writing of PNG graphics files. A buffer error vulnerability exists in libpng, which stems from a flaw in its pngimage.c component that allows an attacker with local network access to pass a specially crafted PNG file to a PN...

opcua 缓冲区错误漏洞

opcua is a client and server implementation of the OPC UA specification written in Rust. A buffer error vulnerability exists in opcua version 0.0.0 and later. An attacker could use this vulnerability to perform a denial of service DoS attack via the ExtensionObjects and Variants objects...