6553 matches found
OpenSSL -- Buffer overflows in Email verification
The OpenSSL project reports: X.509 Email Address 4-byte Buffer Overflow CVE-2022-3602 High: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. X.509 Email Address Variable Length Buffer Overflow CVE-2022-3786 High: A buffer overrun can b...
Ubuntu 16.04 ESM : LibTIFF vulnerabilities (USN-5705-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5705-1 advisory. Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted...
CVE-2022-33185
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user accoun...
Stack overflow
A vulnerability in fabseg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account...
CVE-2022-33185
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user accoun...
CVE-2022-33184
A vulnerability in fabseg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account...
CVE-2021-26729
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26731
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserbfunc function of spxrestservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware...
Stack overflow
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserbfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
Stack overflow
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...
CVE-2021-26727 spx_restservice SubNet_handler_func Multiple Command Injections and Stack-Based Buffer Overflows
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...
CVE-2021-26729 spx_restservice Login_handler_func Command Injection and Multiple Stack-Based Buffer Overflows
Command injection and multiple stack-based buffer overflows vulnerabilities in the Loginhandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...
CVE-2021-26731 spx_restservice modifyUserb_func Command Injection and Multiple Stack-Based Buffer Overflows
Command injection and multiple stack-based buffer overflows vulnerabilities in the modifyUserbfunc function of spxrestservice allow an authenticated attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware...
SUSE: Security Advisory (SUSE-SU-2022:3687-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-26729
CVE-2021-26729 affects Lanner Inc IAC-AST2500A standard firmware version 1.10.0. The issue is a vulnerability in the spx_restservice “Login_handler_func” that enables command injection and multiple stack-based buffer overflows , allowing an attacker to execute arbitrary code with the same privile...
CVE-2021-26727 spx_restservice SubNet_handler_func Multiple Command Injections and Stack-Based Buffer Overflows
Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNethandlerfunc function of spxrestservice allow an attacker to execute arbitrary code with the same privileges as the server user root. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10...
CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...
CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...
CVE-2022-3570
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact...