The vulnerability of the fromNatStaticSetting function in the microprogramming software for Tenda AC10U allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromNatStaticSetting function in the Tenda AC10U router’s microprogramming software relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the formQuickIndex function in the microprogramming software for Tenda AC10U allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formQuickIndex function in the microprogramming software for Tenda AC10U relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the fromDhcpListClient function in the Tenda AC10U router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromDhcpListClient function in the Tenda AC10U router’s software relates to the reading of data outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Vulnerability of the formWifiMacFilterGet() function in the httpd daemon of the wireless access point Tenda i6 software, which allows a intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the formWifiMacFilterGet function in the httpd daemon of the microprogrammed wireless access points from Tenda i6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to...

The vulnerability of embedded Qualcomm microprogramming software, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of embedded Qualcomm software relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

RHEL 8 : squid:4 (RHSA-2024:0397)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0397 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: DoS against...

The vulnerability of the ImageIO component in iOS, tvOS, macOS, watchOS, iPadOS operating systems allows attackers to disclose protected information.

The vulnerability of the ImageIO component in iOS, tvOS, macOS, watchOS, and iPadOS relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

CVE-2021-42147

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

CVE-2021-42144

Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

php: Password_verify() always return true with some hash

A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid...

The vulnerability of the receive_encrypted_standard() function in the fs/smb/client/smb2ops.c module of the SMB protocol client implementation in Linux operating systems allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the receiveencryptedstandard function in the fs/smb/client/smb2ops.c module, which is part of the SMB protocol client implementation in Linux operating systems, relates to access to memory beyond the allocated buffer due to a numerical overflow. Exploiting this vulnerability...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Squid vulnerabilities (USN-6594-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6594-1 advisory. Joshua Rogers discovered that Squid incorrectly handled HTTP message processing. A remote attacker could possibly use this...

PT-2024-3791 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a function in the Linux kernel's implementation of the Reliable Datagram Sockets RDS protocol. It involves reading memory beyond the allocated buffer, potential...

OESA-2024-1086 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the btsockrecvmsg and btsockioctl functions could lead to a use-after-free on a socket buffer "skb". This flaw allows a local user to cause...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a mishandling of oversized packets in dtlsccmdecryptmessage can lead to...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and prior versions, which stems from a buffer over-read in the dtlssha256update function...

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-X3260 Wi-Fi routers involves reading data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...