CVE-2022-23537

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...

CVE-2022-23537

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects...

PT-2022-6027 · Pjsua-Lib +6 · Pjsua-Lib +6

Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to 2.13.1 Description: The issue is related to a buffer overread that can occur when parsing a specially crafted STUN message with an unknown attribute. This can affect applications that use STUN, including PJNATH and...

The vulnerability of the xrdp_sec_process_mcs_data_CS_CORE() function on the XRDP server allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpsecprocessmcsdataCSCORE function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...

The vulnerability of the xrdp_caps_process_confirm_active() function on the XRDP server allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the xrdpcapsprocessconfirm-active function on the XRDP server is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause servic...

drachtio-server 缓冲区错误漏洞

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. A security vulnerability exists in drachtio-server prior to version 0.8.19, which stems from a vulnerability that could allow a remote attacker to cause a denial of service daemon crash via a crafted UDP message th...

UBUNTU-CVE-2022-46393

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLSSSLDTLSCONNECTIONID is enabled and MBEDTLSSSLCIDINLENMAX 2 MBEDTLSSSLCIDOUTLENMAX...

PT-2022-21759 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read in the Bluetooth HOST while pairing and connecting A2DP. This affects various Qualcomm Snapdragon...

The vulnerability of Moxa VPORT 06EC-2V IP camera software and Moxa VPort 461A video encoder software lies in the reading of data beyond the buffer in memory. This allows an intruder to gain unauthorized access to protected information or cause a service failure.

The vulnerability of Moxa VPORT 06EC-2V microprogrammed software for IP cameras and the Moxa VPort 461A microprogrammed software for video encoders lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability of the Siemens PADS Standard/Plus Viewer application, related to reading beyond the buffer in memory, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Siemens PADS Standard/Plus Viewer application relates to reading data beyond the buffer in memory during the processing of PCB file formats. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

EulerOS 2.0 SP8 : squid (EulerOS-SA-2022-2807)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - This update for squid fixes the following issues: Updated squid to version 5.7: - CVE-2022-41317: Fixed exposure of sensitive information in cache...

The vulnerability of the Vim text editor lies in the fact that it allows reading beyond the permissible buffer data limits. This enables attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Vim text editor is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Wi-Fi hotspot implementation in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.

The vulnerability of the Wi-Fi hotspot implementation in the RouterOS operating system of MikroTik lies in the ability to read data beyond the buffer in memory during the processing of the u32id key. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending...

The vulnerability of the SNMP (Simple Network Management Protocol) implementation in the RouterOS operating system of MikroTik allows a hacker to execute arbitrary code.

The vulnerability in the implementation of the SNMP Simple Network Management Protocol protocol in the RouterOS operating system of MikroTik routers lies in the ability to read data beyond the buffer boundaries in memory during the processing of the u32id key. Exploiting this vulnerability allows...

The vulnerability of the implementations of TLS and SSL protocols in the microprogramming-based network interface controllers of Cisco Adaptive Security Appliances (ASA) and Firepower Threat Defense (FTD) from the ASA 5500-X Series, Firepower 4100 Series, and Firepower 9300 Series allows attackers to induce service interruptions.

The vulnerability of the implementations of TLS and SSL protocols in microprogrammable network interface devices from Cisco Adaptive Security Appliances ASA and Firepower Threat Defense FTD of the ASA 5500-X Series, Firepower 4100 Series, and Firepower 9300 Series is related to the copying of...

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory. This allows attackers to disclose protected information.

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data outside of the buffer in memory...

OESA-2022-2116 dbus-broker security update

Security Fixes: An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.CVE-2022-31212 An issue was discovered in dbus-broker before 31. Multiple...

The vulnerability of the USB redirection channel (urbdrc) in the FreeRDP remote desktop protocol allows a intruder to gain unauthorized access to protected information or cause a service failure.

The vulnerability of the USB redirection channel urbdrc in the FreeRDP remote desktop protocol is related to the issue where operations are performed outside the buffer during data input length checking. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability in the Acrobat.dll executable of PDF file viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory, allowing an attacker to disclose protected information.

The vulnerability of the Acrobat.dll executable files used by PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data beyond the buffer in memory. Exploitin...

The vulnerability in the Acrobat.dll executable of PDF file viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory, allowing an attacker to disclose protected information.

The vulnerability of the Acrobat.dll executable files used by PDF viewing and editing programs from Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data beyond the buffer in memory. Exploitin...