CVE-2021-27417

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc an implementation of malloc. The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow...

Heap overflow

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc an implementation of malloc. The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow...

Integer overflow

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27427

The CVE-2021-27427 entry concerns RIOT OS 2020.01.1, where an integer wrap-around in calloc can cause arbitrary memory allocation, leading to a crash or remote code execution. Connected sources corroborate the RIOT OS impact and specify the vulnerability as an integer wrap-around in calloc. The R...

Unspecified vulnerability in iot-device-sdk-embedded-c

iot-device-sdk-embedded-c is an application plugin. The Google Cloud IoT Device SDK for embedded C is an easily portable open source C library that connects low-end IoT devices to Google Cloud IoT Core. iot-device-sdk-embedded-c suffers from a security vulnerability that stems from the...

The vulnerability in the implementation of the calloc function in the kernel of the operating system for RIOT network devices allows a hacker to execute arbitrary code.

The vulnerability in the implementation of the calloc function in the kernel of the operating system for RIOT network devices relates to the possibility of integer overflow. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the implementation of the calloc() and mm_zalloc() functions in the Tizen RT operating systems allows a hacker to cause a service failure.

The vulnerability of the calloc and mmzalloc functions in Tizen RT operating systems is related to integer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Buffer overflow

Buffer overflow vulnerability in fcovatti libieciccpmod v1.5, allows attackers to cause a denail of service when trying to calloc an unexpectiedly large space...

The vulnerability of the calloc() function in the Klibc environment library, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the calloc function in the Klibc environment library is related to integer overflow. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...

Integer overflow

Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk array-like replies, hiredis fails to check if count sizeofredisReply...

CVE-2021-22684

Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functionscalloc and mmzalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash...

The vulnerability of the calloc() function in the C Runtime Library (CRT) allows a hacker to execute arbitrary code.

The vulnerability of the calloc function in the C Runtime Library CRT is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

CVE-2021-22156

An integer overflow vulnerability in the calloc function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform SDP versions 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to...

CVE-2021-22156

CVE-2021-22156 is an integer overflow in the calloc() function of the BlackBerry QNX C runtime library, affecting SDP 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier. Exploitation could cause denial of service or arbitrary code execution; remote a...

PT-2021-3887 · Blackberry · Blackberry Qnx Os For Medical +2

Name of the Vulnerable Software and Affected Versions: BlackBerry QNX Software Development Platform SDP versions 6.5.0SP1 and earlier BlackBerry QNX OS for Medical versions 1.1 and earlier BlackBerry QNX OS for Safety versions 1.0.1 and earlier Description: The issue is related to an integer...

EulerOS Virtualization 3.0.2.2 : p11-kit (EulerOS-SA-2021-2155)

According to the version of the p11-kit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations...

CVE-2021-34386

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows...

Integer overflow

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the calloc size calculation can cause the multiplication of count and size can overflow, which might lead to heap overflows...

NVIDIA TLK 输入验证错误漏洞

Nvidia NVIDIA TLK is a scheduler from Nvidia Corporation of America that is used in conjunction with Trusted Firmware-A TF-A. NVIDIA TLK suffers from an input validation error vulnerability that stems from the fact that Trusty TLK contains a vulnerability in the NVIDIA TLK kernel, where an intege...

opensc security, bug fix, and enhancement update

0.20.0-4 - Use file cache by default 1892810 - Avoid calloc with 0 argument 1895401 0.20.0-3 - Support PIN change for HID Alt tokens 1830901 - Fix CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572 - Fix right padding of token labels of some cards 1877973...