Milesight UR32L firewall_handler_set function buffer overflow vulnerability

The Milesight UR32L is a 4G industrial router from China's Milesight. A buffer overflow vulnerability exists in the Milesight UR32L firewallhandlerset function due to incorrect boundary checking in the firewallhandlerset function. An authenticated, remote attacker could use this vulnerability to...

CVE-2023-30431 IBM Db2 buffer overflow

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184...

CVE-2023-30431 IBM Db2 buffer overflow

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184...

EulerOS 2.0 SP9 : shim (EulerOS-SA-2023-2344)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain...

EulerOS 2.0 SP9 : shim (EulerOS-SA-2023-2324)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain...

MGASA-2023-0213 Updated skopeo/buildah/podman packages fix security vulnerability

Information disclosure flaw was found in Buildah CVE-2021-3602 podman allows forwarding hosts ports to vm from within vm CVE-2021-4024 Allows use "../" separators in containernetworking/cni to reference binaries such as 'reboot' in network configuration CVE-2021-20206 github.com/containers/storag...

Google Android OS 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android OS, which stems from a lack of bounds checking and possible out-of-bounds writes in gattendoperation in gattutils.cc...

CVE-2023-24851 Buffer Copy Without Checking Size of Input in WLAN HOST

Memory Corruption in WLAN HOST while parsing QMI response message from firmware...

CVE-2023-21640 Buffer Copy Without Checking Size of Input in Linux

Memory corruption in Linux when the file upload API is called with parameters having large buffer...

部分MediaTek芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some of the MediaTek chips, which stems from a possible read out-of-bounds situation in the display due to a lack of boundary checking, leading to local information disclosure...

部分MediaTek芯片 缓冲区错误漏洞

MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some MediaTek chips, which originates in cmdq, due to a lack of boundary checking, which may result in memory corruption leading to a local denial of service. The following products are...

部分MediaTek芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company MediaTek. A security vulnerability exists in some MediaTek chips, which originates from an out-of-bounds write in cmdq due to a lack of boundary checking, which may result in local privilege escalation. The following products...

EulerOS 2.0 SP11 : shim (EulerOS-SA-2023-2277)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...

EulerOS 2.0 SP11 : shim (EulerOS-SA-2023-2301)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...

github.com/cosmos/cosmos-sdk's x/crisis does not charge ConstantFee

x/crisis does not charge ConstantFee Impact If a transaction is sent to the x/crisis module to check an invariant, the ConstantFee parameter of the chain is NOT charged. All versions of the x/crisis module are affected on all versions of the Cosmos SDK. Details The x/crisis module is supposed to...

CVE-2023-3249

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

Authentication flaw

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

CVE-2023-3138

A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a possible out-of-bounds read in removesdprecord in btifsdpserver.cc due to incorrect bounds checking, which could lead to local information disclosure...

OESA-2023-1377 libX11 security update

Core X11 protocol client library. Security Fixes: A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions writ...