7653 matches found
Tenda A15 wrlEn_5g Parameter Stack Overflow Vulnerability
Tenda A15 is a WiFi extender from Tenda China.A stack overflow vulnerability exists in the Tenda A15 wrlEn5g parameter, which is caused by incorrect boundary checking performed by /goform/WifiBasicSet. By sending an excessively long string using the wrlEn5g parameter, a remote attacker could...
Google Android OS和unisoc部分产品缓冲区错误漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of bounds checking in the wlan driver, leading to a local denial of service...
Google Android OS和unisoc部分产品缓冲区错误漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of bounds checking in the wlan driver, leading to a local denial of service...
Tenda A15 wepkey3 parameter stack overflow vulnerability
Tenda A15 is a WiFi extender from Tenda, China. A stack overflow vulnerability exists in the Tenda A15 wepkey3 parameter, which stems from a lack of length checking of input data in the wepkey3 parameter of /goform/WifiBasicSet, and could be exploited to execute arbitrary code on the system...
TRENDnet TEW-755AP stack overflow vulnerability (CNVD-2023-18940)
The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from the lack of size checking of input data in the comeo.comeo.netstatrsname parameter of the toolsnetstat sub41E730 function, which can be exploited by an attacker to...
Tenda A15 ssid parameter stack overflow vulnerability
Tenda A15 is a WiFi extender from Tenda, China. A stack overflow vulnerability exists in the Tenda A15 ssid parameter, which stems from a lack of length checking of input data in the ssid parameter of /goform/WifiBasicSet, and can be exploited by attackers to execute arbitrary code on the system...
UNISOC chipset 安全漏洞
The UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in the UNISOC chipset that stems from a lack of privilege checking in the music service, which could lead to a local denial of service in the contact service without additional...
Google Android OS和unisoc部分产品缓冲区错误漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in some Google Android OS and unisoc products, which stems from a lack of bounds checking in the wlan driver, leading to a local denial of service...
UNISOC chipset 安全漏洞
The UNISOC chipset is an integrated circuit chipset from China's Zilight Zhanrui UNISOC. A security vulnerability exists in the UNISOC chipset that stems from a lack of privilege checking in the music service, which could lead to a local denial of service in the contact service without additional...
MediaTek 芯片 缓冲区错误漏洞
MediaTek chips are various chips from MediaTek, a Chinese company MediaTek. A buffer error vulnerability exists in MediaTek that stems from a lack of boundary checking in gps, where out-of-bounds writes may occur, which may result in local privilege escalation, affecting the following products an...
TRENDnet TEW-755AP 缓冲区错误漏洞
The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from the lack of size checking of input data in the setbgnum parameter of the icpsetbgimg sub41DD68 function, which can be exploited by an attacker to execute arbitrary...
KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service
An ongoing analysis of the KmsdBot botnet has raised the possibility that it's a DDoS-for-hire service offered to other threat actors. This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and...
ROS-20221216-01
A vulnerability in the libarchive archiving library is related to the lack of error checking after the call to the calloc function, which may return with a NULL pointer in case of a function crash, resulting in a NULL pointer dereference. resultant dereferencing of the NULL pointer. Exploitation ...
Siemens Web Server Login Page of Industrial Controllers Cross-Site Request Forgery (CVE-2022-30694)
The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross- site request forgery attack. This plugin only works with Tenable.ot. Please visit...
CVE-2022-46697
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-46697
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-32948
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...
Cross site scripting
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...
Design/Logic Flaw
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges...
CVE-2022-46697
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges...