7652 matches found
CVE-2021-30879
CVE-2021-30879 affects macOS AppleScript handling (out-of-bounds read). Root cause is an issue in processing a malicious AppleScript binary; Apple fixed this with improved bounds checking. Affected products/versions include macOS Big Sur 11.6.1, macOS Catalina Security Update 2021-007, and macOS ...
CVE-2021-30877
CVE-2021-30877 is an Apple macOS AppleScript-related vulnerability involving an out-of-bounds read in an AppleScript binary. The issue was fixed by improved bounds checking and applies to macOS Monterey 12.0.1, Security Update 2021-007 Catalina, and macOS Big Sur 11.6.1. Exploitation could lead t...
IBM Tivoli Workload Scheduler Buffer Overflow Vulnerability
IBM Tivoli Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software supports planning, execution, and tracking of jobs across multiple platforms and environments. A security vulnerability exists in IBM Tivoli Workload Scheduler that results...
The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, allows a intruder to trigger a service failure.
The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...
Apple iTunes < 12.11.4 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.11.4. It is, therefore, affected by multiple vulnerabilities as referenced in the HT212609 advisory. - A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5...
Apple iTunes < 12.11.4 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.11.4. It is, therefore, affected by multiple vulnerabilities as referenced in the HT212609 advisory. - A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5...
exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp
A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...
D-Link DAP-2020 Stack Buffer Overflow Vulnerability (CNVD-2021-67523)
The D-Link DAP-2020 is a wireless N access point. The D-Link DAP-2020 is vulnerable to a stack buffer overflow vulnerability caused by incorrect boundary checking of the var:menu parameter in the webproc endpoint, which could be exploited by an attacker to cause a buffer overflow and execute...
CVE-2020-25767
An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnccopyin routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet e.g., forward compression pointer jumps are allowed, which leads to an Out-of-bounds...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. Lack of checking that shape of the input or the target shape have both a non-zero number of elements causes an integral division by 0 exception...
The vulnerability of the Cisco Packet Tracer network modeling tool for Windows operating systems stems from errors in the mechanism for checking pathfinding for dynamically attached libraries. This allows a hacker to execute arbitrary code.
The vulnerability of the Cisco Packet Tracer network modeling tool for Windows operating systems is related to errors in the mechanism for checking pathfinding for dynamically attached libraries. Exploiting this vulnerability can allow a hacker to execute arbitrary code...
OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Linux
OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Windows
OpenSSL is prone to incorrect error checking during CMS verification. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
The vulnerability of the GNU Aspell spell-checking program lies in its ability to write outside the field, allowing a hacker to execute arbitrary code.
The vulnerability of the GNU Aspell spell checker lies in its ability to be executed outside of the field. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Intel Ethernet Adapters 800 代码问题漏洞
Intel Ethernet Adapters 800 is an Ethernet adapter from Intel Corporation USA. A code issue vulnerability exists in Intel Ethernet Adapters 800 that stems from improper conditional checking in the product. An attacker could use this vulnerability to cause information disclosure or denial of...
Rockwellautomation Flex Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...
CVE-2021-20349
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...
CVE-2021-20349
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...
Stack overflow
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599...
IBM Tivoli Workload Scheduler 缓冲区错误漏洞
IBM Tivoli Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software supports planning, execution, and tracking of jobs across multiple platforms and environments. A security vulnerability exists in IBM Tivoli Workload Scheduler that results...