CVE-2024-52802

RIOT is an operating system for internet of things IoT devices. In version 2024.04 and prior, the function parseadvertise, located in /sys/net/applicationlayer/dhcpv6/client.c, has no minimum header length check for dhcpv6optt after processing dhcpv6msgt. This omission could lead to an out-of-bou...

CBL Mariner 2.0 Security Update: cups (CVE-2023-34241)

The version of cups installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-34241 advisory. - OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating...

Use-After-Free

cups is vulnerable to Use-After-Free. The vulnerability occurs when the httpClosecon-http function is called within scheduler/client.c. CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data right before leading to...

CVE-2023-34241 CUPS vulnerable to use-after-free in cupsdAcceptClient()

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data...

Out-of-bounds Write

connman is vulnerable to Out-of-bounds Write. This vulnerability allows a network-adjacent attacker to utilize 'client.c' within 'gdhcp' to carry out a stack based buffer overflow or denial of service which terminates the connman process...

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

CVE-2023-28488

client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cups Multiple Vulnerabilities (NS-SA-2021-0161)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cups packages installed that are affected by multiple vulnerabilities: - A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP...

OSV-2021-461 Heap-buffer-overflow in ProcessReply

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31527 Crash type: Heap-buffer-overflow READ 1 Crash state: ProcessReply wolfSSLconnect client.c...

openSUSE Security Update : openssh (openSUSE-2019-914)

This update for openssh fixes the following issues : - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration...

Oracle MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities

Binary data 8912.prm...

CVE-2006-2148

Multiple buffer overflows in client.c in CGI:IRC CGIIRC before 0.5.8 might allow remote attackers to execute arbitrary code via 1 cookies or 2 the query string...