Linux Distros Unpatched Vulnerability : CVE-2017-9949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service stack-based buffer underflow and...

Linux Distros Unpatched Vulnerability : CVE-2017-9763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The grubext2readblock function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2018-11382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The inststs function in radare2 2.5.0 allows remote attackers to cause a denial of service heap- based out-of-bounds read and application crash via a crafted...

The vulnerability of the Autodesk On-Demand Install Services (AdODIS) software update service allows a hacker to elevate their privileges to the level of NT AUTHORITY/SYSTEM.

The vulnerability of the Autodesk On-Demand Install Services AdODIS software update service is related to the use of an unreliable search path. Exploiting this vulnerability can allow an attacker to elevate their privileges to the NT AUTHORITY/SYSTEM level by loading a specially crafted binary fi...

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2016-4487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to...

The vulnerability of the MongoDB database management system, due to issues with process management, allows attackers to load arbitrary libraries and gain full control over the application.

The vulnerability of the MongoDB database management system exists due to a problem with process management. Exploiting this vulnerability allows an attacker to load arbitrary libraries and gain full control over the application by executing a specially created binary file...

org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters...

shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created GLB file...

SUSE CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

UBUNTU-CVE-2023-40549

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

AZL-34555 CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

UBUNTU-CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

PT-2023-9000 · Microsoft +2 · Azure Uamqp +2

Name of the Vulnerable Software and Affected Versions: Azure uAMQP versions prior to 2024-01-01 Description: The issue is related to an integer overflow or wraparound or memory safety issue in the Azure uAMQP library, which is a general-purpose C library for AMQP 1.0. This library is used by...

The vulnerability of the process_cu_tu_index function in the dwarf.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the processcutuindex function in the dwarf.c component of the GNU Binutils development environment is related to reading data from buffer beyond its allowable limits. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially created binar...

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

CVE-2023-27197

PAX A930 device with PayDroid7.1.1VirgoV04.5.0220220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability...

PAX Technology A930 安全漏洞

The PAX Technology A930 is an Android mobile payment terminal from China-based PAX Technology. A security vulnerability exists in the PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 version, which originated from a vulnerability that allows an attacker to gain root access by running a...

PT-2023-20998 · Pax · Pax A930 +1

Name of the Vulnerable Software and Affected Versions: PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell...