57 matches found
CVE-2021-30310
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...
Qualcomm Wlan Firmware 输入验证错误漏洞
Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm WLAN that stems from incorrect validation of received CF-ACK and CF polling data frames, which could result in a buffer overflow...
CVE-2020-26140
A vulnerability was found in Linux kernel. Where the WiFi implementations accept plaintext frames in a protected WiFi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration. Mitigation Mitigation for this issue is either not available or the...
Design/Logic Flaw
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration...
Qualcomm Chipsets 输入验证错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often manufactured on the surface of semiconductor wafers. The Qualcomm chip is vulnerable to an input validation error. An attacker...
envoy: Resource exhaustion when proxying HTTP/2 requests or responses with small data frames
A flaw was found in Envoy in versions through 1.14.1. An excessive amount of memory may be consumed when proxying HTTP/2 requests and responses that contain many small e.g. 1 byte data frames. The highest threat from this vulnerability is to system availability...
CVE-2020-12603
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...
Design/Logic Flaw
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...
ALPINE-CVE-2019-9518
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSHPROMISE. The peer spends ti...
PT-2019-2979 · Alt Linux +7 · Alt Linux +7
Name of the Vulnerable Software and Affected Versions: HTTP/2 implementations affected versions not specified Description: The issue is related to a flood of empty frames in HTTP/2 implementations, which can lead to a denial of service. An attacker sends a stream of frames with an empty payload a...
Information disclosure
The Fibre Channel over Ethernet FCoE feature in IBM System Networking and Blade Network Technology BNT switches running IBM Networking Operating System aka NOS, formerly BLADE Operating System floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)
The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues bsc1043960 : - MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder - MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading - MFSA 2017-16/CVE-2017-7751 Use-after-free with content...
Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12)
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12)
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
UBUNTU-CVE-2017-5446
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2009-2976
Cisco Aironet Lightweight AP devices transmit certain multicast frames in cleartext, enabling remote attackers who sniff the wireless medium to discover Wireless LAN Controller MAC addresses, IP addresses, and AP configuration details. The connected reports reiterate this behavior without providi...
PT-2007-6106 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.23 Description: The issue is caused by an integer underflow in the ieee80211 rx function, allowing remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 fra...