126 matches found
Buffer overflow
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2021-42147
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2023-5460
A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...
Heap overflow
A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...
CVE-2023-5460 Delta Electronics WPLSoft Modbus Data Packet heap-based overflow
A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...
CVE-2022-31810
A vulnerability has been identified in SiPass integrated All versions V2.90.3.8. Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash...
Vulnerability of the mstolfp() function (libntp/mstolfp.c) in the ntpq monitoring program, which implements a time synchronization protocol. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of the mstolfp function libntp/mstolfp.c in the ntpq monitoring program, which implements the NTP time synchronization protocol, is related to writing beyond the buffer boundaries in memory when adding a decimal point. Exploiting this vulnerability could allow a remote attacker ...
NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle
Exploit Title: NVFLARE 2.1.4 - Unsafe Deserialization due to Pickle Exploit Author: Elias Hohl Google Dork: N/A Date: 2022-06-21 Vendor Homepage: https://www.nvidia.com Software Link: https://github.com/NVIDIA/NVFlare Version: 2.1.4 Tested on: Ubuntu 20.04 CVE : CVE-2022-34668...
SUSE CVE-2005-2629
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a...
SUSE CVE-2006-0049
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...
PocketMine-MP vulnerable to denial-of-service by sending large modal form responses
Impact Due to a workaround for an old client bug which has since been fixed, very large JSON payloads in ModalFormResponsePacket were able to cause the server to spend a significant amount of time processing the packet. Large numbers of these packets were able to hog CPU time so as to prevent the...
CVE-2022-38980
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions...
Juuko DATA Packet Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to issue commands on vulnerable installations of Juuko equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of communication between the transmitter and receiver. By using a fixed control...
CVE-2022-32449
TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...
Command injection
TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...
CVE-2022-32449
TOTOLINK EX300V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is exploitable via a crafted MQTT data packet...
Online Sports Complex Booking System 1.0 Cross Site Scripting
Title: Online Sports Complex Booking System 1.0 XSS Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...
Online Sports Complex Booking System 1.0 SQL Injection
Title: Online Sports Complex Booking System 1.0 SQL Injection Author: Zllggggg Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...
MAC1100 PLC 安全漏洞
The MAC1100 PLC is an industrial control product PLC. A security vulnerability exists in the MAC1100 PLC that can be exploited by an attacker to cause a persistent denial of service DOS via a crafted package...
CVE-2020-28592
A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...