562 matches found
CVE-2021-38427
RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x–6.1.0 are affected by a stack-based buffer overflow that could allow a local attacker to execute arbitrary code. This vulnerability is documented as CVE-2021-38427. Connected sources confirm the affected product family and version...
CVE-2021-38425
CVE-2021-38425 affects eProsima Fast DDS, where versions prior to 2.4.0 are vulnerable. A remote attacker can send a specially crafted packet to flood a target device, causing a denial-of-service and information exposure. The issue is addressed in the 2.4.0 release (remediation). Connected source...
CVE-2021-38425 eProsima Fast DDS Network Amplification
eProsima Fast DDS versions prior to 2.4.0 2269 are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure...
CVE-2021-38425
eProsima Fast DDS versions prior to 2.4.0 2269 are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure...
CVE-2021-38425 eProsima Fast DDS Network Amplification
eProsima Fast DDS versions prior to 2.4.0 2269 are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure...
CVE-2021-43547 TwinOaks Computing CoreDX DDS Secure Network Amplification
TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...
CVE-2021-43547
CVE-2021-43547 affects TwinOaks Computing CoreDX DDS: all versions prior to 5.9.1 are vulnerable to an input handling flaw that enables an attacker to flood target devices with crafted network traffic, leading to denial-of-service and potential information exposure (network amplification). The is...
CVE-2021-43547 TwinOaks Computing CoreDX DDS Secure Network Amplification
TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...
CVE-2021-38487 Potential Network Amplification and Information Exposure in RTI Connext Professional and Connext Micro
RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure...
CVE-2021-38487
RTI Connext DDS products are affected by a network amplification vulnerability: Connext Professional 4.1–6.1.0, Connext Secure 4.2x–6.1.0, and Connext Micro 2.4 and later may be flooded by specially crafted packets, causing DoS and information exposure. Root cause involves processing of external ...
PT-2022-10722 · Rti · Connext Dds Secure +1
Name of the Vulnerable Software and Affected Versions: RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x through 6.1.0 Description: The issue is a stack-based buffer overflow that may allow a local attacker to execute arbitrary code. This can potentially lead to unauthorized acce...
PT-2022-10732 · Real Time Innovations · Rti Connext Professional +2
Name of the Vulnerable Software and Affected Versions: RTI Connext DDS Professional versions 4.2x through 6.1.0 Connext DDS Secure versions 4.2x through 6.1.0 Connext DDS Micro versions 2.4 and later Description: The issue arises when an attacker sends a specially crafted packet to flood target...
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service DDS standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022...
DEBIAN-CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
Integer overflow
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
UBUNTU-CVE-2022-0544
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1...
CVE-2022-0544
CVE-2022-0544 concerns Blender’s DDS loader, where an integer underflow can trigger an out-of-bounds read. The vulnerability affects Blender versions prior to 2.83.19, 2.93.8, and 3.1, as described in connected sources. The issue arises in how the DDS image is parsed, potentially allowing an atta...