CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

NVD•added 2022/04/14 1:15 p.m.•22 views

CVE-2022-26507

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828,...

9.8CVSS0.06696EPSS

Exploits0References2

NVD•added 2021/08/20 10:15 p.m.•12 views

CVE-2021-21828

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious fil...

9.8CVSS0.00459EPSS

Exploits1References1

NVD•added 2021/08/20 10:15 p.m.•11 views

CVE-2021-21827

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within DecodeTreeBlock which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An...

9.8CVSS0.00459EPSS

Exploits1References1

NVD•added 2021/08/20 10:15 p.m.•11 views

CVE-2021-21826

9.8CVSS0.00459EPSS

Exploits1References1

OSV•added 2021/08/20 10:15 p.m.•1 views

CVE-2021-21826

9.8CVSS7.5AI score

Exploits0References1

Prion•added 2021/08/20 10:15 p.m.•14 views

Heap overflow

7.5CVSS9.6AI score0.00459EPSS

Exploits1References1Affected Software1

Prion•added 2021/08/20 10:15 p.m.•15 views

Heap overflow

7.5CVSS9.6AI score0.00459EPSS

Exploits1References1Affected Software1

CVE•added 2021/08/20 9:3 p.m.•52 views

CVE-2021-21827

CVE-2021-21827 is a heap-based buffer overflow vulnerability in AT&T Labs Xmill 0.7, triggered by DecodeTreeBlock during XMI decompression. The vulnerability arises when a UINT32 read from the input is used as the length for a buffer during various decode paths, leading to unsafe copies via memcp...

9.8CVSS9.6AI score0.00459EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/20 9:3 p.m.•13 views

CVE-2021-21827

8.1CVSS9.8AI score0.00459EPSS

Exploits1References1

CVE•added 2021/08/20 9:2 p.m.•61 views

CVE-2021-21826

CVE-2021-21826 is a heap-based buffer overflow in AT&T Labs Xmill 0.7, within XML Decompression DecodeTreeBlock. A crafted XMI file triggers a UINT32-derived length for an internal buffer, enabling a attacker-controlled input to overflow. The initial description confirms the vulnerability, includ...

9.8CVSS9.5AI score0.00459EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/08/20 9:2 p.m.•13 views

CVE-2021-21826

8.1CVSS9.9AI score0.00459EPSS

Exploits1References1

Positive Technologies•added 2021/08/10 12:0 a.m.•2 views

PT-2021-7819 · At&T · At&T Labs Xmill

Name of the Vulnerable Software and Affected Versions: AT&T Labs Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression DecodeTreeBlock functionality. This occurs when a label is created via CurPath::AddLabel to track the label for later reference. An...

10CVSS8.7AI score0.00459EPSS

Exploits1References13

CNNVD•added 2021/08/10 12:0 a.m.•2 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...

9.8CVSS8.2AI score0.00459EPSS

Exploits1References6

CNNVD•added 2021/08/10 12:0 a.m.•2 views

AT&T Labs Xmill 缓冲区错误漏洞

9.8CVSS8.2AI score0.00459EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by