17 matches found
ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation
Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...
GHSA-CH3Q-CW5R-F4HG ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation
Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...
SUSE CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
UBUNTU-CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286 Denial of service in github.com/jackc/pgproto3/v2
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
EUVD-2026-16347
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
GO-2026-4518 Denial of service in github.com/jackc/pgproto3/v2
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
PT-2026-28437
Name of the Vulnerable Software and Affected Versions versions prior to 2026-32286 Description The DataRow.Decode function does not correctly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, resulting in a slice bounds o...
kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...
SUSE CVE-2025-21826
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...
DEBIAN-CVE-2025-21826
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...
The vulnerability of the RSA BSAFE Micro Edition Suite and BSAFE Crypto-C Micro Edition software lies in the possibility of integer overflow when processing field lengths. This allows attackers to compromise vulnerable systems.
The vulnerability of the RSA BSAFE Micro Edition Suite and BSAFE Crypto-C Micro Edition software lies in integer overflow during the processing of field lengths. Exploiting this vulnerability can allow an attacker to compromise the vulnerable system...
The vulnerability of the WLInfoRailService component in the Avalanche mobile device management system allows a hacker to trigger a service failure.
The vulnerability of the WLInfoRailService component in the Avalanche mobile device management system is related to integer overflow during the processing of field lengths. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the IPerf3 network bandwidth measurement tool, related to integer overflows, allows a hacker to cause a service failure.
The vulnerability of the IPerf3 network bandwidth measurement tool is related to integer overflows during the processing of field lengths. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
CVE-2008-0108
Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length...