17 matches found
Philips Hue Bridge 安全漏洞
The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from a lack of data size validation when processing custom Zigbee ZCL frames. This vulnerability may lead to heap buffe...
EUVD-2019-2410
Malware in sbrugna...
EUVD-2020-3460
Malware in sbrugna...
SUSE CVE-2023-53257
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame...
CVE-2019-10606
Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917,...
SUSE CVE-2011-3484
The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service loop and application crash via a malformed packet...
SUSE CVE-2018-10184
An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the maxframesize setting instead of being checked against the bufsize. The maxframesize only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the...
SUSE CVE-2020-11102
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length...
CVE-2023-23609 contiki-ng BLE-L2CAP contains Improper size validation of L2CAP frames
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...
Semtech LoRaMac-node 安全漏洞
Semtech LoRaMac-node is a reference implementation of a LoRa network node from Semtech Corporation, USA. A security vulnerability exists in LoRaMac-node versions prior to 4.7.0, which stems from the fact that its failure to properly validate the size of incoming radio frames could result in an...
PT-2022-24862 · Unknown · Loramac-Node
Name of the Vulnerable Software and Affected Versions: LoRaMac-node versions prior to 4.7.0 Description: The issue is caused by improper size validation of incoming radio frames, which can lead to a buffer overflow. Specifically, the function ProcessRadioRxDone expects incoming radio frames to ha...
CVE-2020-11102
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length...
Improper access control
Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917,...
CVE-2019-10606
CVE-2019-10606 describes an out-of-bounds access in the USB driver due to missing validation of the frame size provided by the user, affecting Qualcomm Snapdragon-based devices listed as Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...
CVE-2016-2486
mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers to gain privileges via a crafted application, a...
DEBIAN-CVE-2011-3484
The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service loop and application crash via a malformed packet...
CVE-2011-3484
The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service loop and application crash via a malformed packet...