Buffer overflow

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

Buffer overflow

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

Buffer overflow

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

Buffer overflow

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

Denial of service

A denial of service vulnerability exists in the confctlsetwancfg functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability...

Buffer overflow

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

CVE-2022-26376

CVE-2022-26376 affects Asuswrt and Asuswrt-Merlin New Gen. The vulnerability is a memory corruption in the httpd unescape function triggered by a crafted HTTP request; it arises due to missing bounds checking after a '%' character, potentially causing memory corruption or crashes via network inpu...

CVE-2022-24013

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

CVE-2022-1704 Inductive Automation Ignition

Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices Game Optimizing Service version 3.5.04.8, which stems from an improper privilege management vulnerabilit...

PT-2022-16413 · Tcl · Tcl Linkhub Mesh Wi-Fi

Name of the Vulnerable Software and Affected Versions: TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14 Description: A buffer overflow vulnerability exists in the GetValue functionality. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to...

PT-2022-16411 · Tcl · Tcl Linkhub Mesh Wi-Fi

Name of the Vulnerable Software and Affected Versions: TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14 Description: A buffer overflow issue exists in the GetValue functionality. This can be triggered by a specially-crafted configuration value, leading to a buffer overflow. An attacker can exploit this by...

PT-2022-16418 · Tcl · Tcl Linkhub Mesh Wi-Fi

Name of the Vulnerable Software and Affected Versions: TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14 Description: A buffer overflow vulnerability exists in the GetValue functionality. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to...

xorg security update

CentOS Errata and Security Advisory CESA-2022:5905 An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Command Injection

gitblame is vulnerable to command injection. The vulnerability exists because the module.export function of gitblame.js does not properly sanitize the file parameter inside the exec functionality, allowing an attacker to inject and execute malicious code...

Will Not Work If Signatures Are Not Sorted

Lines of code Vulnerability details Commands cannot be executed if the signatures submitted are not stored. Proof-of-Concept Consider the following is submitted to the AxelarAuthWeighted.validateSignatures function. Operators = Alice, Bob, Charles Signatures = Charles's Signature, Bob's Signature...

CVE-2022-34530

An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames...

GSD-2022-1004431 xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()

xen-netfront: restore skbqueuetail positioning in xennetgetresponses This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.53 by commit...

Authentication flaw

Saia Burgess Controls SBC PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm. According to FSCT-2022-0063, there is a Saia Burgess Controls SBC PCD S-Bus weak credential hashing scheme issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The...

CVE-2022-30319

Saia Burgess Controls SBC PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls SBC PCD S-Bus authentication bypass issue. The affected components are characterized as: S-Bus 5050/UDP authentication. The potential impact is:...