CVE-2020-14115

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code...

SpotAuditor 'Name' Denial of Service Vulnerability (CNVD-2020-21801)

SpotAuditor is a useful password recovery software for recovering passwords stored in your computer, which is mainly used to get the list of passwords that have been saved in the local computer, the list of accessed URLs, and the list of launched programs. A denial of service vulnerability exists...

utilitify input validation error vulnerability

utilitify is a utility program for working with collections such as objects, arrays and tuples numbers, strings, etc.. An input validation error vulnerability exists in versions of utilitify prior to 1.0.3. The vulnerability stems from a networked system or product that does not properly validate...

Lustre mdt module input validation error vulnerability

Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre mdt is a module. An input validation error vulnerability exists in the Lustre mdt module. The vulnerability stems from a network system or product that does not properly...

Input Validation Error Vulnerability in Multiple Qualcomm Products (CNVD-2020-20161)

Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU product.Qualcomm MDM9150 is a central processing unit CPU product.SDX20 is a modem. An input validation error vulnerability exists in HLOS in multiple Qualcomm products. The vulnerability...

CURL-CVE-2018-16890 NTLM type-2 out-of-bounds buffer read

libcurl contains a heap buffer out-of-bounds read flaw. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server...