Buffer overflow

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobil...

Unspecified Vulnerability in Interactive Graphical SCADA System (IGSS)

The Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes. A security vulnerability exists in the Definition module of Interactive Graphical SCADA System IGSS versions 15.0.0.21140 and earlier. The vulnerability...

The vulnerability of the kind-of application software library “Aurora Center” is related to insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the kind-of application software library Aurora Center is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the uglify-js library in the Aurora application software allows a hacker to execute arbitrary code by exploiting syntax errors in input data.

The vulnerability of the uglify-js library in the Avrora software application is related to syntax checking errors in input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted Java script...

The vulnerability of the Apache Thrift application programming library at Aurora Center, related to insufficient input data validation, allows attackers to trigger service failures.

The vulnerability of the Apache Thrift application programming interface at Aurora Center is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the Exim message transfer agent, related to insufficient validation of input data, allows attackers to circumvent security restrictions set by users.

The vulnerability of the Exim message transfer agent is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to circumvent security restrictions set by the user...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in insufficient cleaning of input data, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to insufficient cleaning of input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Desktop Bridge application converter in Microsoft Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Windows Desktop Bridge application converter in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of Intel ADAS IE software for autonomous driving, which arises due to insufficient testing of input data, allows a violator to increase their privileges.

The vulnerability of Intel ADAS IE software for autonomous driving exists due to insufficient testing of input data. Exploiting this vulnerability can allow hackers to gain increased privileges...

The vulnerability of the VideoLAN VLC media player lies in its lack of proper input data validation, allowing a hacker to execute arbitrary code.

The vulnerability of the VideoLAN VLC media player exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created playback list...

Out-of-bounds read in Apache Thrift

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in insufficient input data validation, which allows attackers to trigger service failures.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

PT-2021-8101 · Sox +3 · Sox +3

Name of the Vulnerable Software and Affected Versions: SoX affected versions not specified Description: A heap-buffer-overflow occurs in the startread function in the hcom.c file. This issue is exploitable with a crafted hcomn file, which could cause an application to crash. The vulnerability is...

Security Bulletin: NVIDIA GPU Display Driver - April 2021

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, and information disclosure. To protect your system, download and install this software update through the NVIDIA...

The vulnerability of microprogrammed software in wireless controllers from NETGEAR, such as WC7500, WC7600, WC7600v2, and WC9500, arises due to insufficient cleaning of input data. This allows a intruder to execute arbitrary commands.

The vulnerability of microprogrammed wireless controller software from NETGEAR, including WC7500, WC7600, WC7600v2, and WC9500, is related to insufficient cleaning of input data. Exploiting this vulnerability can allow an intruder to execute arbitrary commands...

The vulnerability of NETGEAR R6220 and R6230 Wi-Fi router microprogramming software, related to insufficient cleaning of input data, allows a intruder to execute arbitrary commands.

The vulnerability of NETGEAR R6220 and R6230 Wi-Fi routers’ microprogramming software is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

The vulnerability of the graphical component of the Qualcomm Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the graphical component of the Qualcomm Android operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a hacker to execute arbitrary code using an application installed on the device...

The vulnerability of the software for implementing the hypertext environment MediaWiki, related to the lack of a mechanism for checking input data, allows a violator to compromise the integrity of the data.

The vulnerability of the software for implementing the hypertext environment MediaWiki is related to the lack of a mechanism for checking input data. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the integrity of the data...

The vulnerability of the DNS server service in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the DNS server service in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the DNS server service in Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the DNS server service for Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...