The vulnerability of the System Management Unit (SMU) component of AMD processors allows attackers to disclose protected information.

The vulnerability of the System Management Unit SMU component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

Denial Of Service (DoS)

github.com/ipfs/go-unixfs is vulnerable to Denial Of Service DoS. The vulnerability exists because hamt.go doesn't properly handle malformed HAMT structures while reading data in the bogus fanout parameter in the HAMT directory nodes, which leads to memory leaks, allowing an attacker to cause an...

ROS-20230213-01

A vulnerability in the ImageMagick graphical editor is related to errors in input data processing. Exploitation of the vulnerability may allow a remote intruder to gain access to protected information using the profile parameter. information using the profile parameter Vulnerability of ImageMagic...

CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access...

CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access...

CVE-2022-48297

The CVE-2022-48297 issue affects the geofencing kernel code where input data length is not verified, potentially causing out-of-bounds memory access. The vulnerability is described with a CVSS v3.1 base score of 7.5 (HIGH), with a network-based, low complexity exploit and no user interaction; con...

The vulnerability of Huawei BiSheng-WNM printer’s microprogramming software, related to insufficient input data verification, allows attackers to trigger service failures.

The vulnerability of Huawei BiSheng-WNM printer’s microprogramming software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures using specially created data...

The vulnerability of the Upload component of the software environment for working with Oracle Web Applications desktop integrations allows a hacker to gain full control over the application.

The vulnerability of the Upload component of the software environment for working with Oracle Web Applications Desktop Integrator relates to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

PT-2023-36382 · Xerox · Workcentre 3025

Уязвимость веб-интерфейса микропрограммного обеспечения принтеров Xerox WorkCentre 3025 связана с некорректной обработкой специальных символов во входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к учетным данным путем...

The vulnerability of Eclipse Jetty servlet containers arises from insufficient validation of input data, allowing attackers to cause failures in the proxy script.

The vulnerability of Eclipse Jetty servlet containers exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause failures in the proxy scenarios...

The vulnerability of the Core component of the Oracle VM VirtualBox software for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Core component of the Oracle VM VirtualBox virtualization software for Windows operating systems is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the i740 video driver in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the i740 video driver in the Linux operating system is related to the lack of checks on user data. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Windows Authentication component in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Authentication component in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted data...

The vulnerability of the VM3DMP driver for the VMware Tools utility on Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the VM3DMP driver for the VMware Tools utility on Windows operating systems is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vim text editor’s do_string_sub() function vulnerability, allowing a hacker to execute arbitrary code

The vulnerability of the dostringsub function in the Vim text editor is related to a boundary error in processing unreliable input data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Tenda A15 SYSPS Parameter Stack Overflow Vulnerability

Tenda A15 is a WiFi extender from Tenda China. A stack overflow vulnerability exists in the Tenda A15 SYSPS parameter, which originates from a lack of length checking of input data in the SYSPS parameter of /goform/SysToolChangePwd, which can be exploited by an attacker to cause a denial of servi...

Tenda A15 wepauth parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, China. A stack overflow vulnerability exists in the Tenda A15 wepauth parameter, which stems from a lack of length checking of input data in the wepauth parameter of /goform/WifiBasicSet, and can be exploited by attackers to execute arbitrary code on the...

Tenda A15 wepkey4 parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, China. A stack overflow vulnerability exists in the Tenda A15 wepkey4 parameter, which stems from a lack of length checking of input data in the wepkey4 parameter of /goform/WifiBasicSet, and could be exploited to execute arbitrary code on the system...

Tenda A15 wepkey3 parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, China. A stack overflow vulnerability exists in the Tenda A15 wepkey3 parameter, which stems from a lack of length checking of input data in the wepkey3 parameter of /goform/WifiBasicSet, and could be exploited to execute arbitrary code on the system...

Tenda A15 wepkey parameter stack overflow vulnerability

Tenda A15 is a WiFi extender from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda A15 wepkey parameter, which originates from the lack of length checking of input data in the wepkey parameter of /goform/WifiBasicSet, and can be exploited by an attacker to execute...