The vulnerability of the microprogrammed software of Moxa routers series TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810 is related to errors in processing input data, which can allow a perpetrator to cause service failures.

The vulnerability of the microprogrammed routing software from Moxa, models TN-5916, TN-4900, EDR-G903, EDR-G902, and EDR-810, is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to cause service failures by sending specially crafted HTTP/HTTPS...

The vulnerability of the Azure RTOS GUIX Studio development environment, due to insufficient testing of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Azure RTOS GUIX Studio development environment exists due to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...

Information Disclosure

libfreerdp.so is vulnerable to information disclosure. The vulnerability exists due to the library's missing input data length checks which allow an attacker to read out-of-bounds data...

D-Link DIR-882 webGetVarString function buffer overflow vulnerability

D-Link DIR-882 is a wireless router from D-Link, China. D-Link DIR-882 firmware versions 1.10B02 and 1.20B06 contain a buffer overflow vulnerability that stems from a lack of length validation of input data in its webGetVarString function, which could be exploited to cause a denial of service or...

D-Link DIR-882 sub_46D180 function buffer overflow vulnerability

D-Link DIR-882 is a wireless router from D-Link, China. D-Link DIR-882 firmware versions 1.10B02 and 1.20B06 contain a buffer overflow vulnerability that stems from the lack of length validation of input data in the sub46D180 function wanwanphyifname parameter, which could be exploited by an...

Google TensorFlow buffer overflow vulnerability (CNVD-2022-80680)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer overflow vulnerability exists in Google TensorFlow, which stems from tf.rawops.ResizeNearestNeighborGrad's lack of length size validation of the input data. validation, an attacker could exploi...

Tenda AC21 set_device_name function buffer overflow vulnerability

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which is caused by the setdevicename function not checking the length and size of the input data, and can be exploited to cause a denial of service...

The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-link DIR-823G routers allows a hacker to execute arbitrary commands.

The vulnerability of the SetNetworkTomographySettings function implementation in D-link DIR-823G router microprogramming software is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2022-24903: A flaw in rsyslog TCP module could allow an attacker to craft a malicious message leading to a heap-based buffer overflow. (BSA-2022-2127)

Security Advisory ID: BSA-2022-2127 Component: Rsyslog Revision: 1.0 Rsyslog is vulnerable to remote code execution RCE due to improper validation of input data when octet-counted framing is used. An attacker could exploit this vulnerability by supplying a system with maliciously crafted messages...

PT-2022-7394 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.4 Description: The issue is related to the improper neutralization of input data during web page generation, which may allow a remote attacker to execute arbitrary code. Users may be able to create a public RSS fee...

The vulnerability of the Cisco Discovery Protocol implementation in the microsoftware of Cisco Analog Telephone Adapter (ATA) series 190 devices allows a perpetrator to cause memory corruption and compromise the integrity of protected information.

The vulnerability of the Cisco Discovery Protocol implementation in microprogrammed software for Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to cause memory...

The vulnerability in the J-Web web interface of the JunOS operating system allows a hacker to execute arbitrary code.

The vulnerability of the J-Web web interface of the JunOS operating system is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in Google Chrome’s developer tools for web developers allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s developer tools relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

The vulnerability of the InnoDB component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component in the MySQL Database Management System exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the InnoDB component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the InnoDB component of the MySQL Database Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the virtual learning environment Moodle, related to insufficient verification of input data, allows a perpetrator to disclose protected information.

The vulnerability in the virtual learning environment Moodle is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information...

ROS-20221020-02

A vulnerability in the Java Protocol Buffers protobuf-java runtime library is related to a problem analyzing binary data. Exploitation of the vulnerability could allow an attacker acting remotely to send data containing multiple instances of non-repeating embedded messages to the application's...

Tenda AC18 Stack Overflow Vulnerability

Tenda AC18 is a router from Tenda, a Chinese company. tenda AC18 is vulnerable to a stack overflow vulnerability, which stems from a lack of length validation of the time parameter of the fromSetSysTime function for input data. An attacker could exploit the vulnerability to cause a denial of...

The vulnerability of the PAPI network protocol implementation in the Wi-Fi Aruba Instant wireless connectivity deployment application allows a attacker to execute arbitrary code.

The vulnerability of the PAPI protocol implementation for Wi-Fi Aruba Instant wireless connectivity applications lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafte...