ROS-20240507-01

Vulnerability of ANSI Escape Sequence Handler component of WinRAR file archiver is related to errors in input data processing. input data processing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service or tamper with screen output...

USN-6751-1: Zabbix vulnerabilities

It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting XSS attacks. CVE-2022-35229, CVE-2022-35230...

The vulnerability of the IPerf3 network bandwidth measurement tool, related to the allowed list of input data, allows a hacker to cause a service failure.

The vulnerability of the IPerf3 network bandwidth measurement tool is related to the allowed lists of input data. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a smaller amount of data than expected...

The vulnerability of the System Recovery Bootloader for Windows operating systems allows attackers to circumvent existing security restrictions and enhance their privileges.

The vulnerability of the System Recovery Bootloader for Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and gain increased privileges...

CVE-2024-31841

An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem...

CVE-2024-31841

An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem...

CVE-2024-31841

An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem...

The vulnerability of the Android operating system on Pixel phones allows attackers to gain increased privileges.

The vulnerability of the Android operating system on Pixel phones exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

ROS-20240410-22

Vulnerability of chroot build environment manager for creating RPM packages Mock is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

The vulnerability in the implementation of the NETCONF protocol for Cisco IOS XE allows a attacker to elevate their privileges to the root level.

The vulnerability of the NETCONF protocol implementation in Cisco IOS XE operating systems is related to the use of an incomplete blacklist when processing input data. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level...

ROS-20240409-12

A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code Eclipse Jetty servlet container vulnerability is related to errors in processi...

PT-2024-3022 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to errors in processing input data length parameters in the Hyper-V hardware virtualization system of Windows operating systems. Exploitation of this issue may...

The vulnerability of the modular interface between web servers and web applications in Rack, related to the inefficient complexity of regular expressions, allows attackers to trigger service failures.

The vulnerability of the modular interface between web servers and web applications in Rack relates to the processing of input data, which can take an unexpected amount of time. Exploiting this vulnerability allows a malicious actor to cause service failures...

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a specific flaw in the handling of PNG files that lacks proper validation of user-supplied data, allowing a remote attacker to execute arbitrary cod...

The vulnerability of the RouterOS operating system in MikroTik routers, related to errors in processing input data, allows a hacker to cause a service failure.

The vulnerability of the RouterOS operating system for MikroTik lies in errors in processing input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted network packet...

The vulnerability of the microprogrammed software of the PowerFlex 527 variable frequency converter, related to insufficient verification of input data, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software of the PowerFlex 527 variable frequency converter is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker operating remotely to cause malfunctions in the device’s operation...

The vulnerability of the microprogrammed software of the PowerFlex 527 variable frequency converter, related to insufficient validation of input data, allows a intruder to trigger a service failure.

The vulnerability of the microprogrammed software of the PowerFlex 527 variable frequency converter is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker operating remotely to cause malfunctions in the device’s operation...

RT-Thread at_server.c file buffer overflow vulnerability

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from net/at/src/atserver.c failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...

ROS-20240328-05

Vulnerability of icmpping function of Zabbix universal monitoring system is related to errors in input data processing. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Vulnerability of the smart.disk.get edent of the Zabbix...

FreeImage FreeImage_CreateICCProfile function buffer overflow vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. FreeImage suffers from a buffer overflow vulnerability that originates from the program failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a...