Lucene search
K

6 matches found

OSV
OSV
added 2023/07/20 2:49 p.m.26 views

CVE-2022-2127 Samba: out-of-bounds read in winbind auth_crap

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

5.9CVSS6.7AI score0.0153EPSS
Exploits0References15
Prion
Prion
added 2023/05/02 9:15 p.m.23 views

Buffer overflow

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...

2.6CVSS5.8AI score0.0047EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/05/02 12:0 a.m.44 views

CVE-2023-27892

CVE-2023-27892 affects ShapeShift KeepKey hardware wallet firmware prior to 7.7.0. It stems from insufficient length checks that allow a global buffer overflow via crafted messages. The issue involves flaws in cf_confirmExecTx() within ethereum_contracts.c, which can reveal arbitrary microcontrol...

5.7CVSS5.7AI score0.0047EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/05/02 12:0 a.m.41 views

CVE-2023-27892

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...

3.8CVSS6AI score0.0047EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/05/06 11:1 a.m.41 views

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

9.2AI score0.02497EPSS
Exploits1References4
CVE
CVE
added 2021/05/06 11:1 a.m.45 views

CVE-2021-31616

CVE-2021-31616 affects ShapeShift KeepKey hardware wallet firmware prior to 7.1.0. The issue is a stack buffer overflow caused by insufficient length checks in the ethereum_extractThorchainSwapData() function within ethereum.c, which can be triggered by crafted messages and is reachable remotely ...

8.8CVSS8.9AI score0.02497EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder