CVE-2021-33536

In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can...

CVE-2021-33536

In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can...

CVE-2021-33536 WEIDMUELLER: WLAN devices affected by Denial-of-Service vulnerability

In Weidmueller Industrial WLAN devices in multiple versions an exploitable denial-of-service vulnerability exists in ServiceAgent functionality. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can...

CVE-2021-33536

The CVE-2021-33536 issue affects Weidmueller Industrial WLAN devices, specifically in the ServiceAgent component. A vulnerability in multiple versions allows an unauthenticated attacker to send a specially crafted packet that triggers an integer underflow, leading to a large memcpy and access to ...

YearnV2YieldSource wrong subtraction in withdraw

Handle cmichel Vulnerability details YearnV2YieldSource.withdrawFromVault uses a wrong subtraction. When withdrawing from the vault one redeems yTokens for tokens, thus the token balance of the contract should increase after withdrawal. But the contract subtracts the currentBalance from the...

SUSE SLES11 Security Update : xorg-x11-server (SUSE-SU-2020:14475-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14475-1 advisory. - A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap- buffer overflow may lead to a privileg...

SUSE: Security Advisory (SUSE-SU-2014:0023-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0051-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

apport is vulnerable to denial of service. The vulnerability exists due to an integer underflow in memcpy...

GLSA-202105-03 : GPT fdisk: Integer underflow

The remote host is affected by the vulnerability described in GLSA-202105-03 GPT fdisk: Integer underflow It was discovered that ReadLogicalParts function in basicmbr.cc was missing a bounds check. Impact : A local attacker could entice a user to insert a malicious formatted block device USB stic...

GPT fdisk: Integer underflow

Background GPT fdisk consisting of the gdisk, cgdisk, sgdisk, and fixparts programs is a set of text-mode partitioning tools for Linux, FreeBSD, Mac OS X, and Windows. Description It was discovered that ReadLogicalParts function in basicmbr.cc was missing a bounds check. Impact A local attacker...

Amazon Linux AMI : xorg-x11-server (ALAS-2021-1502)

It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1502 advisory. A flaw was found in xorg-x11-server. An interger underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and...

Oracle Linux 7 : xorg-x11-server (ELSA-2021-2033)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2033 advisory. 1.20.4-16 - CVE fix for: CVE-2021-3472 1944956 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation

A flaw was found in xorg-x11-server. An interger underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CentOS 8 : userspace graphics, xorg-x11, and mesa (CESA-2021:1804)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1804 advisory. - libX11: Heap overflow in the X input method client CVE-2020-14344 - xorg-x11-server: Out-of-bounds access in XkbSetNames function CVE-2020-14345 -...

xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability

A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

xorg-x11-server: Integer underflow in the X input extension protocol

A flaw was found in xorg-x11-server. A integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability

A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

RLSA-2021:1804 Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Mesa provides a 3D graphics API that is compatible with Open Graphics Library OpenGL. It also provides hardware-accelerated...

EulerOS 2.0 SP5 : openldap (EulerOS-SA-2021-1906)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via ...