PT-2022-18452 · Meta · Whatsapp

Name of the Vulnerable Software and Affected Versions: WhatsApp affected versions not specified Description: An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file. Recommendations: At the moment, there is no information about a newer version...

PT-2024-8457 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an integer underflow in the nf tables addchain function, which can lead to a denial of service. The problem occurs because nf tables chain destroy after nft...

Denial Of Service (DoS)

fis-gtm is vulnerable to denial of service. The vulnerability exists due to an integer underflow of the size of calls to memset in opfnj3 in srport/opfnj3.c which allows an attacker to cause a segmentation fault and crash the application using crafted input...

EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2022-2318)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap dat...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

CVE-2021-31956 pretty stable exploit on win10 20h2...

Softing Secure Integration Server Content-Length Integer Underflow Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the Content-Length HTTP header. The...

SUSE SLED12 / SLES12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2022:2836-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2836-1 advisory. - ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. NOTE: the...

CVE-2022-2335 Softing Secure Integration Server Integer Underflow

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

CVE-2022-2335 Softing Secure Integration Server Integer Underflow

A crafted HTTP packet with a -1 content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22...

SUSE-SU-2022:2836-1 Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issues: Updated to version 2022.5.17 bsc1199978: - CVE-2022-30783: Fixed an issue where messages between NTFS-3G and the kernel could be intercepted when using libfuse-lite. - CVE-2022-30784: Fixed a memory exhaustion issue when opening a craft...

EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2022-2221)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap dat...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-2242)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap dat...

GLSA-202208-25 : Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-25 Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details...

PT-2022-4155 · Schneider Electric · Modicon Quantum/Premium +4

Name of the Vulnerable Software and Affected Versions: Modicon M340 CPU versions V3.40 and prior Modicon M580 CPU versions V3.22 and prior Legacy Modicon Quantum/Premium All Versions Modicon Momentum MDI 171CBU All Versions Modicon MC80 BMKC80 versions V1.7 and prior Description: A CWE-191: Integ...

QA Report

Prevent possible future storage collisions The target action contracts of MIMOProxy.sol use storage slot 0 for immutable addresses, which doesn't currently pose an issue; however, if in future additional contracts are added which allow this slot in storage to be modified then it could open the...

Ubuntu 16.04 ESM : NTFS-3G vulnerabilities (USN-5463-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5463-2 advisory. USN-5463-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Oracle MySQL Cluster Data Node Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

grub2: Integer underflow in grub_net_recv_ip4_packets

A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...

Important: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update [ovirt-4.5.1]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

RHEL 8 : Red Hat Virtualization security, update [ovirt-4.5.1] (Important) (RHSA-2022:5678)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5678 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...