Wazuh 数字错误漏洞

Wazuh is Wazuh an open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A security vulnerability exists in Wazuh Manager, which originated in version 4.1.5 of Wazuh where Wazuh Manager...

Incorrect multiplication in _computeSingleOutGivenPoolIn of IndexPool

Handle broccoli Vulnerability details Impact The computeSingleOutGivenPoolIn function of IndexPool uses the raw multiplication i.e., to calculate the zaz variable. However, since both BASE - normalizedWeight and swapFee are in WAD, the mul function should be used instead to calculate the correct...

Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2021-2544)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2021-2544)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local...

EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2021-2568)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local...

EulerOS 2.0 SP2 : xorg-x11-server (EulerOS-SA-2021-2440)

According to the version of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in xorg-x11-server. An interger underflow can occur in xserver which can lead to a local privilege escalation. The highes...

EulerOS 2.0 SP2 : openldap (EulerOS-SA-2021-2415)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...

CVE-2021-1920

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-1919

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

Integer overflow

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

Integer overflow

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-1920

CVE-2021-1920 describes an integer underflow triggered by improper handling of incoming RTCP packets in Qualcomm Snapdragon platforms (Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdr...

CVE-2021-1920

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-1919

CVE-2021-1919 describes an integer underflow in Qualcomm Snapdragon video/RTCP handling where the RTCP length is smaller than the actual number of blocks, affecting Snapdragon Auto, Compute, Connectivity, Ciot, Industrial IoT, IoT, Voice & Music, Wearables and related Snapdragon lines. The vulner...

GHSA-WQ8F-46WW-6C2H Integer underflow in untrusted

A mistake in error handling in untrusted before 0.6.2 could lead to an integer underflow and panic if a user of the crate didn't properly check for errors returned by untrusted. Combination of these two programming errors one in untrusted and another by user of this crate could lead to a panic an...

Integer underflow in untrusted

A mistake in error handling in untrusted before 0.6.2 could lead to an integer underflow and panic if a user of the crate didn't properly check for errors returned by untrusted. Combination of these two programming errors one in untrusted and another by user of this crate could lead to a panic an...

Google Android August 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

The recently released Android Security Bulletin for August 2021 addresses 36 vulnerabilities, out of which 5 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, and Android System. The vulnerabilities als...

CVE-2021-1108

NVIDIA Jetson/Linux kernels contain a vulnerability in FuSa Capture (VI/ISP) where an integer underflow caused by insufficient input validation may lead to denial of service, partial integrity loss, and high confidentiality impact on all processes. The issue is locally exploitable; NVIDIA referen...

AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability

Summary A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T Labs Xmill 0...

Nexus Control Panel Buffer Overflow Vulnerability

Swisslog Healthcare Nexus Panel, a medical device from Swisslog Healthcare, is vulnerable to an integer underflow vulnerability in versions prior to Nexus Control Panel 7.2.5.7. An attacker could use this vulnerability to override the internal queue data structure, which could enable remote code...