FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerability: Integer Underflow 2. RISK EVALUATION Successful exploitation of this vulnerability could cause execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...

CVE-2021-28362

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...

Integer overflow

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...

CVE-2021-28362

An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked with respec...

Contiki 数字错误漏洞

Contiki is an open source cross-platform operating system for IoT Internet of Things devices. A security vulnerability exists in Contiki through 3.0, which stems from a variable that is prone to integer underflow, which can construct an invalid extension header that can lead to memory leakage...

Fedora 33 : kernel (2021-e49da8a226)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-e49da8a226 advisory. - An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer...

CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

UBUNTU-CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

OPENSUSE-SU-2021:0408-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. - bsc1182411 CVE-2020-36229 - ldapX509dn2bv crash in the X.509 DN parsing in adkeystring, resulting...

Security update for openldap2 (important)

openSUSE Security Update: Security update for openldap2 Announcement ID: openSUSE-SU-2021:0408-1 Rating: important References: 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419 1182420 Cross-References: CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224...

Rust Number Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in bam crate before 0.1.3 for Rust, which stems from an integer underflow and out-of-bounds write during loading of a bgzip block, no details of the vulnerability are provided at...

(0Day) Fatek Automation PLC WinProladder PWD File Parsing Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation PLC WinProladder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

EulerOS Virtualization 3.0.2.6 : gdk-pixbuf2 (EulerOS-SA-2021-1433)

According to the versions of the gdk-pixbuf2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault...

EulerOS Virtualization 3.0.6.6 : gdk-pixbuf2 (EulerOS-SA-2021-1475)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation faul...

SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2021:0723-1)

This update for openldap2 fixes the following issues : bsc1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. bsc1182411 CVE-2020-36229 - ldapX509dn2bv crash in the X.509 DN parsing in adkeystring, resulting in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : xorg-x11-server Multiple Vulnerabilities (NS-SA-2021-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xorg-x11-server packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases...

CVE-2021-28027

An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block...

CVE-2021-28027

An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block...

CVE-2021-28027

The CVE-2021-28027 issue affects the bam crate for Rust prior to version 0.1.3, where loading a bgzip block can trigger an integer underflow and an out-of-bounds write in the internal buffer. This is caused by how block_size and related constants are used to set the buffer length, allowing memory...

CVE-2021-28027

An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block...