OpenLDAP Invalid Pointer Release Vulnerability

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. An invalid pointer release vulnerability exists in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a slapd crash in saslAuthzTo processing...

OpenLDAP 安全漏洞

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. An invalid pointer release vulnerability exists in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a slapd crash in saslAuthzTo processing...

CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...

CVE-2019-16747

In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free leading to memory corruption and a daemon crash via a crafted incoming network message, a different vulnerability than CVE-2019-14431...

CVE-2019-16747

In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free leading to memory corruption and a daemon crash via a crafted incoming network message, a different vulnerability than CVE-2019-14431...

CVE-2019-16747

CVE-2019-16747 affects MatrixSSL before 4.2.2 Open. The DTLS server can encounter an invalid pointer free, causing memory corruption and a daemon crash via crafted network messages; this is a separate issue from CVE-2019-14431. Red Hat and related records confirm the vulnerability and point to 4....

Inside Secure MatrixSSL 缓冲区错误漏洞

MatrixSSL is an embedded, open source SSLv3 stack designed for small applications and devices. An invalid pointer release vulnerability exists in the DTLS server in versions prior to MatrixSSL 4.2.2 Open. An attacker could exploit this vulnerability via specially crafted incoming network messages...

CVE-2020-24340

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in picomdnshandledataasanswersgeneric in picomdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the...

CVE-2020-24340

The CVE-2020-24340 issue affects picoTCP/picoTCP-NG (through 1.7.0) in the DNS response processing code path pico_mdns_handle_data_as_answers_generic() in pico_mdns.c, where it fails to validate that the header’s number of DNS answers matches the actual packet data. This can cause an out-of-bound...

Denial Of Service (DoS)

gpac is vulnerable to denial of serviceDoS. The vulnerability exists in the gflistcount in utils/list.c due to an invalid pointer dereference, allowing a malicious user to crash the application via a crafted MP4 file...

SonicWALL SonicOS Denial of Service Vulnerability

SonicOS is SonicWALL's proprietary operating system and firmware for SonicWALL firewall appliances. A denial of service vulnerability exists in the SSLVPN service in SonicWALL SonicOS that originates from the release of an invalid pointer, which can be exploited by an attacker to cause the firewa...

CVE-2020-5139

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...

Code injection

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3,...

kernel: sg_write function lacks an sg_remove_request call in a certain failure case

A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...

CVE-2020-8715

Invalid pointer for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access...

CVE-2020-8715

Invalid pointer for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access...

CVE-2020-13432

rejetto HFS aka HTTP File Server v2.3m Build 300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers...

CVE-2020-13432

rejetto HFS aka HTTP File Server v2.3m Build 300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers...

Design/Logic Flaw

rejetto HFS aka HTTP File Server v2.3m Build 300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers...

CVE-2020-13432

rejetto HFS aka HTTP File Server v2.3m Build 300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers...