CVE-2020-13432

The CVE-2020-13432 entry concerns rejetto HFS (HTTP File Server) v2.3m Build 300. The connected docs confirm a remote buffer overflow that, under concurrent HTTP requests with long URIs or long headers, can trigger an invalid-pointer write access violation in hfs.exe, effectively enabling remote ...

HFS Http File Server 2.3m Build 300 Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HFS-HTTP-FILE-SERVER-v2.3-REMOTE-BUFFER-OVERFLOW-DoS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.rejetto.com Product HFS Http File Server v2.3m Build 300...

CVE-2020-9098

Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot...

Design/Logic Flaw

Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot...

CVE-2020-9098

The CVE-2020-9098 issue affects Huawei OceanStor 5310 with V500R007C60SPC100, where an invalid pointer access occurs due to insufficient validation of certain parameters. The vulnerability can be triggered by malformed network packets and, if exploited, may cause the device to reboot. Huawei’s se...

CVE-2020-9098

Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot...

Security Advisory - Invalid Pointer Access Vulnerability in Huawei OceanStor Product

There is an invalid pointer access vulnerability in Huawei OceanStor 5310 product. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot. Vulnerability ID: HWPSIRT-2020-02002...

Denial Of Service (DoS)

boost is vulnerable to denial of service. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker able to make an application using the Boost library process a specially-crafted regular expression could cause...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19925, CVE-2019-19645, CVE-2019-19924, CVE-2019-19923, CVE-2019-19880, CVE-2019-19646, CVE-2019-19926)

Summary SQLite is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2019-19925 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of a NULL pathname in the zipfileUpdate function in ext/misc/zipfile.c. By sending a specially-crafted request, a...

Release of Invalid Pointer or Reference

An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...

GPAC Invalid Pointer Dereference Vulnerability (CNVD-2020-19877)

GPAC is a multimedia framework for rich media and distributed under the LGPL license. An invalid pointer dereference vulnerability exists in gflistcount in utils/list.c in libgpac.a in versions of GPAC prior to 0.8.0. An attacker can exploit this vulnerability to cause a denial of service via a...

CVE-2019-20632

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in odf/descprivate.c that can cause a denial of service via a crafted MP4 file...

CVE-2019-20632

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in odf/descprivate.c that can cause a denial of service via a crafted MP4 file...

Null pointer dereference

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gflistcount in utils/list.c that can cause a denial of service via a crafted MP4 file...

CVE-2019-20631

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gflistcount in utils/list.c that can cause a denial of service via a crafted MP4 file...

CVE-2019-20631

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gflistcount in utils/list.c that can cause a denial of service via a crafted MP4 file...

CVE-2019-20632

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gfodfdeletedescriptor in odf/descprivate.c that can cause a denial of service via a crafted MP4 file...

CVE-2019-20632

GPAC libgpac.a (GPAC) before 0.8.0 contains an invalid pointer dereference in gf_odf_delete_descriptor (odf/desc_private.c) that can cause denial of service when processing a crafted MP4 file. This affects MP4Box as demonstrated in GPAC, with CVE-2019-20632 reported across multiple sources (RH, N...

EulerOS Virtualization for ARM 64 3.0.2.0 : cairo (EulerOS-SA-2020-1260)

According to the versions of the cairo packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Cairo is a 2D graphics library designed to provide high-quality display and print output. Currently supported output...

CVE-2020-1877

NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause...