1177 matches found
PT-2024-27179 · Libmodbus +2 · Libmodbus +2
Name of the Vulnerable Software and Affected Versions: libmodbus version 3.1.6 Description: The issue is related to an invalid pointer in the modbus receive function, which allows attackers to cause a Denial of Service DoS via a crafted message sent to the unit-test-server. Recommendations: For...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an object overflow that results in an invalid pointer value...
CVE-2023-52852
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: memcpy+0x128/0x250 f2fsreadmultipages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the JFSIP function returning an invalid pointer when ipimap is null...
FreeBSD : qt6-base (core module) -- Invalid pointer in QStringConverter (e79cc4e2-12d7-11ef-83d8-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e79cc4e2-12d7-11ef-83d8-4ccc6adda413 advisory. - Andy Shaw reports: QStringConverter has an invalid pointer being passed as a callback which can allow...
Security advisory: QStringConverter
QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack and has been assigned the CVE id CVE-2024-33861. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable...
qt6-base (core module) -- Invalid pointer in QStringConverter
Andy Shaw reports: QStringConverter has an invalid pointer being passed as a callback which can allow modification of the stack. Qt itself is not vulnerable to remote attack however an application using QStringDecoder either directly or indirectly can be vulnerable. This requires: the attacker be...
DEBIAN-CVE-2022-48652
In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 "ice: ethtool: Prohibit improper channel config for DCB" already disallow setti...
CVE-2022-48652
In CVE-2022-48652, the Linux kernel ICE driver fixes a crash when TC/channels are updated beyond allocated queues. The issue occurred when less queues were configured than TCs and later more TCs were added (e.g., via LLDP), leaving dirty num_txq/rxq and tc_cfg in the VSI and risking invalid point...
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
Talos Vulnerability Report TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability April 18, 2024 CVE Number CVE-2023-51391 SUMMARY An invalid pointer dereference vulnerability exists in the HTTP server header parsing functionality of Silic...
CVE-2023-51391
A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service...
CVE-2023-51391 Micrium OS Network uC-HTTP server header parsing invalid pointer dereference vulnerability
A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service...
CVE-2023-51391
CVE-2023-51391 affects Silicon Labs Gecko Platform (Micrium OS) HTTP server header parsing. Talos details an invalid pointer dereference in HTTP header value parsing (HTTPsReq_HdrParseValGet) within Gecko Platform 4.3.2.0, triggered by a crafted network packet, leading to a denial of service via ...
Micrium OS Network HTTP Server 安全漏洞
Micrium OS Network HTTP Server is an application from Micrium Corporation, USA. A security vulnerability exists in Micrium OS Network HTTP Server that stems from the presence of an invalid pointer dereference, resulting in a device crash and a denial of service DOS attack...
PUB-A-299946700
In TBD of TBD, there is a possible invalid pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CentOS 9 : libtiff-4.4.0-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-5.el9 build changelog. - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that...
Siemens SCALANCE OpenSSL NULL Pointer Dereference (CVE-2023-0217)
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...
Open5GS Denial of Service Vulnerability (CNVD-2023-96086)
Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.4.10 and earlier due to an invalid pointer release flaw in the ogssbimessagefree function, which can be exploited by an attacker ...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive informatio...
CVE-2023-4883
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF Virtual Network Function, and triggering the ogssbimessagefree function, which could cause a...