15 matches found
Improper Handling of Length Parameter Inconsistency
Overview Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in the mergehandshakepacket process. An attacker can cause application crashes or memory corruption by sending crafted DTLS handshake fragments with inconsistent messagelength values,...
Improper Handling of Length Parameter Inconsistency
Overview Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in readGGUFString. An attacker can cause the service to become unavailable by supplying malicious GGUF metadata. Details Denial of Service DoS describes a family of attacks, all aimed ...
Jervis Has a SHA-256 Hex String Padding Bug
Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...
EUVD-2021-24897
Malware in sbrugna...
EUVD-2010-1660
Malware in sbrugna...
CVE-2025-5514 Denial-of-Service(DoS) Vulnerability in Web server function on MELSEC iQ-F Series CPU module
Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web...
CVE-2023-36481
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop...
CVE-2025-21826
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...
Denial Of Service (DoS)
gss-ntlmssp is vulnerable to Denial of Service DoS attacks. Multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service due to a 32-bit integer overflow condition and incorrect checks of consistency of length of internal buffers. This vulnerability can be triggered via...
Moderate: Red Hat Security Advisory: dbus security update
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
UBUNTU-CVE-2022-42011
An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...
CVE-2021-38445
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code...
libsrtp: buffer overflow in application of crypto profiles
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to a length inconsistency in the cryptopolicysetfromprofileforrtp and srtpprotect functions...
CVE-2020-11907
The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP...
CVE-2013-2139
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to a length inconsistency in the cryptopolicysetfromprofileforrtp and srtpprotect functions...