232 matches found
SUSE CVE-2014-1736
Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value...
SUSE CVE-2014-2281
The nfsnamesnoopaddname function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service memory corruption and application crash via a crafte...
SUSE CVE-2014-7840
The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...
SUSE CVE-2014-9629
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value...
SUSE CVE-2016-5769
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...
SUSE CVE-2019-15161
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request...
openvswitch: Integer Underflow in Organization Specific TLV
A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow...
GitHub Security Lab: [CPP]: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions
Vulnerability description not provided...
CVE-2021-28510
CVE-2021-28510 affects Arista EOS: a PTP management/signaling TLV with an invalid Type-Length-Value can cause the PTP agent to restart, leading to service unavailability. Affected EOS releases include 4.27.x (4.27.1 and earlier), 4.26.x (4.26.4 and earlier), 4.25.x (4.25.6 and earlier), and 4.24....
The vulnerability of the Open vSwitch multi-level switch software, related to the loss of the significance of a whole number, allows an attacker to execute arbitrary code in the target system.
The vulnerability of the Open vSwitch multi-level switch lies in the loss of significance of a whole number during the analysis of Auto Attach TLV. Exploiting this vulnerability allows an attacker to send specially crafted LLDP messages to the vulnerable system, causing a full number of significa...
CVE-2022-4338
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch...
Open vSwitch 缓冲区错误漏洞
Open vSwitch is an open source virtual switch. Open vSwitch suffers from a buffer error vulnerability that stems from allowing an attacker to implement out-of-bounds reads in its specific TLV...
Open vSwitch 缓冲区错误漏洞
Open vSwitch is an open source virtual switch. Open vSwitch suffers from a buffer error vulnerability that stems from allowing an attacker to achieve integer underflow in its specific TLV...
CVE-2022-40757
A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...
Buffer overflow
A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...
CVE-2022-40757
CVE-2022-40757 affects Samsung mTower prior to 0.3.0, where a buffer access in TEE_MACComputeFinal with an incorrect length (messageLen) can be triggered by a trusted application, causing a Denial of Service. The issue originates in the TEE_MACComputeFinal function and is documented across multip...
CVE-2022-40760
CVE-2022-40760 affects Samsung mTower up to version 0.3.0, where a vulnerability in the TEE_MACUpdate function allows a trusted application to trigger a Denial of Service by passing an oversized chunkSize to TEE_MACUpdate. The root cause is a buffer access with an incorrect length value. Impact i...
SAMSUNG mTower 缓冲区错误漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a buffer access in its TEEMACComputeFinal function with an incorrect length value vulnerability that allows a trusted...
PT-2022-9902 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: The issue occurs when a Precision Time Protocol PTP packet with an invalid Type-Length-Value TLV is received, causing the PTP agent to restart. Repeated restarts of the service will make...
CVE-2022-26125
frrouting is vulnerable to a flaw that can cause buffer overflow through due to incorrect checks on the input packet length when processing type-length-value packets. There is high impact to availability due to the fact that the process up-time can be made unreliable...