22 matches found
EUVD-2021-12728
Malware in sbrugna...
EUVD-2024-47636
Malicious code in bioql PyPI...
CVE-2020-20247
Mikrotik RouterOs before 6.46.5 stable tree suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable...
OESA-2024-1850 arm-trusted-firmware security update
Trusted Firmware-A is a reference implementation of secure world software for Arm A-Profile architectures Armv8-A and Armv7-A, including an Exception Level 3 EL3 Secure Monitor. Security Fixes: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Renesas...
CVE-2024-6564
Buffer overflow in "rcardevinit" due to using due to using untrusted data rcarimagenumber as a loop counter before verifying it against RCARMAXBL3XIMAGE. This could lead to a full bypass of secure boot...
UBUNTU-CVE-2024-6564
Buffer overflow in "rcardevinit" due to using due to using untrusted data rcarimagenumber as a loop counter before verifying it against RCARMAXBL3XIMAGE. This could lead to a full bypass of secure boot...
PT-2024-37720 · Renesas +1 · R-Car Gen3 +1
Name of the Vulnerable Software and Affected Versions: Renesas R-Car Gen3 versions affected versions not specified Description: The issue is caused by a buffer overflow in the rcar dev init function due to the use of untrusted data rcar image number as a loop counter before verifying it against...
Denial of service due to integer overflow in loop counter
...
CVE-2021-34334 Denial of service due to integer overflow in loop counter
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop is triggered when Exiv2 is used to read the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of...
Unspecified Vulnerability in Moxa Camera VPort 06EC-2V (CNVD-2021-36216)
Moxa Camera VPort 06EC-2V is a camera device from Moxa MOXA of Taiwan, China. A security vulnerability exists in the Moxa Camera VPort 06EC-2V. An attacker can obtain compromised information by controlling a loop counter variable via a crafted lldp packet...
Moxa Camera VPort 06EC-2V 缓冲区错误漏洞
Moxa Camera VPort 06EC-2V is a camera device from Moxa MOXA of Taiwan, China. A security vulnerability exists in the Moxa Camera VPort 06EC-2V. An attacker can obtain compromised information by controlling a loop counter variable via a crafted lldp packet...
Moxa Camera VPort 06EC-2V 缓冲区错误漏洞
Moxa Camera VPort 06EC-2V is a camera device from Moxa MOXA of Taiwan, China. A security vulnerability exists in the Moxa Camera VPort 06EC-2V. An attacker can obtain compromised information by controlling a loop counter variable via a crafted lldp packet...
Mikrotik RouterOs Memory Corruption Vulnerability (CNVD-2021-49786)
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS has a memory corruption vulnerability in the /nova/bin/traceroute process. A remote attacker cou...
CVE-2020-20247
Mikrotik RouterOs before 6.46.5 stable tree suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable...
Mikrotik RouterOs 缓冲区错误漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS has a memory corruption vulnerability in the /nova/bin/traceroute process. A remote attacker cou...
MikroTik RouterOS 缓冲区错误漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. MikroTik RouterOS has a memory corruption vulnerability in the /nova/bin/traceroute process. A remote attacker cou...
openSUSE Security Update : ntp (openSUSE-2016-649)
This update for ntp fixes the following issues : - Update to 4.2.8p7 boo977446 : - CVE-2016-1547, boo977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, boo977461: Interleave-pivot - CVE-2016-1549, boo977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550,...
openSUSE Security Update : apache2-mod_fcgid (openSUSE-SU-2013:1664-1)
security issue fixed in apache2-modfcgid : loop counter handled incorrectly, leading to SEGV and 'Premature end of script headers' errors. bnc844935 CVE-2013-4365 This patch will be obsoleted by the next version update to 2.3.9 or higher. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dmp4...
Adobe Reader and Acrobat PICT Image Heap Buffer Overflow (APSB11-24; CVE-2011-2433; CVE-2011-2434)
A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an unsanitized loop counter. A remote attacker may exploit this vulnerability by enticing an unsuspecting user to open a malicious PDF document file. Successful exploitation would allo...