Lucene search
+L

156 matches found

Positive Technologies
Positive Technologies
added 2023/02/03 12:0 a.m.7 views

PT-2025-40173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the mt7915 mcu exit routine within the mt76 and mt7915 drivers. The issue occurs when the mt7915 firmware state fails, and the memory queues are not...

5.5CVSS5.5AI score0.00143EPSS
Exploits0
CNNVD
CNNVD
added 2022/08/16 12:0 a.m.5 views

JPEGDEC 安全漏洞

JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the JPEGDecodeMCU module of the /src/jpeg.inl file...

7.8CVSS7.7AI score0.00324EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2022/06/21 10:43 a.m.10 views

mcupress.mcu.ac.th Cross Site Scripting vulnerability OBB-2660213

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/10 3:15 p.m.2 views

CVE-2022-32978

There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan...

6.5CVSS5.8AI score0.00836EPSS
Exploits1References3
Veracode
Veracode
added 2022/06/03 4:6 a.m.22 views

Buffer Overflow

libjpeg.so is vulnerable to buffer overflow. The vulnerability exists due to a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS6.3AI score0.00854EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/06/02 2:15 p.m.22 views

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS0.00854EPSS
Exploits0References2
OSV
OSV
added 2022/06/02 2:15 p.m.20 views

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS7AI score
Exploits0References2
OSV
OSV
added 2022/06/02 2:15 p.m.2 views

DEBIAN-CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS6.6AI score0.00854EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/06/02 2:15 p.m.78 views

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS6.7AI score0.00854EPSS
Exploits0References1
Prion
Prion
added 2022/06/02 2:15 p.m.13 views

Heap overflow

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

4.3CVSS6.5AI score0.00854EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/06/02 2:15 p.m.30 views

UBUNTU-CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS6.8AI score0.00854EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/05/29 4:37 p.m.89 views

CVE-2022-31796

libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...

6.5CVSS6.5AI score0.00854EPSS
Exploits0
CVE
CVE
added 2022/05/29 4:37 p.m.66 views

CVE-2022-31796

CVE-2022-31796 concerns libjpeg 1.63, where a heap-based over-read can occur in HierarchicalBitmapRequester::FetchRegion due to a mismatch between allocated MCU size and its use. The issue is triggered when MCU size differs between allocation and use in hierarchicalbitmaprequester.cpp. Impact det...

6.5CVSS6.5AI score0.00854EPSS
Exploits0References2Affected Software1
Talos
Talos
added 2022/02/01 12:0 a.m.49 views

Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested...

7.1CVSS6.3AI score0.00733EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.54 views

Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities

Summary Two denial of service vulnerabilities exist in the Modbus/SeaMAX Remote Configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger these vulnerabilities...

9.3CVSS8.4AI score0.01021EPSS
Exploits2
Talos
Talos
added 2022/02/01 12:0 a.m.95 views

Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities

Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...

10CVSS9.6AI score0.02639EPSS
Exploits2
Talos
Talos
added 2022/02/01 12:0 a.m.47 views

Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger...

7.4CVSS5.8AI score0.00489EPSS
Exploits0
Talos
Talos
added 2022/02/01 12:0 a.m.50 views

Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability

Summary A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality. Tested Versions Sealevel Systems, Inc. SeaConnect 370...

8.1CVSS7.9AI score0.00843EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.5 views

The vulnerability of the decode_mcu() function in the libjpeg-turbo library allows a attacker to compromise the accessibility of protected information.

The vulnerability of the decodemcu function in the libjpeg-turbo library is related to resource management errors. Exploiting this vulnerability allows a remote attacker to compromise the accessibility of protected information by excessive consumption of processor resources...

5.3CVSS5.5AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.18 views

The vulnerabilities of the decode_mcu() and decode_mcu_fast() functions in the libjpeg-turbo library allow a hacker to cause a service failure.

The vulnerability of the decodemcu and decodemcufast functions in the libjpeg-turbo library arises from the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure by using a specially crafted file...

7.1CVSS5.9AI score
Exploits0References3
Rows per page
Query Builder