156 matches found
PT-2025-40173
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the mt7915 mcu exit routine within the mt76 and mt7915 drivers. The issue occurs when the mt7915 firmware state fails, and the memory queues are not...
JPEGDEC 安全漏洞
JPEGDEC is a JPEG decoder optimized for Arduino by the individual developer Larry Bank. JPEGDEC suffers from a security vulnerability that originates from a global buffer overflow in the JPEGDecodeMCU module of the /src/jpeg.inl file...
mcupress.mcu.ac.th Cross Site Scripting vulnerability OBB-2660213
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-32978
There is an assertion failure in SingleComponentLSScan::ParseMCU in singlecomponentlsscan.cpp in libjpeg before 1.64 via an empty JPEG-LS scan...
Buffer Overflow
libjpeg.so is vulnerable to buffer overflow. The vulnerability exists due to a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
DEBIAN-CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
Heap overflow
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
UBUNTU-CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
CVE-2022-31796
libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use...
CVE-2022-31796
CVE-2022-31796 concerns libjpeg 1.63, where a heap-based over-read can occur in HierarchicalBitmapRequester::FetchRegion due to a mismatch between allocated MCU size and its use. The issue is triggered when MCU size differs between allocation and use in hierarchicalbitmaprequester.cpp. Impact det...
Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability
Summary An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested...
Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities
Summary Two denial of service vulnerabilities exist in the Modbus/SeaMAX Remote Configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger these vulnerabilities...
Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities
Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...
Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability
Summary An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger...
Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability
Summary A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality. Tested Versions Sealevel Systems, Inc. SeaConnect 370...
The vulnerability of the decode_mcu() function in the libjpeg-turbo library allows a attacker to compromise the accessibility of protected information.
The vulnerability of the decodemcu function in the libjpeg-turbo library is related to resource management errors. Exploiting this vulnerability allows a remote attacker to compromise the accessibility of protected information by excessive consumption of processor resources...
The vulnerabilities of the decode_mcu() and decode_mcu_fast() functions in the libjpeg-turbo library allow a hacker to cause a service failure.
The vulnerability of the decodemcu and decodemcufast functions in the libjpeg-turbo library arises from the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure by using a specially crafted file...