CVE-2019-14194

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv2 case...

CVE-2019-14192

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call...

CVE-2019-14192

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call...

CVE-2019-14192

CVE-2019-14192 affects Das U-Boot up to version 2019.07, where parsing a UDP packet can trigger an unbounded memcpy due to a net_process_received_packet integer underflow during an nc_input_packet call. The issue is described as a vulnerability in U-Boot’s UDP packet handling that allows copying ...

PT-2019-13517

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered in Das U-Boot. There is an unbounded memcpy with an unvalidated length at nfs readlink reply, in the "if" block after calculating the new path length. Recommendations For...

PT-2019-13518

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered in Das U-Boot. There is an unbounded memcpy with a failed length check at nfs read reply when calling store block in the NFSv2 case. Recommendations For versions prior to...

PT-2019-13522

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered in Das U-Boot. There is an unbounded memcpy with a failed length check at nfs read reply when calling store block in the NFSv3 case. Recommendations For versions prior to...

PT-2019-13520

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered in Das U-Boot. There is an unbounded memcpy with a failed length check at nfs lookup reply. Recommendations For Das U-Boot versions prior to 2019.07, update to version...

PT-2019-13516

Name of the Vulnerable Software and Affected Versions Das U-Boot versions prior to 2019.07 Description An issue was discovered where there is an unbounded memcpy when parsing a UDP packet. This occurs due to a net process received packet integer underflow during an nc input packet call...

SweetScape 010 Editor Arbitrary Memory Overwrite Vulnerability

010 Editor is a professional text editor and hexadecimal editor for quickly and easily editing the contents of any file on your computer. An arbitrary memory overwrite vulnerability exists in SweetScape 010 Editor 9.0.1. The vulnerability stems from improper validation of parameters in the intern...

CVE-2019-12551

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function provided by the scripting engine allows an attacker to overwrite arbitrary memory, which could lead to code execution...

CVE-2019-12551

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function provided by the scripting engine allows an attacker to overwrite arbitrary memory, which could lead to code execution...

ALPINE-CVE-2019-12525

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends...

UBUNTU-CVE-2019-12525

An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends...

CVE-2017-11580

Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device coul...

Memory corruption

Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device coul...

CVE-2017-11580

Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device coul...

CVE-2017-10724

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

CVE-2018-11940

Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD...

CVE-2018-11940

CVE-2018-11940 is a Qualcomm WLAN Host vulnerability caused by a lack of length validation before memcpy in the WLAN function, leading to out-of-bounds access in multiple Snapdragon platforms (Auto/Compute/Consumer IOT/Industrial IOT, Mobile) across listed SoCs. Connected sources confirm affected...