1716 matches found
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-2571)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GSD-2022-1006561 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.71 by commit...
GSD-2022-1006477 wireguard: netlink: avoid variable-sized memcpy on sockaddr
wireguard: netlink: avoid variable-sized memcpy on sockaddr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0 by commit...
PT-2022-34777 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: The issue concerns a potential security vulnerability in the Linux Kernel related to the wireguard netlink, specifically involving a variable-sized memcpy on sockaddr. The actual impact and...
PT-2022-36673 · Git +1 · Sleuthkit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type known as Memcpy-param-overlap. The crash state involves several function calls, including tsk fs load file action, t...
PT-2022-34817 · Wireguard +1 · Wireguard +1
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.71 Description: The issue concerns a potential security vulnerability in the netlink component of WireGuard, related to a variable-sized memcpy on sockaddr. The actual impact and attack plausibility have n...
The vulnerability of the `sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S` component of the GNU C Library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S component of the GNU C Library is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its...
CVE-2022-2970
MZ Automation's libIEC61850 versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code...
SWFTools 缓冲区错误漏洞
SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from the discovery of a contained heap buffer overflow via the asanmemcpy function in...
Denial Of Service (DoS)
fis-gtm is vulnerable to denial of service. The vulnerability exists due to lack of parameter validation in calls to memcpy in strtok in srunix/ztimeoutroutines.c which allows attackers to attempt to read from a NULL pointer...
CVE-2022-39063
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...
Server side request forgery (ssrf)
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...
CVE-2022-39063
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the fteidlen from incoming message, and then uses it to copy data from incoming message to struct fteid without...
Open5GS 安全漏洞
Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.4.9 and earlier, which stems from the fact that if pdi.localfteid.len exceeds the maximum length of the fteid structure, memcpy overwrites...
PT-2022-4739 · Unknown +1 · Libiec61850 +1
Name of the Vulnerable Software and Affected Versions: libIEC61850 versions 1.4 and prior libIEC61850 version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e Description: The issue is related to the library not sanitizing input before using memcpy, which could allow an attacker to...
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
...
Buffer Overflow
fis-gtm:sid is vulnerable to buffer overflow.The vulnerability exists due improper configuration of buffer size which allows an attacker to crash the system via memcpy call...
Buffer Overflow
fis-gtm:sid is vulnerable to buffer overflow. An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is...
CVE-2022-35020
Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component interceptormemcpy at /sanitizercommon/sanitizercommoninterceptors.inc...
DEBIAN-CVE-2022-35020
Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component interceptormemcpy at /sanitizercommon/sanitizercommoninterceptors.inc...