IBM QRadar SIEM 输入验证错误漏洞

IBM QRadar SIEM is a U.S.-based solution from IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides monitoring of the entire scope of the IT architecture, generating detailed reports on data access and user activity, etc. A...

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX versions 7.1, 7.2, 7.3 and VIOS version 3.1 have a denial-of-service vulnerability that stems from failure to properly process incoming error messages, which can be exploited by...

Security Vulnerabilities fixed in Firefox 101 — Mozilla

A malicious website could have learned the size of a cross-origin resource that supported Range requests. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. When exiting fullscreen mode, an iframe could have...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

[WP-H1] Transactions can be replayed when a connectedChain is removed and then reconnected

Lines of code Vulnerability details function removeConnectedChainstring memory schainName public virtual override onlyChainConnector bytes32 schainHash = keccak256abi.encodePackedschainName; requireconnectedChainsschainHash.inited, "Chain is not initialized"; delete connectedChainsschainHash;...

CVE-2021-34870

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.521.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue resul...

CVE-2021-34870

The CVE-2021-34870 vulnerability affects NETGEAR XR1000 routers (version 1.0.0.52_1.0.38). A flaw in SOAP message processing allows network-adjacent attackers to access privileged requests without authentication, leading to disclosure of stored credentials and potential further compromise. Public...

IBM WebSphere Application Server 资源管理错误漏洞

IBM WebSphere Application Server is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A denial of service vulnerability exists in IBM WebSphere Application...

CVE-2021-38875

IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 208398...

CVE-2021-38875

CVE-2021-38875 affects several IBM MQ products: IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD, allowing a denial-of-service due to an error in processing messages. Connected citations indicate IBM MQ Appliance and HPE NonStop variants also reference the issue. Impact is a DoS vulnerab...

Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)

Zoom Client is prone to an unauthorization message processing vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...

CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...

CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...

Unspecified Vulnerability in HCC Embedded InterNiche (CNVD-2021-59224)

HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in the HCC Embedded InterNiche stack and NicheLite, which stems from the TFTP message processing feature that does not guarantee that filenames end in null, and can be exploited by an attacker to cause a denial of...

EulerOS 2.0 SP3 : squid (EulerOS-SA-2021-1852)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when...

F5 BIG-IP 资源管理错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A resource management error vulnerability exists in BIG-IP, which arises from an application not properly controlling the...

CVE-2021-22330

There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131C00E130R1P21 when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input paramete...