MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability

Summary A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. Tested...

CVE-2020-4931

IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747...

Squid < 4.9 Multiple Vulnerabilities

According to its self-reported version number, the version of Squid installed on the remote host is prior to 4.9. It is, therefore, affected by multiple vulnerabilities: - A heap overflow and possible a remote code execution exist due to incorrect buffer management when processing URN...

SolarWinds Orion Platform < 2020.2.4 Multiple Vulnerabilities

According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.4. It is, therefore, affected by multiple vulnerabilities: - The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ Microsoft Message Queue and doesn't set permissions ...

SolarWinds Orion Platform < 2019.4.2 Remote Code Execution

The Collector Service in SolarWinds Orion Platform before 2019.4.2 uses MSMQ Microsoft Message Queue and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon...

Huawei Taurus-AL00A Resource Management Error Vulnerability

Huawei Taurus-AL00A is a smartphone from Huawei of China.Huawei Taurus-AL00A is vulnerable to a resource management error. A module fails to properly process a message, and a function references freed memory. An attacker could use this vulnerability to trick a user into running a carefully...

CVE-2020-11131

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM925...

Integer overflow

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM925...

Huawei 4G Router B612 Message Handling Denial of Service Vulnerability

Huawei 4G Router B612 is a 4G router device. A null pointer reference vulnerability exists in the processing message parameters of the Huawei 4G Router B612, which allows remote attackers to exploit the vulnerability to submit a special request that could crash the application and cause a denial ...

Huawei P30 Pro Buffer Overflow Vulnerability (CNVD-2020-48584)

Huawei P30 Pro is a smartphone from Chinese company Huawei Huawei. A buffer overflow vulnerability exists in a module in versions prior to Huawei P30 Pro 10.1.0.160 C00E160R2P8, which stems from a function of the module missing a specific checksum when processing messages sent by other modules. A...

[SECURITY] Fedora 32 Update: botan2-2.14.0-1.fc32

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

CVE-2020-9818

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. Recent assessments: Assessed...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

Security Bulletin: IBM MQ and IBM MQ Appliance are vulnerable to a denial of service attack caused by an abend while processing messages. (CVE-2019-4560)

Summary An issue was found within the IBM MQ message processing code that results in an abend while processing a message that was placed on a queue using MQPUT. An attacker could use this to execute a denial of service attack on a queue manager. Vulnerability Details CVEID: CVE-2019-4560...

Debian DLA-2028-1 : squid3 security update

It was found that Squid, a high-performance proxy caching server for web clients, has been affected by the following security vulnerabilities. CVE-2019-12526 URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

Code injection

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...