CVE-2022-31741

A crafted CMS message could have been processed incorrectly, leading to an invalid memory read, and potentially further memory corruption. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

CVE-2022-27625

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band OOB Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology...

ALPINE-CVE-2022-42011

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone...

IBM QRadar SIEM 输入验证错误漏洞

IBM QRadar SIEM is a U.S.-based solution from IBM that leverages security intelligence to protect assets and information from advanced threats. The solution provides monitoring of the entire scope of the IT architecture, generating detailed reports on data access and user activity, etc. A...

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX versions 7.1, 7.2, 7.3 and VIOS version 3.1 have a denial-of-service vulnerability that stems from failure to properly process incoming error messages, which can be exploited by...

The vulnerability of the NAS message processing component of the microprogramming software for 2/3/4/5G Unisoc devices allows a hacker to cause a service failure.

The vulnerability of the NAS-message processing component of microprogramming software for 2/3/4/5G Unisoc devices relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted...

Security Vulnerabilities fixed in Firefox 101 — Mozilla

A malicious website could have learned the size of a cross-origin resource that supported Range requests. A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. When exiting fullscreen mode, an iframe could have...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

thunderbird: Crafted email could trigger an out-of-bounds write

A flaw was found in Thunderbird. The vulnerability occurs due to an out-of-bounds write of one byte when processing the message. This flaw allows an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write...

[WP-H1] Transactions can be replayed when a connectedChain is removed and then reconnected

Lines of code Vulnerability details function removeConnectedChainstring memory schainName public virtual override onlyChainConnector bytes32 schainHash = keccak256abi.encodePackedschainName; requireconnectedChainsschainHash.inited, "Chain is not initialized"; delete connectedChainsschainHash;...

CVE-2021-34870

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.521.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue resul...

CVE-2021-34870

The CVE-2021-34870 vulnerability affects NETGEAR XR1000 routers (version 1.0.0.52_1.0.38). A flaw in SOAP message processing allows network-adjacent attackers to access privileged requests without authentication, leading to disclosure of stored credentials and potential further compromise. Public...

IBM WebSphere Application Server 资源管理错误漏洞

IBM WebSphere Application Server is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A denial of service vulnerability exists in IBM WebSphere Application...

CVE-2021-38875

IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 208398...

CVE-2021-38875

CVE-2021-38875 affects several IBM MQ products: IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD, allowing a denial-of-service due to an error in processing messages. Connected citations indicate IBM MQ Appliance and HPE NonStop variants also reference the issue. Impact is a DoS vulnerab...

Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)

Zoom Client is prone to an unauthorization message processing vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...

CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...