CVE-2021-21778

A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability...

Unspecified Vulnerability in HCC Embedded InterNiche (CNVD-2021-59224)

HCC Embedded InterNiche is a newsletter software. A security vulnerability exists in the HCC Embedded InterNiche stack and NicheLite, which stems from the TFTP message processing feature that does not guarantee that filenames end in null, and can be exploited by an attacker to cause a denial of...

EulerOS 2.0 SP3 : squid (EulerOS-SA-2021-1852)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when...

F5 BIG-IP 资源管理错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A resource management error vulnerability exists in BIG-IP, which arises from an application not properly controlling the...

CVE-2021-22330

There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131C00E130R1P21 when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input paramete...

MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability

Summary A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. Tested...

CVE-2020-4931

IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747...

Squid < 4.9 Multiple Vulnerabilities

According to its self-reported version number, the version of Squid installed on the remote host is prior to 4.9. It is, therefore, affected by multiple vulnerabilities: - A heap overflow and possible a remote code execution exist due to incorrect buffer management when processing URN...

SolarWinds Orion Platform < 2019.4.2 Remote Code Execution

The Collector Service in SolarWinds Orion Platform before 2019.4.2 uses MSMQ Microsoft Message Queue and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon...

SolarWinds Orion Platform < 2020.2.4 Multiple Vulnerabilities

According to its self-reported version number, the version of SolarWinds Orion Platform is prior to 2020.2.4. It is, therefore, affected by multiple vulnerabilities: - The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ Microsoft Message Queue and doesn't set permissions ...

Huawei Taurus-AL00A Resource Management Error Vulnerability

Huawei Taurus-AL00A is a smartphone from Huawei of China.Huawei Taurus-AL00A is vulnerable to a resource management error. A module fails to properly process a message, and a function references freed memory. An attacker could use this vulnerability to trick a user into running a carefully...

CVE-2020-11131

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM925...

Integer overflow

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM925...

The vulnerability of Microsoft Exchange Server servers, related to errors in message processing, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Microsoft Exchange Server is related to errors in message processing. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Huawei 4G Router B612 Message Handling Denial of Service Vulnerability

Huawei 4G Router B612 is a 4G router device. A null pointer reference vulnerability exists in the processing message parameters of the Huawei 4G Router B612, which allows remote attackers to exploit the vulnerability to submit a special request that could crash the application and cause a denial ...

Huawei P30 Pro Buffer Overflow Vulnerability (CNVD-2020-48584)

Huawei P30 Pro is a smartphone from Chinese company Huawei Huawei. A buffer overflow vulnerability exists in a module in versions prior to Huawei P30 Pro 10.1.0.160 C00E160R2P8, which stems from a function of the module missing a specific checksum when processing messages sent by other modules. A...

[SECURITY] Fedora 32 Update: botan2-2.14.0-1.fc32

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

CVE-2020-9818

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5. Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. Recent assessments: Assessed...

CVE-2019-18677

An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with hostname length restrictions. Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be...

The vulnerability of the BIND DNS server, related to incorrect processing of messages containing certain combinations of EDNS options, allows attackers to trigger a service failure.

The vulnerability of the BIND DNS server is related to the improper processing of messages that contain certain combinations of EDNS options. Exploiting this vulnerability allows a remote attacker to cause service failures...