FreeBSD : FreeBSD -- Missing error handling in bhyve(8) device models (a6d5d4c1-0564-11ec-b69d-4062311215d5)

Certain VirtIO-based device models failed to handle errors when fetching I/O descriptors. Such errors could be triggered by a malicious guest. As a result, the device model code could be tricked into operating on uninitialized I/O vectors, leading to memory corruption. Impact : A malicious guest...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can...

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

CVE-2019-5051

An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

CVE-2017-2877

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication...

CVE-2017-2877

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication...

Foscam IP Video Camera devMng Multi-Camera Port 10001 Command 0x0064 Empty AuthResetKey Vulnerability(CVE-2017-2877)

Summary A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. Tested Versio...

RHEL 5 : samba3x (RHSA-2016:0613)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0613 advisory. - samba: crash in dcesrvauthbindack due to missing error check CVE-2015-5370 - samba: Man-in-the-middle attacks possible with NTLMSSP...

samba: crash in dcesrv_auth_bind_ack due to missing error check

Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server high CPU load or a crash or, possibly, execute arbitrary code with the permissions of the user running Samba root. Thi...

Huawei eSpace U2980/2990 Denial of Service Vulnerability

Huawei eSpace U2980 and U2990 are unified gateway series products. The Huawei eSpace U2980 and U2990 have a security vulnerability due to the fact that the error correction mechanism is not used in processing specific signaling packets. An attacker sending malformed packets can cause denial of...

Oracle Linux 5 : libxml2 (ELSA-2012-0017)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0017 advisory. - Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008 - Fix an off by one error in encoding CVE-2011-0216 - Fix some potential...

XSRF token broken when you edit an Issue Type Scheme

If you click the Edit link beside the currently selected Issue Type Scheme on a Project Summary page and then click Save on the next screen you get an XSRF token missing error...