PT-2023-33049 · Unknown · Netresearch/Jsonmapper +1

Name of the Vulnerable Software and Affected Versions: PocketMine-MP versions prior to 4.20.5 PocketMine-MP versions prior to 4.21.1 Description: An attacker could crash PocketMine-MP by sending malformed JSON in the LoginPacket. This issue occurred due to a bug in the netresearch/jsonmapper...

PocketMine MP vulnerable to uncontrolled resource consumption via mismatched type of 'InventoryTransactionPacket'

Impact A "mismatch" type InventoryTransactionPacket is sent by the client to request a resync of all currently open inventories. Since PocketMine-MP does not rate-limit these "mismatch" transactions, and the syncing of inventories is not deferred until, e.g. the end of the current tick, they can ...

PT-2023-32972 · Unknown · Pocketmine-Mp

Name of the Vulnerable Software and Affected Versions: PocketMine-MP versions prior to 4.18.0-ALPHA2 Description: The issue arises from the client sending a "mismatch" type InventoryTransactionPacket to request a resync of all currently open inventories. Since PocketMine-MP does not rate-limit...

UBUNTU-CVE-2023-31623

An issue in the mpboxcopy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

Virtuoso Open-Source Edition SQL注入漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.9, which ste...

CVE-2023-31983

A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NSv4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations...

PT-2023-9527 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box copy component and involves improper neutralization of special elements used in SQL commands. This can be exploited by attackers to cause a Denial of...

PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...

Ricoh MP C4504ex 安全漏洞

The Ricoh MP C4504ex is a printer from Ricoh Japan. A security vulnerability exists in the Ricoh MP C4504ex version 1.06, which stems from an incorrect processing credentials flow...

SUSE CVE-2007-1995

bgpd/bgpattr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MPREACHNLRI and MPUNREACHNLRI attributes, which allows remote attackers to cause a denial of service daemon crash or exit via crafted UPDATE messages that trigger an assertion...

SUSE CVE-2016-1938

The smpdiv function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the 1 mpdiv or 2...

SUSE CVE-2017-14411

A stack-based buffer overflow was discovered in copymp in interface.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an out-of-bounds write, which leads to remote denial of service or possibly code execution...

SUSE CVE-2020-21678

A global buffer overflow in the genmpwritefontmacrolatex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into mp format...

CVE-2023-24552

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to t...

Denial Of Service (DoS)

pocketmine/pocketmine-mp is vulnerable to Denial of Service DoS. The vulnerability due to large modal form responses which causes the server to spend a significant amount of time processing the packet leading to an application crash...

GSD-2023-1001334 s390/ctcm: Fix return type of ctc{mp,}m_tx()

s390/ctcm: Fix return type of ctcmp,mtx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001009 s390/ctcm: Fix return type of ctc{mp,}m_tx()

s390/ctcm: Fix return type of ctcmp,mtx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GHSA-7M9R-RQ9J-WMMH PocketMine-MP vulnerable to denial-of-service by sending large modal form responses

Impact Due to a workaround for an old client bug which has since been fixed, very large JSON payloads in ModalFormResponsePacket were able to cause the server to spend a significant amount of time processing the packet. Large numbers of these packets were able to hog CPU time so as to prevent the...

PocketMine-MP vulnerable to denial-of-service by sending large modal form responses

Impact Due to a workaround for an old client bug which has since been fixed, very large JSON payloads in ModalFormResponsePacket were able to cause the server to spend a significant amount of time processing the packet. Large numbers of these packets were able to hog CPU time so as to prevent the...

GHSA-WQQV-JCFR-9F5G PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash

Impact DyeColorIdMap-fromId did not account for the possibility that it might be given invalid input. This means that an undefined offset error would occur whenever this happened. This code is indirectly called during Banner-deserializeCompoundTag, which is invoked when deserializing any item NBT...