16 matches found
CVE-2026-45685 OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetr...
UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis
We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...
BIT-VALKEY-2021-41099 Integer overflow issue with strings in Redis
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
BIT-KEYDB-2021-41099 Integer overflow issue with strings in Redis
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
BIT-REDIS-2021-41099 Integer overflow issue with strings in Redis
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
redis: Integer overflow issue with strings
An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...
redis: Integer overflow issue with strings
An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...
redis: Integer overflow issue with strings
An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...
CVE-2021-41099
An integer overflow issue was found in redis in the underlying string library. The vulnerability involves changing the default "proto-max-bulk-len" configuration parameter to a very large value and constructing specially crafted network payloads or commands. This flaw allows a remote attacker to...
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
Integer overflow
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
CVE-2021-41099 Integer overflow issue with strings in Redis
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...
redis -- multiple vulnerabilities
The Redis Team reports: CVE-2021-41099 Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured. CVE-2021-32762 Integer to heap buffer overflow issue in redis-cli and redis-sentinel parsing large multi-bulk replies on so...
Chargen Probe Utility
Chargen is a debugging and measurement tool and a character generator service. A character generator service simply sends data without regard to the input. Chargen is susceptible to spoofing the source of transmissions as well as use in a reflection attack vector. The misuse of the testing featur...