CVE-2021-22545

CVE-2021-22545 : Multiple sources document a vulnerability in BinDiff that can be triggered by crafting a specific IdaPro *.i64 file, causing the BinDiff plugin to load an invalid memory offset and potentially allow an attacker to control the instruction pointer to execute arbitrary code. Root ca...

CVE-2021-22545 Use-after-free in BinDiff

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

BinDiff 资源管理错误漏洞

BinDiff is a tool for binary file analysis and comparison. A security vulnerability exists in BinDiff that can be exploited by an attacker to create a specific IdaPro .i64 file will cause the BinDiff plugin to load an invalid memory offset. The vulnerability can be exploited by an attacker to tak...

kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run

A flaw was found in the Linux kernel. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability...

CVE-2021-21281

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data...

CVE-2021-21281

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data...

CVE-2021-21281 Buffer overflow due to unvalidated TCP data offset

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data...

Information Disclosure

bluez is vulnerable to information disclosure. The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the offset variable before using it as an index into an array for reading...

GLPI 9.4.5 - Remote Code Execution (RCE)

Exploit Title: GLPI 9.4.5 - Remote Code Execution RCE Exploit Author: Brian Peters Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: | grep "CREATE TABLE" | grep -n wifinetworks Update the offsettable value with this number in the...

DEBIAN-CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

UBUNTU-CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

BlueZ 缓冲区错误漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. BlueZ suffers from a buffer overflow vulnerability that stems from the clifeatreadcb function in src/gatt-database.c failing to perform a bounds check on the...

ALPINE-CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data...

DEBIAN-CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data...

CVE-2021-28678

An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data...

GSD-2021-1000054 tools/power turbostat: Fix offset overflow issue in index converting

tools/power turbostat: Fix offset overflow issue in index converting This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit...

GSD-2021-1000132 tools/power turbostat: Fix offset overflow issue in index converting

tools/power turbostat: Fix offset overflow issue in index converting This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.36 by commit...

UVI-2021-1000054 tools/power turbostat: Fix offset overflow issue in index converting

tools/power turbostat: Fix offset overflow issue in index converting This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit...

PYSEC-2021-684

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...