Malicious code in sonic-ots-uyaidoagib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e762cd9d8c7694d79e9970d1697694085059e2df3bb8b57c31be5949b37ca5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2024-47543

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-6444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c. CVE-2024-6444 Note that Nessus relies on...

CVE-2024-8798

No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...

CVE-2024-6444

No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...

CVE-2024-6444 Bluetooth: ots: missing buffer length check

No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...

CVE-2024-6444

CVE-2024-6444 affects Zephyr’s Bluetooth OTS client: olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c handles input length poorly, enabling potential buffer overflow. Existing connected sources confirm the exact vulnerable component and root cause (missing input length valida...

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr that stems from olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c that does not properly validate the length of user input...

SUSE CVE-2015-0823

Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36.0, might allow remote attackers to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, related to the...

HIMA Paul Hildebrandt X-OPC 、X-OTS 代码问题漏洞

HIMA Paul Hildebrandt X-OPC and HIMA Paul Hildebrandt X-OTS are both products of HIMA Paul Hildebrandt, Inc.HIMA Paul Hildebrandt X-OPC is an intelligent security platform.HIMA Paul Hildebrandt X-OTS is a security simulator. -OTS is a safety simulator. A code issue vulnerability exists in HIMA Pa...

CVE-2021-21438

Agents are able to see linked FAQ articles without permissions defined in FAQ Category. This issue affects: FAQ version 6.0.29 and prior versions, OTRS version 7.0.24 and prior versions...

ots-reisen.de Cross Site Scripting vulnerability OBB-1407234

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

ots:ots-fuzzer: Use-of-uninitialized-value in ots::OpenTypeGVAR::Parse

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=5742168799707136 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzermsanots Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

ots:ots-fuzzer: Use-of-uninitialized-value in ots::ParseVariationData

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=6277842237915136 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzermsanots Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

ots:ots-fuzzer: Use-of-uninitialized-value in ots::ParseConditionTable

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=5640715984699392 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzermsanots Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

ots:ots-fuzzer: Heap-buffer-overflow in LZ4_read16

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=5651243541463040 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzerasanots Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address: 0x6180000007e8...

Arbitrary Code Execution

firefoxi s vulnerable to arbitrary code execution. The vulnerability in Sanitiser for OpenType OTS, used by Firefox to help prevent potential exploits in malformed OpenType fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute...

ots:ots-fuzzer: Heap-buffer-overflow in LZ4_decompress_safe_partial

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=5662681298370560 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzerasanots Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6180000007d0...

ots:ots-fuzzer: Heap-buffer-overflow in LZ4_read16

Project: https://github.com/khaledhosny/ots.git Detailed Report: https://oss-fuzz.com/testcase?key=6229453185482752 Project: ots Fuzzing Engine: libFuzzer Fuzz Target: ots-fuzzer Job Type: libfuzzerasanots Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address: 0x6180000007ce...

ots:ots-fuzzer: Heap-buffer-overflow in LZ4_decompress_safe_partial

Detailed Report: https://oss-fuzz.com/testcase?key=5690734920859648 Project: ots Fuzzing Engine: afl Fuzz Target: ots-fuzzer Job Type: aflasanots Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6190000009e0 Crash State: LZ4decompresssafepartial ots::OpenTypeSILF::Parse...