188 matches found
EulerOS Virtualization 2.9.0 : mariadb-connector-c (EulerOS-SA-2021-1654)
According to the version of the mariadb-connector-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
mariadb-connector-c: Improper validation of content in a OK packet received from server
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
GLSA-202011-14 : MariaDB: Remote code execution
The remote host is affected by the vulnerability described in GLSA-202011-14 MariaDB: Remote code execution It was discovered that MariaDB did not properly validate the content of a packet received from a server. Impact : A remote attacker could send a specially crafted packet to WSREP service,...
MariaDB: Remote code execution
Background MariaDB is an enhanced, drop-in replacement for MySQL. Description It was discovered that MariaDB did not properly validate the content of a packet received from a server. Impact A remote attacker could send a specially crafted packet to WSREP service, possibly resulting in execution o...
CVE-2020-3489
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...
MariaDB Connector/C OK Packet Content Validation Error Vulnerability
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL using the Maria storage engine.Connector/C is one of the connectors used to connect C/C++ applications to MariaDB and MySQL databases. A security vulnerability exists in the...
CVE-2020-13249
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
CVE-2020-13249
libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...
CVE-2019-5614
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...
FreeBSD ipfw buffer overflow vulnerability (CNVD-2020-32362)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. ipfw is one of the IP firewall components. A buffer overflow vulnerability exists in ipfw in FreeBSD, which stems from a program's failure to properly validate packets, and can be exploited by an attacker to cause kernel...
FreeBSD-SA-20:10.ipfw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:10.ipfw Security Advisory The FreeBSD Project Topic: ipfw invalid mbuf handling Category: core Module: kernel Announced: 2020-04-21 Credits: Maxime Villard...
CVE-2020-1876
CVE-2020-1876 affects Huawei NIP6800, Secospace USG6600 and USG9500 with specific V500R001C30, V500R001C60SPC500 and V500R005C00SPC100 builds. It is an out-of-bounds write vulnerability triggered by unauthenticated, malformed packets that bypass validation and may reboot the targeted device. Root...
CVE-2020-7045
Wireshark 3.0.x before 3.0.8 contains a vulnerability in the BT ATT dissector that could cause a crash. The root cause is related to opcode validation in the BT ATT dissector code path (epan/dissectors/packet-btatt.c). Affected product: Wireshark 3.0.x; vulnerable version range includes before 3....
Cisco IOS Software Internet Key Exchange Version 1 DoS (cisco-sa-20180328-ike-dos)
According to its self-reported version, Cisco IOS is affected by a denial of service DoS vulnerability in its Internet Key Exchange Version 1 IKEv1 functionality due to improper validation of specific IKEv1 packets. An unauthenticated, remote attacker can exploit this by sending crafted IKEv1...