85 matches found
HICOS 缓冲区错误漏洞
HICOS is a tool from China's MOICA that provides IC card credentials for registration into an operating system. A buffer error vulnerability exists in HICOS due to an insufficiently validated parameter length in its citizen authentication component that could be exploited by an unauthenticated...
CVE-2022-32961
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...
CVE-2022-32960
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
Stack overflow
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...
CVE-2022-32961 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...
CVE-2022-32961
CVE-2022-32961 concerns HICOS’ client-side citizen digital certificate component, which has a stack-based buffer overflow when reading an IC card due to insufficient validation of token information parameter length. The vulnerability can be exploited by an unauthenticated, physical attacker to ex...
CVE-2022-32960 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
CVE-2022-32960
CVE-2022-32960 affects the HiCOS client-side citizen digital certificate component. The vulnerability is a stack-based buffer overflow caused by insufficient validation of the card number parameter when reading an IC card. An unauthenticated physical attacker can exploit this to execute arbitrary...
PT-2022-21607 · Hicos · Hicos
Name of the Vulnerable Software and Affected Versions: HiCOS affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the client-side citizen digital certificate component when reading IC card due to insufficient parameter length validati...
CVE-2022-21742
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...
CVE-2022-21742
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...
Realtek USB driver 安全漏洞
The Realtek USB driver is a series of gaming Ethernet family controller drivers from China-based Realtek Semiconductor Realtek. A security vulnerability exists in the Realtek USB FE/1GbE/2.5GbE/5GbE NIC Family, which stems from insufficient validation of parameter lengths in API functions. An...
CVE-2022-21742
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...
CVE-2022-23973
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service...
Stack overflow
ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
CVE-2022-25596
ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service...
UBUNTU-CVE-2022-0185
A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...
The vulnerability of embedded Qualcomm software due to buffer overflows allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of microprogramming software in embedded Qualcomm chips is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information, due to the lack of checking the length of th...
CVE-2021-44158
ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service...