Lucene search
K

85 matches found

CNNVD
CNNVD
added 2022/08/02 12:0 a.m.5 views

HICOS 缓冲区错误漏洞

HICOS is a tool from China's MOICA that provides IC card credentials for registration into an operating system. A buffer error vulnerability exists in HICOS due to an insufficiently validated parameter length in its citizen authentication component that could be exploited by an unauthenticated...

6.8CVSS7.3AI score0.00355EPSS
Exploits0References2
NVD
NVD
added 2022/07/20 2:15 a.m.27 views

CVE-2022-32961

HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...

6.8CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2022/07/20 2:15 a.m.26 views

CVE-2022-32960

HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...

6.8CVSS0.0022EPSS
Exploits0References1
Prion
Prion
added 2022/07/20 2:15 a.m.18 views

Stack overflow

HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...

4.6CVSS7.1AI score0.0022EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/20 2:3 a.m.39 views

CVE-2022-32961 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow

HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...

6.8CVSS7.2AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2022/07/20 2:3 a.m.65 views

CVE-2022-32961

CVE-2022-32961 concerns HICOS’ client-side citizen digital certificate component, which has a stack-based buffer overflow when reading an IC card due to insufficient validation of token information parameter length. The vulnerability can be exploited by an unauthenticated, physical attacker to ex...

6.8CVSS7AI score0.0022EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/20 2:2 a.m.27 views

CVE-2022-32960 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow

HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...

6.8CVSS7.2AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 2022/07/20 2:2 a.m.64 views

CVE-2022-32960

CVE-2022-32960 affects the HiCOS client-side citizen digital certificate component. The vulnerability is a stack-based buffer overflow caused by insufficient validation of the card number parameter when reading an IC card. An unauthenticated physical attacker can exploit this to execute arbitrary...

6.8CVSS7AI score0.0022EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.5 views

PT-2022-21607 · Hicos · Hicos

Name of the Vulnerable Software and Affected Versions: HiCOS affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the client-side citizen digital certificate component when reading IC card due to insufficient parameter length validati...

6.8CVSS6.8AI score0.0022EPSS
Exploits0References3
OSV
OSV
added 2022/06/20 6:15 a.m.2 views

CVE-2022-21742

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...

6.5CVSS6.1AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2022/06/20 6:15 a.m.19 views

CVE-2022-21742

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...

6.5CVSS0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/20 12:0 a.m.7 views

Realtek USB driver 安全漏洞

The Realtek USB driver is a series of gaming Ethernet family controller drivers from China-based Realtek Semiconductor Realtek. A security vulnerability exists in the Realtek USB FE/1GbE/2.5GbE/5GbE NIC Family, which stems from insufficient validation of parameter lengths in API functions. An...

6.5CVSS6.5AI score0.00242EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/26 5:10 a.m.5 views

CVE-2022-21742

Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services...

6.5CVSS6.9AI score0.00242EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/04/07 7:15 p.m.17 views

CVE-2022-23973

ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service...

8.8CVSS0.00554EPSS
Exploits0References1
Prion
Prion
added 2022/04/07 7:15 p.m.15 views

Stack overflow

ASUS RT-AX56U’s user profile configuration function is vulnerable to stack-based buffer overflow due to insufficient validation for parameter length. An unauthenticated LAN attacker can execute arbitrary code to perform arbitrary operations or disrupt service...

5.8CVSS9.2AI score0.00554EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/04/01 11:15 p.m.28 views

CVE-2021-26623

A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...

9.8CVSS0.01065EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/07 1:44 a.m.3 views

CVE-2022-25596

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service...

8.8CVSS6.2AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2022/01/18 12:0 a.m.5 views

UBUNTU-CVE-2022-0185

A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs namespaced CAPSYSADMIN privile...

8.4CVSS7.1AI score0.25151EPSS
Exploits11References7
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.5 views

The vulnerability of embedded Qualcomm software due to buffer overflows allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information, due to the lack of checking the length of th...

10CVSS8.2AI score0.00755EPSS
Exploits0References3
OSV
OSV
added 2022/01/03 10:15 a.m.4 views

CVE-2021-44158

ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflow due to improper validation for httpd parameter length. An authenticated local area network attacker can launch arbitrary code execution to control the system or disrupt service...

8CVSS6.5AI score0.00677EPSS
Exploits0References1
Rows per page
Query Builder