10 matches found
CVE-2026-51541
OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in CIP message parsing when handling malformed explicit requests with a forged EPath size. An attacker can send a valid ENIP SendRRData frame carrying a very short CIP payload whose pathsize field claims that many more path words are...
CVE-2026-51541
OpENer 2.3.0 (commit 76b95cf) is affected by CVE-2026-51541 due to an out-of-bounds read in CIP message parsing when processing malformed explicit requests with a forged EPath size. An ENIP SendRRData frame carrying a short CIP payload with a larger declared path_size can cause the parser to cont...
smb: client: fix double put of @cfile in smb2_set_path_size()
...
SUSE CVE-2024-46796
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2setpathsize If smb2compoundop is called with a valid @cfile and returned -EINVAL, we need to call cifsgetwritablepath before retrying it as the reference of @cfile was already dropped ...
CVE-2024-22091
CVE-2024-22091 affects Mattermost servers where the path of requests containing user inputs is not length-limited. The root cause is an insufficient limit on the size of request paths, which can trigger excessive resource consumption and potentially cause a DoS. Affected versions include Mattermo...
CVE-2024-22091 Excessive resource consumption due to lack to request path size limits
Mattermost versions 8.1.x = 8.1.10, 9.6.x = 9.6.0, 9.5.x = 9.5.2 and 8.1.x = 8.1.11 fail to limit the size of a request path that includes user inputs which allows an attacker to cause excessive resource consumption, possibly leading to a DoS via sending large request paths...
CVE-2024-26818 tools/rtla: Fix clang warning about mount_point var size
In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...
PT-2020-20060 · Node.Js +8 · Libuv +8
Name of the Vulnerable Software and Affected Versions: libuv versions prior to 10.22.1 libuv versions prior to 12.18.4 libuv versions prior to 14.9.0 Description: The issue arises from the incorrect determination of buffer size in the realpath implementation within libuv, which is used by Node.js...
systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash
It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges...
ALPINE-CVE-2017-16227
The aspathput function in bgpd/bgpaspath.c in Quagga before 1.2.2 allows remote attackers to cause a denial of service session drop via BGP UPDATE messages, because ASPATH size calculation for long paths counts certain bytes twice and consequently constructs an invalid message...