2272 matches found
CVE-2023-25096
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25091
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25098
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25100
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25093
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25092
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25095
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25083
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25088
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
CVE-2023-25084
Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China's StarZone IOT Milesight. A buffer error vulnerability exists in the Milesight UR32L v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China's StarZone IOT Milesight. A buffer error vulnerability exists in the Milesight UR32L v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially...
Milesight UR32L 缓冲区错误漏洞
The Milesight UR32L is a 4G industrial router from China-based Milesight. A security vulnerability exists in the Milesight UR32L version v32.3.0.5, which stems from the use of an insecure sprintf pattern. An attacker could exploit the vulnerability to cause a buffer overflow via a specially craft...
Wrong validation when setting BadCollateralRatio
Lines of code Vulnerability details Impact Setting of BadCollateralRatio has a slight bug //@audit-issue bug here, should be - 1e19 function setBadCollateralRatioaddress pool, uint256 newRatio external onlyRoleDAO requirenewRatio = 130 1e18 && newRatio = 160 1e18, "eUSD vault safe...
Regular Expression Denial Of Service (ReDoS)
uri is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists due to inefficient Regex pattern complexity used in rfc2396parser.rb and rfc3986parser.rb., which allows an attacker to crash the application by providing maliciously crafted URI patterns. NOTE: This issue...
springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern...