194 matches found
CVE-2026-24738
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
EUVD-2026-4740
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ReadFile function. An attacker can cause excessive CPU and memory consumption by supplying maliciously crafted TLV length values from an NFC or APDU source, leading to resourc...
GHSA-J49H-6577-5XWQ gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
Unbounded TLV length in ReadFile can cause Denial of Service Summary A Denial of Service vulnerability was identified in ReadFile where unbounded TLV length values could lead to excessive CPU and memory usage when processing data from a malicious or non-compliant NFC source. This issue has been...
gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values
Unbounded TLV length in ReadFile can cause Denial of Service Summary A Denial of Service vulnerability was identified in ReadFile where unbounded TLV length values could lead to excessive CPU and memory usage when processing data from a malicious or non-compliant NFC source. This issue has been...
gmrtd security vulnerabilities
GMRTD is an open-source Go language library developed by GMRTD. Versions of GMRTD prior to 0.17.2 contained security vulnerabilities. These vulnerabilities stemmed from the ReadFile function accepting TLVs of excessive length, which could lead to unlimited resource consumption...
CVE-2021-28154
Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it...
CVE-2017-20212
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...
CVE-2017-20212
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...
PT-2026-1666
Name of the Vulnerable Software and Affected Versions FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Description The software contains an information disclosure issue that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit...
CVE-2017-20212
The CVE-2017-20212 entry concerns FLIR Thermal Camera F/FC/PT/D firmware 8.0.0.64. Affected component: the web application path /var/www/data/controllers/api/xml.php, where readFile() reads local files without authentication. Root cause: unverified input parameters allow information disclosure. I...
CVE-2017-20212 FLIR Thermal Camera F/FC/PT/D 8.0.0.64 Information Disclosure via File Reading
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...
TencentOS Server 4: nodejs20 (TSSA-2025:0415)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0415 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Directory Traversal
Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Directory Traversal via the WriteFile and ReadFile tools. An attacker can gain full control over the server, including executing arbitrary commands, by supplying crafted file paths that allow...
EUVD-2005-0597
Malware in sbrugna...
EUVD-2021-1018
Malware in sbrugna...
EUVD-2020-0573
Malware in sbrugna...
EUVD-2020-0543
Malware in sbrugna...
EUVD-2005-1093
Malware in sbrugna...