CVE-2021-37726

CVE-2021-37726 : A remote buffer overflow vulnerability in HPE Aruba Instant (IAP) affects Aruba Instant 8.7.x.x, specifically 8.7.0.0 through 8.7.1.2. The issue originates from a memory buffer overflow in the product’s components (as described in multiple sources) and allows unauthenticated remo...

CVE-2021-37726

A remote buffer overflow vulnerability was discovered in HPE Aruba Instant IAP versions: Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant IAP that address this security vulnerability...

Ubuntu 20.04 LTS : EDK II vulnerabilities (USN-5088-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5088-1 advisory. It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash,...

CVE-2021-37716

A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that addres...

CVE-2021-37716

A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that addres...

edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe

A flaw was found in edk2. Missing checks in the IScsiHexToBin function in NetworkPkg/IScsiDxe lead to a buffer overflow allowing a remote attacker, who can inject himself in the communication between edk2 and the iSCSI target, to write arbitrary data to any address in the edk2 firmware and...

edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe

A flaw was found in edk2. Missing checks in the IScsiHexToBin function in NetworkPkg/IScsiDxe lead to a buffer overflow allowing a remote attacker, who can inject himself in the communication between edk2 and the iSCSI target, to write arbitrary data to any address in the edk2 firmware and...

RLSA-2021:3066 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe BZ1956284 For more details about the security...

SUSE: Security Advisory (SUSE-SU-2018:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ASUS BMC Firmware 安全特征问题漏洞

ASUS BMC Firmware is a firmware from Asus China. A security signature issue vulnerability exists in the ASUS BMC firmware Web management page, which originates from a buffer overflow vulnerability due to the Active Directory configuration function not validating the length of a string entered by ...

CVE-2019-5319

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Insta...

CVE-2021-25149

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Insta...

CVE-2021-25144

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Insta...

CVE-2021-25144

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Insta...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to writing beyond the buffer in memory. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the remote buffer overflow attack. This allows arbitrary code to execute in the context of the current user, using a specially...

Trojan-Dropper.Win32.Delf.p Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/b02cc578d2e7f24fb67ec0afc42a9e13B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Delf.p Vulnerability: Remote Buffer Overflow Description: Delf.p accepts...

Huawei EulerOS: Security Advisory for p11-kit (EulerOS-SA-2021-1620)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability of the p_print_image() function (device/gdevcdj.c) in the software suite for processing, transforming, and generating Ghostscript documents, allowing a hacker to trigger a service failure

The vulnerability of the pprintimage function device/gdevcdj.c in the software for processing, transforming, and generating Ghostscript documents is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

Backdoor.Win32.NetBull.11.b Remote Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0e0fc966862971c29edd4dcaa0ba8e86.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetBull.11.b Vulnerability: Remote Buffer Overflow Description: NetBull.11.b listens ...

Backdoor.Win32.Zombam.geq Remote Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/fd14cc7f025f49a3e08b4169d44a774e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.geq Vulnerability: Remote Buffer Overflow Description: Zombam.geq listens for...