Red Hat openshift-logging LokiStack 安全漏洞

Red Hat openshift-logging LokiStack is a platform component of Red Hat, Inc. A security vulnerability exists in Red Hat openshift-logging LokiStack, which stems from the fact that the key used for caching is just a token, allowing a user to perform other actions...

CVE-2023-21652

CVE-2023-21652 describes a cryptographic issue in HLOS where derived keys used to encrypt/decrypt information remain on the stack after use. The vulnerability is noted across multiple sources (e.g., Red Hat, NVD, PRION/Vuln enrichment) with the CVSS v3.1 base metrics indicating HIGH impact for co...

PT-2023-36238 · Unknown +1 · Virt-Operator-Container +6

Name of the Vulnerable Software and Affected Versions: kubevirt affected versions not specified virt-api-container affected versions not specified virt-controller-container affected versions not specified virt-handler-container affected versions not specified virt-launcher-container affected...

CVE-2023-30644

Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code...

CVE-2023-30648

CVE-2023-30648 : A stack out-of-bounds write vulnerability exists in the RILD component function IpcRxImeiUpdateImeiNoti, leading to a denial of service. Affected software: RILD prior to SMR Jul-2023 Release 1. Root cause: stack out-of-bounds write in IpcRxImeiUpdateImeiNoti. Impact: system DoS. ...

PT-2023-22842 · Rild · Rild

Name of the Vulnerable Software and Affected Versions: RILD prior to SMR Jul-2023 Release 1 Description: The issue is a stack out-of-bounds write vulnerability in the IpcRxImeiUpdateImeiNoti function of RILD, which can cause a denial of service on the system. Recommendations: For RILD prior to SM...

PT-2023-7944 · Advantech · Eki-1522 +2

Name of the Vulnerable Software and Affected Versions: Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 Description: The issue is related to a Stack-based Buffer Overflow vulnerability, which can be triggered by authenticated users via a crafted POST request. This vulnerability may all...

CVE-2023-30371

In Tenda AC15 V15.03.05.19, the function "subED14" contains a stack-based buffer overflow vulnerability...

PT-2023-4343 · 3S Smart Software Solutions · Codesys

Name of the Vulnerable Software and Affected Versions: CODESYS affected versions not specified Description: The issue is related to a stack-based out-of-bounds write vulnerability. This vulnerability can be exploited by an authenticated remote attacker to write data into the stack, potentially...

PT-2023-16519 · Unknown · Bluetooth Le Stack

Name of the Vulnerable Software and Affected Versions: Bluetooth LE stack affected versions not specified Description: An invalid prepare write request command can cause the Bluetooth LE stack to run out of memory, resulting in a denial-of-service and failure to handle subsequent connection...

CVE-2023-28867

In GraphQL Java aka graphql-java before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. The fixed versions are 20.1, 19.4, 18.4, 17.5, and 0.0.0-2023-03-20T01-49-44-80e3135...

CVE-2021-3329 DOS: Incorrect handling of the initial HCI ACL_MTU handshake packet leads to crash of bluetooth host layer

Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack...

SUSE CVE-2019-19977

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlmbuildtype2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read...

OESA-2022-1965 dpdk security update

DPDK core includes kernel modules, core libraries and tools.testpmd application allows to test fast packet processing environments on arm64 platforms. For instance, it can be used to check that environment can support fast path applications such as 6WINDGate, pktgen, rumptcpip, etc. More librarie...

ASNeG OPC UA Stack 安全漏洞

ASNeG OPC UA Stack is an open source framework open source by ASNeG Germany. It is used to develop and distribute OPC UA client/server applications. A security vulnerability exists in ASNeG OPC UA Stack that stems from the lack of a limit on the number of received blocks total number per session ...

Buffer Overflows

nbd is vulnerable to stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted message with an large value as the length of the name...

UWB stack 缓冲区错误漏洞

Samsung UWB is a wireless technology used by Samsung Samsung mobile devices that allows smartphones to connect and communicate directly with your car. a buffer overflow vulnerability exists in the Samsung UWB stack, which stems from a boundary checking error in the UWB stack. An attacker could...

UVI-2021-1002212 comedi: dt9812: fix DMA buffers on stack

comedi: dt9812: fix DMA buffers on stack This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.2 by commit...

CVE-2021-37186

Summary of CVE-2021-37186 : Siemens LOGO! CMR2020/CMR2040 and SIMATIC RTU3000 family implement an insufficiently random Initial Sequence Number (ISN) generator in their TCP/IP stack. This can allow an adjacent attacker with LAN access to interfere with traffic, spoof connections, and potentially ...

CVE-2021-36765

In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system...