CVE-2022-29859

The CVE affects ambiot amb1_sdk (Ameba1) before 2022-03-11, where dhcps.c mishandles data structures for DHCP packet data. Root cause is the incorrect handling of DHCP packet data structures in dhcps.c. Impact is described as high/critical in public metrics; exploitation details are not provided ...

CVE-2022-29859

component/common/network/dhcp/dhcps.c in ambiot amb1sdk aka SDK for Ameba1 before 2022-03-11 mishandles data structures for DHCP packet data...

PT-2022-19883 · Amb1 Sdk · Amb1 Sdk

Name of the Vulnerable Software and Affected Versions: amb1 sdk versions prior to 2022-03-11 Description: The issue is related to the mishandling of data structures for DHCP packet data in the dhcps.c file within the amb1 sdk. Recommendations: For versions prior to 2022-03-11, update to a version...

EulerOS Virtualization 2.10.1 : bind (EulerOS-SA-2022-1368)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview...

Buffer overflow

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...

CVE-2021-44496

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...

CVE-2021-44496

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can control the size variable and buffer that is passed to a call to memcpy. An attacker can use this to overwrite key data structures and gain control of the flow of execution...

CVE-2022-26357

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from the lack of protective measures for website structures, allowing attackers to compromise data integrity.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the absence of markdown filtering. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

CVE-2022-26357

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...

CVE-2022-26357

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...

The vulnerability of the SyliusGridBundle e-commerce platform for Symfony applications, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the SyliusGridBundle e-commerce platform for Symfony applications is related to the lack of protective measures for SQL query structures. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries remotely...

CVE-2021-44462

This vulnerability can be exploited by parsing maliciously crafted project files with Horner Automation Cscape EnvisionRV v4.50.3.1 and prior. The issues result from the lack of proper validation of user-supplied data, which can result in reads and writes past the end of allocated data structures...

How to use the Gartner® 2022 Strategic Roadmap for Data Security Platform Convergence

“It is not the strongest species that survive, nor the most intelligent, but the ones most responsive to change.” – Charles Darwin Evolution and innovation form the basis of most modern business mission statements. However, the same organizations pursuing growth and change often do not put...

Ahdinosaur Set-in 安全漏洞

Ahdinosaur Set-in is a Js-based codebase from the individual developer of Ahdinosaur that can assign values to keys of nested associative structures. A security vulnerability exists in Ahdinosaur Set-in that allows an attacker to merge object prototypes into it...

The vulnerability in the embedded software of NETGEAR routers such as CBR40, EAX20, EAX80, EX6120, EX6130, EX7500, R7000, R7900, R8000, RAX200, RBS40V, RBW30, EX3700, MR60, R7000P, RAX20, RAX45, RAX80, EX3800, MS60, R6900P, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, RBS850, RBK752, and RBK852 exists due to the lack of protective measures for website structures. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the embedded software of NETGEAR routers such as CBR40, EAX20, EAX80, EX6120, EX6130, EX7500, R7000, R7900, R8000, RAX200, RBS40V, RBW30, EX3700, MR60, R7000P, RAX20, RAX45, RAX80, EX3800, MS60, R6900P, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, RBS850, RBK752, and RBK852...

EulerOS 2.0 SP5 : bind (EulerOS-SA-2022-1261)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as wel...

[SECURITY] Fedora 35 Update: python-rencode-1.0.6-17.fc35

The rencode module is a modified version of bencode from the BitTorrent project. For complex, heterogeneous data structures with many small elements, r-encodings take up significantly less space than b-encodings...

[SECURITY] Fedora 34 Update: python-rencode-1.0.6-17.fc34

The rencode module is a modified version of bencode from the BitTorrent project. For complex, heterogeneous data structures with many small elements, r-encodings take up significantly less space than b-encodings...

MariaDB 10.4.0 < 10.4.24 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.4.24. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.4.24 advisory. - MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with...