36 matches found
Buffer overflow
Azure RTOS USBX is a high-performance USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in uxhostclasspimaread, there is data length from device response, returned in the very first packet, and read by L165 code, as headerlength. Th...
DEBIAN-CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...
CVE-2019-8276
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service DoS. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212...
CVE-2017-17715
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak...
Arbitrary file deletion
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...
CVE-2017-5668
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...
CVE-2017-5668
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...
CVE-2016-10189
BitlBee before 3.5 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list...
ALPINE-CVE-2016-8576
The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...
Cross site request forgery (csrf)
The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...
CVE-2016-8576
The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...
The vulnerability of the Dnsmasq software allows a remote attacker to compromise the accessibility of protected information.
The vulnerability in the tftprequest function of tftp.c in dnsmasq when using --enable-tftp allows malicious actors to trigger a service failure by using a TFTP-read request RRQ with an improperly configured blksize parameter...
FBI: Business Email Compromise Scams Steal $214m in 2014
The FBI’s Internet Crime Complaint Center IC3 is sounding the alarm on a type of fraud they are calling business email compromise BEC scams. The scheme, formerly known as a man-in-the-email attack, comes in three distinct flavors, each of which is ultimately designed to dupe corporate employees o...
CVE-2008-6393
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an integer overflow and a heap-based buffer...
Microsoft MSN Messenger Information Disclosure Vulnerability
Description Microsoft MSN Messenger is prone to an information disclosure vulnerability. When a malformed file transfer request is initiated by a remote user, they may be able to view the contents of files on the remote system. Technologies Affected Microsoft MSN Messenger Service 6.0 Microsoft M...
CVE-2003-0505
Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "...." dot dot sequences in a file transfer request...