10 matches found
CVE-2021-21783
CVE-2021-21783 affects Genivia gSOAP 2.8.107 in the WS-Addressing plugin. The vulnerability stems from a flaw in handling SOAP requests, enabling remote code execution when an attacker sends a crafted HTTP SOAP message. Descriptions across connected advisories corroborate that a specially crafted...
CVE-2015-0235
CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...
CVE-2020-12723
CVE-2020-12723 : In Perl, regcomp.c allows a buffer overflow in the regex compiler due to crafted regular expressions, caused by recursive S_study_chunk calls. The issue affects Perl before 5.30.3, notably on 32‑bit platforms. Reports in Connected documents indicate fixes have been released (e.g....
CVE-2020-10878
Perl before 5.30.3 contains an integer overflow in the regular expression compiler (related to PL_regkind[OP(n)] == NOTHING). A crafted regex can produce malformed bytecode with a possibility of instruction injection, as documented by multiple advisories and CVEs (e.g., CVE-2020-10878). Public re...
CVE-2020-10543
CVE-2020-10543 affects Perl before 5.30.3 on 32-bit platforms, where nested regular expression quantifiers cause a heap-based buffer overflow (integer overflow) in the regex compiler. The connected advisories confirm fixes/updates for Perl (e.g., CloudLinux, AlmaLinux, ALAS2), indicating remediat...
CVE-2018-3693
CVE-2018-3693 (Spectre-NG Variant 1.1) affects speculative execution/branch-prediction CPUs and can allow local attackers to read memory via side-channels. Connected docs show F5 advisories for BIG-IP, BIG-IQ, and Traffix SDC listing affected platforms and indicate exposure is local (requires aut...
CVE-2018-20033
FlexNet Publisher (lmgrd and vendor daemon) versions 11.16.1.0 and earlier are vulnerable to a memory corruption path that can cause the heartbeat to fail and the vendor daemon to shut down, with remote code execution possible. Public advisories (NVD, ICSA-19-192-05/07, CNVD) confirm CVE-2018-200...
CVE-2018-20031
CVE-2018-20031 affects FlexNet Publisher (lmgrd and vendor daemon) prior to version 11.16.2. It is a denial of service vulnerability caused by improper input validation enabling a remote attacker to send a crafted sequence of messages to disrupt the heartbeat between lmgrd and the vendor daemon, ...
CVE-2018-20032
The CVE-2018-20032 entry tracks a Denial-of-Service in FlexNet Publisher’s lmgrd and vendor daemon components (version 11.16.1.0 and earlier). Exploitation involves sending crafted messages to break the heartbeat between lmgrd and the vendor daemon, causing the daemon to shut down. Public documen...
CVE-2018-20034
CVE-2018-20034 affects FlexNet Publisher up to version 11.16.1.0 (lmgrd and vendor daemon). The vulnerability arises from adding an item to a list, causing heartbeat to stop and the vendor daemon to shut down (DoS). Mitigation: upgrade to FlexNet Publisher 11.16.2.0 or newer (2018 R4+). No public...