![]() ![]() This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a post-authentication buffer overflow via parameter sPort/ePort in the addEffect function. TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. Heap Buffer Overflow in the erofsfsck_dirent_iter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. Heap Buffer Overflow in the erofs_read_one_data function at data.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image. This vulnerability allows attackers to cause a Denial of Service (DoS) when parsing a private key. An attacker could exploit this vulnerability to cause a denial of service attack.ĪxTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. ![]() The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.Ī heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. allows attackers to cause a Denial of Service (DoS) via a crafted XML file.Ī heap buffer overflow vulnerability exists in NanoMQ 0.17.2. RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 1 of 2).Ī buffer overflow in EasyPlayerPro-Win v3. RenderDoc through 1.26 allows an Integer Overflow with a resultant Buffer Overflow (issue 2 of 2). As a workaround, disable support for fragmented IP datagrams. ![]() This issue is fixed in pull request 19680. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Corrupting a pointer will easily lead to denial of service. The overflow can be used to corrupt other packets and the allocator metadata. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. This allows an attacker to execute code of their choice on an affected host by copying carefully selected data that will be executed as code.ĪMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. ![]() An overly large value for certain options of a connection string may overrun the buffer allocated to process the string value. NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed messages.Ī buffer overflow was discovered in Progress DataDirect Connect for ODBC before for Oracle. ![]()
0 Comments
Leave a Reply. |