Total
284 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-33013 | 1 Qualcomm | 169 Ar8035 Firmware, Csr8811 Firmware, Fastconnect 6700 Firmware and 166 more | 2024-08-06 | 7.5 High |
| Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. | ||||
| CVE-2024-33015 | 1 Qualcomm | 190 Ar8035 Firmware, Csr8811 Firmware, Fastconnect 6200 Firmware and 187 more | 2024-08-06 | 7.5 High |
| Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. | ||||
| CVE-2017-7668 | 6 Apache, Apple, Debian and 3 more | 16 Http Server, Mac Os X, Debian Linux and 13 more | 2024-08-05 | 7.5 High |
| The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. | ||||
| CVE-2017-7679 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Jboss Core Services and 2 more | 2024-08-05 | N/A |
| In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. | ||||
| CVE-2019-1010220 | 1 Tcpdump | 1 Tcpdump | 2024-08-05 | N/A |
| tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file. | ||||
| CVE-2019-15167 | 1 Tcpdump | 1 Tcpdump | 2024-08-05 | 9.1 Critical |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. | ||||
| CVE-2019-5432 | 1 Mqtt-packet Project | 1 Mqtt-packet | 2024-08-04 | 7.5 High |
| A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding. | ||||
| CVE-2019-3563 | 1 Facebook | 1 Wangle | 2024-08-04 | 9.8 Critical |
| Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. This affects versions of Wangle prior to v2019.04.22.00 | ||||
| CVE-2020-35511 | 2 Debian, Libpng | 2 Debian Linux, Pngcheck | 2024-08-04 | 7.8 High |
| A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. | ||||
| CVE-2020-25853 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2024-08-04 | 7.5 High |
| The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK. | ||||
| CVE-2020-8244 | 2 Bufferlist Project, Debian | 2 Bufferlist, Debian Linux | 2024-08-04 | 6.5 Medium |
| A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls. | ||||
| CVE-2021-45985 | 1 Lua | 1 Lua | 2024-08-04 | 7.5 High |
| In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. | ||||
| CVE-2021-34320 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13406) | ||||
| CVE-2021-34299 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13192) | ||||
| CVE-2021-34308 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13344) | ||||
| CVE-2021-34322 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13416) | ||||
| CVE-2021-34302 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197) | ||||
| CVE-2021-34303 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13198) | ||||
| CVE-2021-34304 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13199) | ||||
| CVE-2021-34325 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-08-04 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13421) | ||||