Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks via a crafted sales transaction. Date published : 2019-07-31 https://www.tenable.com/security/research/tra-2019-37
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service...
fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-based buffer overflow. Date published : 2019-07-31 https://security.gentoo.org/glsa/202107-12 https://github.com/schismtracker/schismtracker/issues/198
XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. Date published : 2019-07-31 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HBIIPS2CDMUXJ3CIEPKMEY3D73UZDR3T/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXYRVXOPO223DAUJHFQCTKQHIZ6XN35P/
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. Date published : 2019-07-31 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRAQZXGAZY6UGWZ6CD33QEFLL7AWW233/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAGHQFJTJCMYHW553OUWJ3YIJR6PJHB7/
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. Date published : 2019-07-31 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PRAQZXGAZY6UGWZ6CD33QEFLL7AWW233/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAGHQFJTJCMYHW553OUWJ3YIJR6PJHB7/
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). Date published : 2019-07-31...
Opengear console server firmware releases prior to 4.5.0 have a stored XSS vulnerability related to serial port logging. If a malicious user of an external system (connected to a serial port on an Opengear...
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/ https://gitlab.com/u-boot/u-boot
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call. Date published : 2019-07-31 https://blog.semmle.com/uboot-rce-nfs-vulnerability/...