Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13573 | 1 Rockwellautomation | 1 Rslinx | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | |||||
| CVE-2022-21147 | 1 Estsoft | 1 Alyac | 2022-05-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2020-6112 | 1 Gonitro | 1 Nitro Pro | 2022-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memory corruption. This can result in code execution. A specially crafted image can be embedded inside a PDF and loaded by a victim in order to trigger this vulnerability. | |||||
| CVE-2021-3888 | 1 Libmobi Project | 1 Libmobi | 2022-04-25 | 5.8 MEDIUM | 8.1 HIGH |
| libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||||
| CVE-2021-3889 | 1 Libmobi Project | 1 Libmobi | 2021-10-25 | 5.8 MEDIUM | 8.1 HIGH |
| libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||||
| CVE-2021-22550 | 1 Google | 1 Asylo | 2021-06-22 | 4.6 MEDIUM | 7.8 HIGH |
| An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c | |||||
| CVE-2020-8904 | 1 Google | 1 Asylo | 2020-08-13 | 5.5 MEDIUM | 9.6 CRITICAL |
| An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later. | |||||