In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402406 and IOCtl 0x9C40240A. There is no kind of vulnerability and it won't compromise either the client side or the server side." NOTE: the vendor states "This is just an uploader (like any other one) which uploads files to cloud storage and accepts various file types.
NOTE: there may not be cases in which an uploader web service is customer controlled however, the nature of the issue has substantial interaction with customer controlled configuration. html.jpg) with the text/html content type. ** DISPUTED ** The ProBot bot through for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified other impact) because the uploader web service allows double extensions (such as. The attack vector is: Parsing RSA Key ASN.1.Įncoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The impact is: obtain sensitive information (context-dependent). SerenityOS Unspecified is affected by: Buffer Overflow. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. NOTE: it is unclear whether use of Fetchmail on any realistic platform results in an impact beyond an inconvenience to the client user.
Report_vbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf va_list argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file.
0 kommentar(er)
