Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-45117

The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.

CVE
#pdf

%PDF-1.7 %���� 1 0 obj <>/Metadata 152 0 R/ViewerPreferences 153 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 20 0 R 23 0 R 24 0 R 25 0 R 26 0 R 27 0 R] /MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��\Ys�F~W������+�*���l��Z����%�R�����ow� x v�d������tܼ �������o��u�Ûq��+2��p����(�:����`y}�Ç뫛�<*�0���@�D"dp�$Q�a��~��,x������˯?^_��=cR��dL��� >�������뫳��B���2A�5 ���^ �0�av:�Θ��G����H����G����J�LI���2%c�d�R0��=2#� 푐F&^K�[�y=���kb%*Y���w���`�n��v+�T„�%�A0�Ë��y��6���ߧ��:�Ԡ� Gr��e��I�ҷ�j=T�<�͊@��.Vn7�\���H �)�e��6����� � ����`2��pd����{�U3����viM��5$abZ�&E� ���X} Fޡ6�,J�f0{u��Z�< ����_�# &�)�?����Ј.��Y(;����3��𴕭 �p��p.t�a�� /���aa�5� ��c���cƝZ�/ e� u��:ї�ۗ��0�8�/]��("�(�:O-\p����>���Y��Kn��y��`��)�N�ɉ�mؙ�i�ױF/;\���J�hU�"��Ң��&���ϓ5~�z��ِ���D.N�aN�K Y�fAk`�����,r���A1L`����� .a�Œ9G_ԃŐ��gX��<@QN��3 nZ,A��z����*��s��mR�$$��IeKʎ��aIt��mp�+�Ǒ n�Š�H �’!A� �`�(Ii�$jL��ǔ��� LA ����’ T��

Related news

CVE-2022-37012

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server 1.7.6-537. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpcUa_SecureListener_ProcessSessionCallRequest method. A crafted OPC UA message can force the server to incorrectly update a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-16927.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907