CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19931
https://notcve.org/view.php?id=CVE-2019-19931
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. En libIEC61850 versión 1.4.0, la función MmsValue_decodeMmsData en el archivo mms/iso_mms/server/mms_access_result.c presenta un desbordamiento de búfer en la región heap de la memoria. • https://github.com/mz-automation/libiec61850/issues/194 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-16510
https://notcve.org/view.php?id=CVE-2019-16510
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. libIEC61850 versiones hasta 1.3.3, presenta un uso de la memoria previamente liberada en la función MmsServer_waitReady en el archivo mms/iso_mms/server/mms_server.c, como es demostrado por server_example_goose. • https://github.com/mz-automation/libiec61850/issues/164 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-1010300
https://notcve.org/view.php?id=CVE-2019-1010300
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. mz-automation libiec61850 versión 1.3.2 1.3.1 1.3.0, está afectado por: Desbordamiento de Búfer. El impacto es: Bloqueo de software. • https://github.com/mz-automation/libiec61850/issues/127 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6719
https://notcve.org/view.php?id=CVE-2019-6719
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c. Se ha encontrado un problema en libIEC61850 v1.3.1. Hay un uso de memoria previamente liberada en la función getState en mms/iso_server/iso_server.c, tal y como queda demostrado con examples/server_example_goose/server_example_goose.c y examples/server_example_61400_25/server_example_61400_25.c. • https://github.com/mz-automation/libiec61850/issues/111 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2019-6135
https://notcve.org/view.php?id=CVE-2019-6135
An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstrated by goose_publisher_example.c and iec61850_9_2_LE_example.c. Se ha encontrado un problema en libIEC61850 v1.3.1. Memory_malloc en hal/memory/lib_memory.c tiene una fuga de memoria al ser llamado desde Asn1PrimitiveValue_create en mms/asn1/asn1_ber_primitive_value.c, tal y como queda demostrado con goose_publisher_example.c y iec61850_9_2_LE_example.c. • https://github.com/mz-automation/libiec61850/issues/103 https://github.com/mz-automation/libiec61850/issues/104 • CWE-401: Missing Release of Memory after Effective Lifetime •