CVSS: 10.0EPSS: 68%CPEs: 54EXPL: 4CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14491
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replie... • https://packetstorm.news/files/id/144480 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 3CVE-2016-2031 – Aruba Authentication Bypass / Insecure Transport / Tons of Issues
https://notcve.org/view.php?id=CVE-2016-2031
06 May 2016 — Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. Se presentan múltiples vulnerabilidades en Aruba Instate versiones anteriores a 4.1.3.0 y 4.2.3.1, debido a una comprobación insuficiente de la entrada suministrada por el usuario y una ... • https://packetstorm.news/files/id/136997 • CWE-20: Improper Input Validation •