Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endian vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1013
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
7.5
CVSSv2
CVE-2021-36357
An issue exists in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t "year" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use th...
Openpowerfoundation Skiboot 2.6
7.5
CVSSv2
CVE-2004-2338
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote malicious users to bypass access restrictions.
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
5
CVSSv2
CVE-2004-1180
Unknown vulnerability in the rwho daemon (rwhod) prior to 0.17, on little endian architectures, allows remote malicious users to cause a denial of service (application crash).
Sun Solaris
Sun Sunos 5.9
Debian Debian Linux 3.0
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux Corporate Server 2.1
7.5
CVSSv2
CVE-2003-0993
mod_access in Apache 1.3 prior to 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote malicious users to bypass intended access restrictions.
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.20
Apache Http Server 1.3.7
Apache Http Server 1.3.6
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Apache Http Server 1.3
Apache Http Server 1.3.12
Apache Http Server 1.3.3
Apache Http Server 1.3.17
Apache Http Server 1.3.26
Apache Http Server 1.3.9
Apache Http Server 1.3.14
Apache Http Server 1.3.29
Apache Http Server 1.3.22
Apache Http Server 1.3.11
5.5
CVSSv2
CVE-2021-3571
A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vuln...
Linuxptp Project Linuxptp
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
3.3
CVSSv2
CVE-2018-16869
A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext ...
Nettle Project Nettle
6.2
CVSSv2
CVE-2006-1319
chpst in runit 1.3.3-1 for Debian GNU/Linux, when compiled on little endian i386 machines against dietlibc, does not properly handle when multiple groups are specified in the -u option, which causes chpst to assign permissions for the root group due to inconsistent bit sizes for ...
Runit Runit 1.3.3.1
7.5
CVSSv2
CVE-2010-0731
The gnutls_x509_crt_get_serial function in the GnuTLS library prior to 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote malicious users to bypass the certificate re...
Gnu Gnutls 1.1.21
Gnu Gnutls 1.1.20
Gnu Gnutls 1.1.13
Gnu Gnutls 1.0.22
Gnu Gnutls 1.0.24
Gnu Gnutls 1.0.25
Gnu Gnutls 1.1.23
Gnu Gnutls 1.1.22
Gnu Gnutls 1.1.15
Gnu Gnutls 1.1.14
Gnu Gnutls 1.0.16
Gnu Gnutls 1.0.17
Gnu Gnutls
Gnu Gnutls 1.1.17
Gnu Gnutls 1.1.16
Gnu Gnutls 1.0.18
Gnu Gnutls 1.0.19
Gnu Gnutls 1.1.19
Gnu Gnutls 1.1.18
Gnu Gnutls 1.0.23
Gnu Gnutls 1.0.20
Gnu Gnutls 1.0.21
10
CVSSv2
CVE-2002-1318
Buffer overflow in samba 2.2.2 up to and including 2.2.6 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-end...
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.17
Sgi Irix 6.5.18
Sgi Irix 6.5.8
Sgi Irix 6.5.9
Samba Samba 2.2.4
Samba Samba 2.2.5
Sgi Irix 6.5.13
Sgi Irix 6.5.14
Sgi Irix 6.5.4
Sgi Irix 6.5.5
Samba Samba 2.2.6
Sgi Irix 6.5
Sgi Irix 6.5.15
Sgi Irix 6.5.16
Sgi Irix 6.5.6
Sgi Irix 6.5.7
Samba Samba 2.2.2
Samba Samba 2.2.3
Sgi Irix 6.5.11
Sgi Irix 6.5.12
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »