ConnMan is a command-line network manager designed for use with embedded devices and fast resolve times.
| CVE ID | Score | Description |
|---|---|---|
| CVE-2023-28488 | 6.5 MEDIUM | Integer underflow and subsequent stack buffer overflow. gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers to cause a denial of service, terminating the connman process. Patch |
ONLYOFFICE offers a secure online office suite, as it says on their website. Here are vulnerabilities that I found in their product.
| CVE ID | Score | Description |
|---|---|---|
| CVE-2021-3199 | 9.8 CRITICAL | Directory traversal with Remote Code Execution when JWT is used in Document Server before 5.6.3 |
| CVE-2022-29776 | 9.8 CRITICAL | Classic stack buffer overflow leading to Remote Code Execution in DocumentServer 6.0.0 and earlier |
| CVE-2022-29777 | 9.8 CRITICAL | Heap buffer overflow (underflow) allows writing the pointer of a heap-chunk with a data controlled by the attacker, into a neighboring (located at a lower address) heap-chunk (DocumentServer 6.0.0 and earlier). Strong primitive, leads to Remote Code Execution |
| CVE ID | Score | Description |
|---|---|---|
| CVE-2024-24737 | 6.3 MEDIUM | Infinite loop in processing of DNS responses (when processing compression), leads to Denial of Service. Used in a chain of vulnerabilities |
+ Not disclosed ones