Filtered by vendor Att
Subscriptions
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2980 | 5 Att, Htc, Samsung and 2 more | 9 Status, Chacha, Desire and 6 more | 2025-04-11 | N/A |
| The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. | ||||
| CVE-2013-6029 | 1 Att | 1 Connect Participant Application | 2025-04-11 | N/A |
| Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file. | ||||
| CVE-2000-1164 | 1 Att | 1 Winvnc | 2025-04-03 | N/A |
| WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system. | ||||
| CVE-2001-0167 | 1 Att | 1 Winvnc | 2025-04-03 | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | ||||
| CVE-2001-0168 | 1 Att | 1 Winvnc | 2025-04-03 | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. | ||||
| CVE-1999-1034 | 1 Att | 1 Svr4 | 2025-04-03 | N/A |
| Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. | ||||
| CVE-2002-0971 | 3 Att, Tightvnc, Tridia | 3 Winvnc Server, Tightvnc, Tridiavnc | 2025-04-03 | N/A |
| Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box. | ||||
| CVE-2002-1511 | 3 Att, Redhat, Tightvnc | 4 Vnc, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
| CVE-2001-1422 | 1 Att | 1 Winvnc | 2025-04-03 | N/A |
| WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | ||||
| CVE-1999-1059 | 1 Att | 1 Svr4 | 2025-04-03 | N/A |
| Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. | ||||
| CVE-2022-26507 | 2 Att, Schneider-electric | 9 Xmill, Ecostruxure Control Expert, Ecostruxure Process Expert and 6 more | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2021-21830 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21829 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21828 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21827 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21826 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21825 | 1 Att | 1 Xmill | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21815 | 1 Att | 1 Xmill | 2024-11-21 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger this vulnerability. | ||||
| CVE-2021-21814 | 1 Att | 1 Xmill | 2024-11-21 | 7.8 High |
| Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strlen to determine the ending location of the char* passed in by the user, no checks are done to see if the passed in char* is longer than the staticly sized buffer data is memcpy‘d into, but after the memcpy a null byte is written to what is assumed to be the end of the buffer to terminate the char*, but without length checks, this null write occurs at an arbitrary offset from the buffer. An attacker can provide malicious input to trigger this vulnerability. | ||||
| CVE-2021-21813 | 1 Att | 1 Xmill | 2024-11-21 | 7.8 High |
| Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow. | ||||