Vulnerabilities > ATT > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-31 CVE-2021-21811 Integer Underflow (Wrap or Wraparound) vulnerability in ATT Xmill 0.7
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-191
7.5
2021-08-20 CVE-2021-21826 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-20 CVE-2021-21827 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-20 CVE-2021-21828 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-18 CVE-2021-21825 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-17 CVE-2021-21810 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-13 CVE-2021-21813 Out-of-bounds Write vulnerability in ATT Xmill 0.7
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line.
local
low complexity
att CWE-787
7.8
2021-08-13 CVE-2021-21814 Argument Injection or Modification vulnerability in ATT Xmill 0.7
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line.
local
low complexity
att CWE-88
7.8
2012-08-21 CVE-2012-2980 Credentials Management vulnerability in multiple products
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
7.1
2001-05-03 CVE-2001-0167 Buffer Overflow vulnerability in AT&T; WinVNC Client
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
network
high complexity
att
7.6