Vulnerabilities > ATT > Xmill

DATE CVE VULNERABILITY TITLE RISK
2022-04-14 CVE-2022-26507 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7.
network
low complexity
att schneider-electric CWE-787
critical
9.8
2021-08-31 CVE-2021-21811 Integer Underflow (Wrap or Wraparound) vulnerability in ATT Xmill 0.7
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-191
7.5
2021-08-20 CVE-2021-21826 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-20 CVE-2021-21827 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-20 CVE-2021-21828 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-18 CVE-2021-21825 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-17 CVE-2021-21810 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7.
network
low complexity
att CWE-787
7.5
2021-08-13 CVE-2021-21812 Out-of-bounds Write vulnerability in ATT Xmill 0.7
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7.
local
low complexity
att CWE-787
4.6
2021-08-13 CVE-2021-21813 Out-of-bounds Write vulnerability in ATT Xmill 0.7
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line.
local
low complexity
att CWE-787
7.8
2021-08-13 CVE-2021-21814 Argument Injection or Modification vulnerability in ATT Xmill 0.7
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line.
local
low complexity
att CWE-88
7.8