Att Att

  1. Vendors
  2. Att

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Att product.

RSS Feeds for Att security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Att products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Att Sorted by Most Security Vulnerabilities since 2018

Att Xmill13 vulnerabilities

Att Labs Xmill6 vulnerabilities

Att Alienvault Ossim1 vulnerability

Att Mobileiron Sentry1 vulnerability

Att Mobileiron Virtual Smartphone Platform1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Att. Att did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2026 0 0.00
2025 0 0.00
2024 0 0.00
2023 0 0.00
2022 1 9.80
2021 13 9.01
2020 1 0.00

It may take a day or so for new Att vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Att Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2022-26507 Apr 14, 2022
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7 A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Xmill
CVE-2021-21811 Aug 31, 2021
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs Xmill 0.7 A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21828 Aug 20, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21827 Aug 20, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21826 Aug 20, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21825 Aug 18, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21810 Aug 17, 2021
A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs Xmill 0.7 A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
Xmill
CVE-2021-21815 Aug 13, 2021
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7 A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger this vulnerability.
Labs Xmill
Xmill
CVE-2021-21814 Aug 13, 2021
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strlen to determine the ending location of the char* passed in by the user, no checks are done to see if the passed in char* is longer than the staticly sized buffer data is memcpyd into, but after the memcpy a null byte is written to what is assumed to be the end of the buffer to terminate the char*, but without length checks, this null write occurs at an arbitrary offset from the buffer. An attacker can provide malicious input to trigger this vulnerability.
Labs Xmill
Xmill
CVE-2021-21813 Aug 13, 2021
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.
Labs Xmill
Xmill
CVE-2021-21812 Aug 13, 2021
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs Xmill 0.7 A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a static sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.
Labs Xmill
Xmill
CVE-2021-21830 Aug 13, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Labs Xmill
Xmill
CVE-2021-21829 Aug 13, 2021
A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs Xmill 0.7 A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Labs Xmill
Xmill
CVE-2020-22650 Jul 19, 2021
A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events.
Alienvault Ossim
CVE-2013-7286 Feb 12, 2020
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
Mobileiron Sentry
Mobileiron Virtual Smartphone Platform
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.