GO-2026-4961 Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

Linux Distros Unpatched Vulnerability : CVE-2021-29945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32...

Linux Distros Unpatched Vulnerability : CVE-2024-53111

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix address wraparound in movepagetables On 32-bit platforms, it is possible for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an address wrap-around issue on 32-bit platforms with the movepagetables function in the mm/mremap component...

libexpat: Integer Overflow or Wraparound

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

CVE-2024-36895

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb "usb: gadget: uvc: Generalise helper functions for reuse" introduced a helper...

CVE-2024-36895 usb: gadget: uvc: use correct buffer size when parsing configfs lists

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: use correct buffer size when parsing configfs lists This commit fixes uvc gadget support on 32-bit platforms. Commit 0df28607c5cb "usb: gadget: uvc: Generalise helper functions for reuse" introduced a helper...

RUSTSEC-2023-0075 Unaligned write of u64 on 32-bit and 16-bit platforms

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::writeunaligned. In platforms with sub-64bit alignment for usize including wasm32 and x86 these writes are insufficiently aligned some of the time. If using an ordinary optimiz...

RHEL 9 : gmp (RHSA-2023:6661)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6661 advisory. The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2023-1136)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC...

Integer overflow

GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...

CVE-2021-43618

GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...

Integer overflow

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that...

Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads

The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Internet Bug Bounty: CVE-2020-10938-buffer overflow/out-of-bounds write in compress.c:HuffmanDecodeImage()

Hello, There is an out-of-bounds write that is likely exploitable while performing Huffman decoding of Fax images. The technical details are as follows. Type: integer underflow produces out of bounds heap/etc write Platform: 32-bit Details: 390 MagickExport MagickPassFail HuffmanDecodeImageImage...

CVE-2019-7303 Snapd seccomp filter TIOCSTI ioctl bypass

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl2 commands on a 64-bit platform; however, the Linux kernel only uses the lower 32...

CVE-2018-20658

The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service daemon crash via a crafted XRMD command...

UBUNTU-CVE-2017-8816

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service integer overflow and resultant buffer overflow, and application crash or possibly have unspecified other impact via vectors involving long user and password fields...

mpg123 'INT123_parse_new_id3' function integer overflow vulnerability

mpg123 on 32-bit platforms is a MPEG audio player and decoding library for 32-bit operating systems developed by software developer Michael Hipp.ID3 parser is one of the ID3 parsers. An integer overflow vulnerability exists in the 'INT123parsenewid3' function of the ID3 parser in versions of mpg1...

CVE-2017-12797

Integer overflow in the INT123parsenewid3 function in the ID3 parser in mpg123 before 1.25.5 on 32-bit platforms allows remote attackers to cause a denial of service via a crafted file, which triggers a heap-based buffer overflow...