exiv2: Out-of-bounds read in Exiv2::Internal::CrwMap::encode

There is a flaw in exiv2. An attacker who is able to submit a crafted file to be processed by an application linked with exiv2 could trigger an out-of-bounds read. The greatest risk of this flaw is to application availability and data confidentiality...

exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS

A flaw was found in exiv2. A integer wraparound in the CrwMap:encode0x1810 function leads to memcpy call with a very large size allowing an attacker, who can provide a malicious image, to crash an application which uses the exiv2 library. The highest threat from this vulnerability is to service...

openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c

A flaw was found in OpenJPEG. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability...

openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c

No description is available for this CVE...

UBUNTU-CVE-2020-21548

Libsixel 1.8.3 contains a heap-based buffer overflow in the sixelencodehighcolor function in tosixel.c...

libsixel 缓冲区错误漏洞

libsixel is a SIXEL encoder/decoder implementation. a heap buffer overflow vulnerability exists in the sixelencodehighcolor function in tosixel.c in Libsixel version 1.8.3. No detailed vulnerability details are currently available...

Fedora: Security Advisory for perl-Encode (FEDORA-2021-44c65203cc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: perl-Encode-3.08-459.fc33

The Encode module provides the interface between Perl strings and the rest of the system. Perl strings are sequences of characters...

GHSA-W74J-V8XH-3W5H Reference binding to nullptr in unicode encoding

Impact An attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode: python import tensorflow as tf from tensorflow.python.ops import genstringops genstringops.unicodeencode inputvalues=, inputsplits=, outputencoding='UTF-8', errors='ignore',...

CVE-2021-3694

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

Information disclosure

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

[SECURITY] Fedora 34 Update: perl-Encode-3.12-460.fc34

The Encode module provides the interface between Perl strings and the rest of the system. Perl strings are sequences of characters...

Fedora: Security Advisory for perl-Encode (FEDORA-2021-92e07de1dd)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PYSEC-2021-289

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

CVE-2021-37667

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

CVE-2021-37667

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.UnicodeEncode. The implementation reads the first dimension of the inputsplits tensor before validating that th...

ALPINE-CVE-2021-36770

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...

DEBIAN-CVE-2021-36770

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...

Design/Logic Flaw

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...

CVE-2021-36770

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in the current working directory that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm 3.05...