26 matches found
ImageMagick 资源管理错误漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2.23 and 6.9.13-48 contained a resource management vulnerability. This vulnerability stemmed from...
Nitro PDF Pro 安全漏洞
Nitro PDF Pro is a PDF editing and management tool developed by the American company Nitro. Version 14.41.1.4 of Nitro PDF Pro for Windows contains a security vulnerability. This vulnerability stems from the use of the this.mailDoc method, where heap deallocation is reused after deallocation, whi...
iccDEV 安全漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of the CIccCmm::AddXform function, where the heap was reused after...
PJSIP 资源管理错误漏洞
PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP version 2.17, there was a resource management vulnerability. This vulnerability stems from a...
FreeRDP 安全漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from xfcliprdrprovidedata passing released pDstData to XChangeProperty, which could lead to reuse of a heap...
FreeRDP 资源管理错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A resource management error vulnerability exists in versions prior to FreeRDP 3.20.1 that stems from a race condition between the RDPGFX dynamic virtual channel thread and the SDL rendering thread,...
FreeRDP 资源管理错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. A resource management error vulnerability exists in FreeRDP versions prior to 3.20.1, which originates in irpthreadfunc, where the IRP is released by irp-Complete and then accessed on the wrong path,...
FreeRDP 资源管理错误漏洞
FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. A resource management error vulnerability exists in versions prior to FreeRDP 3.20.1, which stems from a contention condition in the serial channel IRP thread trace that could lead to heap reuse aft...
fluidsynth 资源管理错误漏洞
fluidsynth is a fluidsynth open source application. It is used to generate audio by reading and processing MIDI events from MIDI input devices using SoundFont. A resource management error vulnerability exists in fluidsynth versions prior to 2.5.2, which stems from a contention condition when...
FuelVM is vulnerable to heap memory allocation re-use bug
Impact A memory safety vulnerability was present in the Fuel Virtual Machine FuelVM, where memory reads could bypass expected access controls. Specifically, when a smart contract performed a mload or other opcodes which access memory on memory that had been deallocated using ret, it was still abl...
NanoMQ 安全漏洞
NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms open-sourced by EMQ USA. A security vulnerability exists in NanoMQ version 0.17.9, which stems from the presence of heap reuse after heap release in the subCtxhandle component, which could lead to a denial of service attack...
ImageSharp 安全漏洞
ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API from ImageSharp, Inc. A security vulnerability exists in ImageSharp versions prior to v3.1.4 and prior to v2.1.8, which stems from a heap-release-after-reuse flaw found in ImageSharp's JPEG and TGA decoders, which i...
Hugin Resource Management Error Vulnerability
Hugin is a cross-platform open source panoramic photography image stitching software by Hugin Open Source. A resource management error vulnerability exists in Hugin version v2022.0.0, which stems from a vulnerability that allows an attacker to cause the heap to be reused after release by parsing ...
SQLite Security Vulnerabilities
SQLite is a lightweight database and ACID compliant relational database management system. A security vulnerability exists in SQLite versions prior to v3.43.2, which stems from the presence of a heap reuse after heap release issue that could cause a crash and lead to a denial of service...
GPAC 资源管理错误漏洞
GPAC is an open source multimedia framework. A security vulnerability exists in GPAC v2.3, which originates from the inclusion of heap reuse after release via the gfbsalign function in bitstream.c, allowing an attacker to cause a denial of service DoS by supplying a crafted file...
NanoMQ 资源管理错误漏洞
NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms open-sourced by EMQ Technologies, USA. A security vulnerability exists in NanoMQ version 0.16.5, which stems from the presence of a heap reuse after heap release issue...
PoDoFo Resource Management Error Vulnerability
PoDoFo is a free portable C++ library open-sourced by PoDoFo. A resource management error vulnerability exists in PoDoFo version 0.10.0, which stems from the function PoDoFo::PdfEncrypt::IsMetadataEncrypted containing heap reuse after release. A remote attacker can exploit this vulnerability to...
yasm 资源管理错误漏洞
yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in yasm version 1.3.0.55.g101bc, which originates from reuse after heap release via the function expandmmacparams in yasm/modules/preprocs/nasm/nasm-pp.c contains...
PoDoFo 资源管理错误漏洞
PoDoFo is a free portable C++ library open-sourced by PoDoFo. A resource management error vulnerability exists in PoDoFo version 0.10.0, which stems from the function PoDoFo::PdfEncrypt::IsMetadataEncrypted containing heap reuse after release. A remote attacker can exploit this vulnerability to...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from the presence of heap reuse after heap release...