85 matches found
CVE-2020-20665
CVE-2020-20665 affects rudp v0.6, with a memory leak reported in the main.c component. The vulnerability is associated with a memory leak in rudp, leading to potential availability impact (CVE metrics cite HIGH availability impact under CVSS-3.1, and MEDIUM under CVSS-2.0). Exploitation details a...
CVE-2019-19005
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
CVE-2021-26567
Summary: CVE-2021-26567 is a stack-based buffer overflow in the FAAD2 decoder (frontend/main.c) of faad2 prior to 2.2.7.1. The vulnerability allows a local attacker to execute arbitrary code via crafted filename and pathname options. Affected context is mainly Synology DiskStation Manager (faad2 ...
CVE-2019-19005
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
Double free
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...
Privilege Escalation
s3d is vulnerable to privilege escalation. The pipeinitterminal function in main.c allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier...
CVE-2019-13989
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat function in main.c...
Stack overflow
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat function in main.c...
CVE-2019-13989
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat function in main.c...
UBUNTU-CVE-2019-13989
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat function in main.c...
CVE-2019-13989
CVE-2019-13989 affects dpic 2019.06.20, with a Stack-based Buffer Overflow in the wfloat() function of main.c. The vulnerability can impact C/I/A (per CVSS) and has public advisories indicating fixes in newer dpic packages (e.g., Mageia MGASA-2020-0460) and vendor/OS advisories; patching/upgradin...
CVE-2013-6876
The 1 ptyinitterminal and 2 pipeinitterminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the...
w3m - multiple vulnerabilities
Tatsuya Kinoshita reports: CVE-2018-6196 table.c: Prevent negative indent value in feedtableblocktag. CVE-2018-6197 form.c: Prevent invalid columnPos call in formUpdateBuffer. CVE-2018-6198 config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c: Make temporary directory safely when /.w...
CVE-2018-5252
libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the getrawsampleint function in imagew-main.c...
CVE-2018-5252
CVE-2018-5252 affects ImageWorsener 1.3.2 (libimageworsener.a) when linked with libjpeg 8d. The vulnerability is described as a large loop in get_raw_sample_int in imagew-main.c, leading to denial of service. Multiple sources (CNVD, NVD, Red Hat entry) corroborate the vulnerable component and ver...
CVE-2017-11747
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...
ImageWorsener Denial of Service Vulnerability (CNVD-2017-08092)
ImageWorsener is a set of image scaling and processing utilities. A security vulnerability exists in the imagew-main.c:960:12 of the libimageworsener.a file in ImageWorsener version 1.3.1. A remote attacker can exploit this vulnerability to cause a denial of service buffer overflow with a special...
CVE-2017-9203
imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...
CVE-2017-9203
imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...
Gnome gnome-session buffer overflow vulnerability
Gnome-session is a session tool for the Gnome 2.x desktop environment. A buffer overflow vulnerability exists in the 'main.c' script of nome gnome-session, which stems from the program's failure to perform proper bounds checking on user-submitted input. An attacker could use this vulnerability to...