CVE-2025-21439

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer...

CVE-2025-21439

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer...

DEBIAN-CVE-2022-49165

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers If the application queues an NV12M jpeg as output buffer, but then queues a single planar capture buffer, the kernel will crash with "Unable to handle kerne...

PT-2025-49304

Name of the Vulnerable Software and Affected Versions yawkat LZ4 Java versions 1.10.0 and earlier Description yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations allows remote attackers to read previous buffer...

CVE-2024-2608

AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

GHSA-F5X6-7QGP-JHF3 ecrecover can return undefined data if signature does not verify

Impact the ecrecover precompile does not fill the output buffer if the signature does not verify, see https://github.com/ethereum/go-ethereum/blob/b058cf454b3bdc7e770e2b3cec83a0bcb48f55ee/core/vm/contracts.goL188. however, the ecrecover builtin will still return whatever is at memory location 0...

Buffer Overflows

gpac is vulnerable to Buffer Overflows. The vulnerability found within the filters/loadtext.c file, which causes the program to copy the input buffer into the output buffer without verifying the buffer size resulting in buffer overflows...

Debian: Security Advisory (DLA-711-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-6431

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted file that triggers writes of uncompressed bytes...

SUSE CVE-2016-8339

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG S...

SUSE CVE-2018-14779

A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivtransferdata: % highlight c % ifoutlen + recvlen - 2 maxout fprintfstderr, "Output buffer to small, wanted to write %lu, max was %lu.", outlen +...

ASB-A-253337348

The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow...

CVE-2022-23004

When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario,...

The vulnerability of the general input/output buffer system with memory display on Intel processors’ MMIO instructions allows attackers to disclose protected information.

The vulnerability of the general input/output buffer with memory display MMIO of Intel processors is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to disclose protected information...

ALPINE-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

Buffer overflow

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

UBUNTU-CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

CVE-2021-43303

Buffer overflow in PJSUA API when calling pjsuacalldump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument supplied...

UBUNTU-CVE-2021-45451

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...