CVE-2023-2731

A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or...

PT-2023-3429 · Libtiff +7 · Libtiff +7

Name of the Vulnerable Software and Affected Versions: LibTIFF affected versions not specified Description: The issue is related to a NULL pointer dereference flaw in the LZWDecode function, located in the libtiff/tif lzw.c file. This flaw can be exploited by a local attacker who crafts specific...

Amazon Linux AMI : jasper (ALAS-2023-1733)

The version of jasper installed on the remote host is prior to 1.900.1-21.12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1733 advisory. A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper,...

Amazon Linux 2 : jasper (ALAS-2023-2018)

The version of jasper installed on the remote host is prior to 1.900.1-33. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2018 advisory. A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causi...

Important: jasper

Issue Overview: A flaw was found in the Jasper tool's jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27828 ...

Linux Kernel Denial of Service Vulnerability (CNVD-2023-34469)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in Linux Kernel, which stems from the presence of a null pointer dereference in iofilebitmapget. An attacker could exploit this...

Mozilla Thunderbird and Firefox Denial of Service Vulnerability

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A denial of service vulnerability exists in WebGL in Mozilla Thunderbird, Firefox, and...

CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

SUSE CVE-2017-7209

The dumpsectionasbytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash...

SUSE CVE-2017-7224

The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an empty function name, leading to a program crash...

SUSE CVE-2017-7223

GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream, potentially leading to a program crash...

SUSE CVE-2017-17850

An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSIP channel...

SUSE CVE-2021-26927

A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2decode in jp2dec.c may lead to program crash and denial of service...

SUSE CVE-2022-30067

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash...

OpenSSL 安全漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

OpenSSL 代码问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

OpenSSL 代码问题漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

ROS-20230203-02

Vim text editor vulnerability is related to division by zero error in 'smoothscroll' function at small window size. window size. Exploitation of the vulnerability could allow an attacker acting remotely to cause the program to crash. program crash...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-1163)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-10005 Infinite loop in github.com/btcsuite/go-socks

The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow...