Caryll OTFCC otfccdump+0x6b064d buffer overflow vulnerability

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. Caryll OTFCC suffers from a buffer overflow vulnerability that originates from a boundary error in /release-x64/otfccdump+0x6b064d when handling untrusted input. An attacker could...

Caryll OTFCC otfccdump+0x6e1fc8 buffer overflow vulnerability

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. Caryll OTFCC suffers from a buffer overflow vulnerability that originates from a boundary error in /release-x64/otfccdump+0x6e1fc8 when handling untrusted input. An attacker could...

Mozilla Firefox Buffer Overflow Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability that originates from a boundary error during startup when a graphics driver with an unexpected name handles untrusted input. An attacker cou...

SWFTools getGifDelayTime function buffer overflow vulnerability

SWFTools is a set of utilities for working with Adobe Flash files SWF files. A buffer overflow vulnerability exists in SWFTools commit 772e55a2, which originates from a boundary error in the getGifDelayTime function of /home/bupt/Desktop/swftools/src/src/gif2swf.c when processing untrusted input...

OTFCC 安全漏洞

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A denial of service vulnerability exists in Caryll OTFCC, which originates from a segmentation conflict at /release-x64/otfccdump+0x4fbbb6. An attacker can exploit the vulnerability t...

OTFCC 缓冲区错误漏洞

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. Caryll OTFCC suffers from a buffer overflow vulnerability that originates from a boundary error in /release-x64/otfccdump+0x6e1fc8 when handling untrusted input. An attacker could...

SWFTools Memory Disclosure Vulnerability (CNVD-2022-70586)

SWFTools is a set of utilities for working with Adobe Flash files SWF files. A memory leak vulnerability exists in SWFTools, which originates from /lib/mem.c not freeing or failing to free dynamically allocated heap memory, and can be exploited by an attacker to cause the program to crash...

OTFCC Buffer Overflow Vulnerability (CNVD-2023-11833)

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC suffers from a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x4adcdb when handling untrusted input, which can be exploited by an attacker to cause a program...

OTFCC Buffer Overflow Vulnerability (CNVD-2023-11836)

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC suffers from a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x6e412a when handling untrusted input, which can be exploited by an attacker to cause a program...

OTFCC Buffer Overflow Vulnerability (CNVD-2023-11837)

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC suffers from a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x6e41a8 when handling untrusted input, which can be exploited by an attacker to cause a program...

OTFCC Buffer Overflow Vulnerability (CNVD-2023-11835)

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC suffers from a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x6c0bc3 when handling untrusted input, which can be exploited by an attacker to cause a program...

USN-5618-1 ghostscript vulnerability

It was discovered the Ghostscript incorrectly handled memory when processing certain inputs. By tricking a user into opening a specially crafted PDF file, an attacker could cause the program to crash...

SWFTools 安全漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files. A memory leak vulnerability exists in SWFTools, which originates from /lib/mem.c not freeing or failing to free dynamically allocated heap memory, and can be exploited by an attacker to cause the program to crash...

OTFCC 缓冲区错误漏洞

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC suffers from a buffer overflow vulnerability that originates in /release-x64/otfccdump 0x6e412a when handling untrusted input, which can be exploited by an attacker to cause a program...

Denial Of Service (DoS)

binutils:sid is vulnerable denial of service. A NULL pointer dereference in the readanddisplayattrvalue function in binutils/dwarf.c may lead to program crash when parsing corrupt DWARF data...

Google Chrome Resource Management Error Vulnerability (CNVD-2022-81243)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a Resource Management Error vulnerability that originates from a confusion in the instructions of the program responsible for freeing memory in Frames. An attacker could exploit this vulnerability to cause...

CVE-2022-35940

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

CVE-2022-35941 `CHECK` failure in `AvgPoolOp` in Tensorflow

TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a resource management error vulnerability that originates from a confusion in the instruction responsible for freeing memory in iouring. An attacker...

CVE-2022-36078

CVE-2022-36078 affects github.com/gagliardetto/binary. The memory-allocation vulnerability arises when decoding data into slices (e.g., via dec.Decode(&val)) where the slice length is read from input without proper bounds checks, enabling excessive memory allocation and potential DoS. The advisor...