CVE-2023-3745 Imagemagick: heap-buffer-overflow in pushcharpixel() in quantum-private.h

A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a...

CVE-2023-21194

In gattdbgopname of gattutils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2023-35880 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the IEC104Stats::processPacket function,...

CVE-2023-34474

A heap-based buffer overflow issue was found in ImageMagick's ReadTIM2ImageData function in coders/tim2.c. This flaw allows a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error, and allowing an application to crash, resulting in a denial...

PT-2023-11764 · Libdwarf · Libdwarf

Name of the Vulnerable Software and Affected Versions: libdwarf versions prior to 20201017 Description: The issue is caused by an invalid pointer dereference via an invalid line table in a crafted object, resulting in a one-byte out-of-bounds read. Recommendations: For versions prior to 20201017,...

PT-2023-35766 · Google · Google Myanmar Tools

Name of the Vulnerable Software and Affected Versions: google myanmar tools affected versions not specified Description: The issue is related to a crash in the ZawgyiDetector component of google myanmar tools. The crash occurs due to an unknown read error. Technical details about the crash includ...

CVE-2023-1906

A heap-based buffer overflow was found in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. This issue could allow an attacker to pass a specially crafted file to convert, triggering an out-of-bounds read error, which could cause an application to crash and result ...

PT-2023-35760 · Git +1 · Libdwarf

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details include a crash state involving dwarf memcpy noswap bytes, dwarf extract...

CVE-2023-21014

In multiple locations of p2piface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

PT-2023-5364 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions prior to V2201.0006 Description: The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code...

SUSE CVE-2004-0183

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service crash via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite...

SUSE CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

SUSE CVE-2010-3063

The phpmysqlndreaderrorfromline function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used...

SUSE CVE-2013-6484

The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service out-of-bounds write operation and application crash by triggering a socket read error...

SUSE CVE-2014-1746

The InMemoryUrlProtocol::Read function in media/filters/inmemoryurlprotocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service out-of-bounds read via vectors that trigger use of a large buffer...

SUSE CVE-2015-2189

Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...

SUSE CVE-2017-5601

An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive...

SUSE CVE-2017-9182

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service use-after-free and invalid heap read, related to the GETCOLOR function in color.c:16:11...

SUSE CVE-2017-16910

An error within the "LibRaw::xtransinterpolate" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition...

SUSE CVE-2018-6069

Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...