93 matches found
PT-2023-13228 · Unknown +1 · Libsndfile +1
Name of the Vulnerable Software and Affected Versions: Libsndfile version 1.1.0 Description: An off-by-one error in the wav read header function in src/wav.c results in a write out of bounds, allowing an attacker to execute arbitrary code, cause a Denial of Service, or have other unspecified...
CLSA-2023-1677784249 Fix CVE(s): CVE-2022-48303, CVE-2021-20193
SECURITY UPDATE: memory leak in readheader - debian/patches/CVE-2021-20193.patch: Don't return directly from the loop. Instead set the status and break. Return the status. - CVE-2021-20193.patch SECURITY UPDATE: a heap buffer overflow - debian/patches/CVE-2022-48303.patch: Check for the end of...
SUSE CVE-2009-1788
Heap-based buffer overflow in vocreadheader in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a VOC file with an invalid header value...
SUSE CVE-2015-8919
The lhareadfileextendedheader function in archivereadsupportformatlha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap via a crafted 1 lzh or 2 lha file...
SUSE CVE-2017-12940
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...
SUSE CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
SUSE CVE-2018-1000223
soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility...
SUSE CVE-2019-14442
In mpc8readheader in libavformat/mpc8.c in Libav 12.3, an input file can result in an avioseek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file...
kernel: ext4: fix bug_on in __es_tree_search
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline...
PT-2022-22553 · Swftools · Swftools
Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A heap-buffer overflow issue was discovered in SWFTools via the png read header function at /src/png2swf.c. Recommendations: At the moment, there is no information about a newer version th...
The vulnerability of the read_header_tga function in the gd_tga.c component of the LibGD graphics library allows a hacker to cause a service failure.
The vulnerability of the readheadertga function in the gdtga.c component of the LibGD graphics library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a malicious actor to cause service failure by using a specially created TGA file...
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.
...
PT-2023-13229
Name of the Vulnerable Software and Affected Versions Libsndfile affected versions not specified Description The issue is related to multiple signed integers overflow in the au read header function in src/au.c and in the mat4 open and mat4 read header functions in src/mat4.c of Libsndfile. This...
OESA-2021-1315 gd security update
Security Fixes: readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file.CVE-2021-38115...
DEBIAN-CVE-2021-38115
readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...
AZL-6431 CVE-2021-38115 affecting package gd for versions less than 2.3.3-1
readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...
UBUNTU-CVE-2021-38115
readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...
The vulnerability of the spool_read_header() function in the Exim message transport agent allows attackers to bypass security restrictions due to insufficient input validation.
The vulnerability of the spoolreadheader function in the Exim mail agent is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to circumvent security restrictions remotely...
The vulnerability in the implementation of the read_header() function of the GNU Tar archive utility allows a hacker to trigger a service failure.
The vulnerability of the readheader function implementation in the GNU Tar archive viewer is related to the output of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created input file...
PT-2022-20313 · Lighttpd +1 · Lighttpd +1
Name of the Vulnerable Software and Affected Versions: Lighttpd versions 1.4.56 through 1.4.58 Description: The issue allows a remote attacker to cause a denial of service due to CPU consumption from stuck connections. This is because a typo in the connection read header more function in...