Lucene search
K

93 matches found

Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.4 views

PT-2023-13228 · Unknown +1 · Libsndfile +1

Name of the Vulnerable Software and Affected Versions: Libsndfile version 1.1.0 Description: An off-by-one error in the wav read header function in src/wav.c results in a write out of bounds, allowing an attacker to execute arbitrary code, cause a Denial of Service, or have other unspecified...

7.8CVSS7.9AI score0.00314EPSS
Exploits1References12
OSV
OSV
added 2023/03/02 7:10 p.m.6 views

CLSA-2023-1677784249 Fix CVE(s): CVE-2022-48303, CVE-2021-20193

SECURITY UPDATE: memory leak in readheader - debian/patches/CVE-2021-20193.patch: Don't return directly from the loop. Instead set the status and break. Return the status. - CVE-2021-20193.patch SECURITY UPDATE: a heap buffer overflow - debian/patches/CVE-2022-48303.patch: Check for the end of...

5.5CVSS6.8AI score0.04524EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.1 views

SUSE CVE-2009-1788

Heap-based buffer overflow in vocreadheader in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a VOC file with an invalid header value...

9.3CVSS8.2AI score0.08226EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-8919

The lhareadfileextendedheader function in archivereadsupportformatlha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap via a crafted 1 lzh or 2 lha file...

7.5CVSS6.8AI score0.04534EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.3 views

SUSE CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

5.3CVSS7AI score0.02259EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.4 views

SUSE CVE-2017-14501

An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...

4CVSS6.8AI score0.02147EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-1000223

soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility...

7CVSS7.8AI score0.02426EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:9 a.m.3 views

SUSE CVE-2019-14442

In mpc8readheader in libavformat/mpc8.c in Libav 12.3, an input file can result in an avioseek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file...

7.1CVSS6.9AI score0.01017EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.2 views

kernel: ext4: fix bug_on in __es_tree_search

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch Hulk Robot reported a BUGON: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline...

5.5CVSS6.3AI score0.00253EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.5 views

PT-2022-22553 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A heap-buffer overflow issue was discovered in SWFTools via the png read header function at /src/png2swf.c. Recommendations: At the moment, there is no information about a newer version th...

5.5CVSS5.3AI score0.00312EPSS
Exploits1References8
BDU FSTEC
BDU FSTEC
added 2022/09/19 12:0 a.m.9 views

The vulnerability of the read_header_tga function in the gd_tga.c component of the LibGD graphics library allows a hacker to cause a service failure.

The vulnerability of the readheadertga function in the gdtga.c component of the LibGD graphics library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a malicious actor to cause service failure by using a specially created TGA file...

7.1CVSS7AI score0.01869EPSS
Exploits1References10Affected Software4
Microsoft CVE
Microsoft CVE
added 2021/12/01 8:0 a.m.5 views

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

...

6.5CVSS7AI score0.01869EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/11/15 12:0 a.m.5 views

PT-2023-13229

Name of the Vulnerable Software and Affected Versions Libsndfile affected versions not specified Description The issue is related to multiple signed integers overflow in the au read header function in src/au.c and in the mat4 open and mat4 read header functions in src/mat4.c of Libsndfile. This...

7.8CVSS7.2AI score0.00351EPSS
Exploits1References50
OSV
OSV
added 2021/08/20 11:3 a.m.7 views

OESA-2021-1315 gd security update

Security Fixes: readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file.CVE-2021-38115...

6.5CVSS6.8AI score0.01869EPSS
Exploits1References2
OSV
OSV
added 2021/08/04 9:15 p.m.2 views

DEBIAN-CVE-2021-38115

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

6.5CVSS6.8AI score0.01869EPSS
Exploits1References1
OSV
OSV
added 2021/08/04 9:15 p.m.8 views

AZL-6431 CVE-2021-38115 affecting package gd for versions less than 2.3.3-1

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

6.5CVSS6.8AI score0.01869EPSS
Exploits1References1
OSV
OSV
added 2021/08/04 9:15 p.m.2 views

UBUNTU-CVE-2021-38115

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

6.5CVSS7.3AI score0.01869EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.7 views

The vulnerability of the spool_read_header() function in the Exim message transport agent allows attackers to bypass security restrictions due to insufficient input validation.

The vulnerability of the spoolreadheader function in the Exim mail agent is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to circumvent security restrictions remotely...

9.3CVSS7.3AI score0.09285EPSS
Exploits1References16Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/05/05 12:0 a.m.7 views

The vulnerability in the implementation of the read_header() function of the GNU Tar archive utility allows a hacker to trigger a service failure.

The vulnerability of the readheader function implementation in the GNU Tar archive viewer is related to the output of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created input file...

7.8CVSS6.7AI score0.01092EPSS
Exploits0References9Affected Software3
Positive Technologies
Positive Technologies
added 2021/02/05 12:0 a.m.7 views

PT-2022-20313 · Lighttpd +1 · Lighttpd +1

Name of the Vulnerable Software and Affected Versions: Lighttpd versions 1.4.56 through 1.4.58 Description: The issue allows a remote attacker to cause a denial of service due to CPU consumption from stuck connections. This is because a typo in the connection read header more function in...

7.5CVSS7.2AI score0.56418EPSS
Exploits3References17
Rows per page
Query Builder