6881 matches found
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
Stack overflow
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
USN-5458-1: Vim vulnerabilities
It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...
CVE-2021-26635
CVE-2021-26635 affects Bandisoft ARK Library: buffer overflow risk due to incorrect data-type use when verifying file size, allowing manipulation of the read offset. CNNVD cites affected versions prior to 7.17, enabling potential remote code execution via a stack overflow. Public details about pa...
CVE-2021-26635 Bandisoft ARK Library buffer overflow vulnerability
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
OSV-2022-445 Stack-buffer-overflow in tlsCheckUncommonALPN
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47730 Crash type: Stack-buffer-overflow WRITE Crash state: tlsCheckUncommonALPN processClientServerHello processTLSBlock...
PT-2022-9783 · Unknown · Ark Library
Name of the Vulnerable Software and Affected Versions: ark library affected versions not specified Description: The issue arises from the incorrect use of data types in the code that verifies file sizes in the ark library. This allows an attacker to manipulate the offset read from the target file...
SUSE: Security Advisory (SUSE-SU-2022:1891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:1891-1 Security update for librelp
This update for librelp fixes the following issues: - CVE-2018-1000140: Fixed remote attack via specially crafted x509 certificates when connecting to rsyslog to trigger a stack buffer overflow and run arbitrary code bsc1086730...
OSV-2022-437 Stack-buffer-overflow in sc_asn1_read_tag
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47675 Crash type: Stack-buffer-overflow READ 1 Crash state: scasn1readtag scasn1findtag cardoslistfiles...
OSV-2022-436 Stack-buffer-overflow in spvtools::opt::CompositeInsertToCompositeConstruct
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47684 Crash type: Stack-buffer-overflow READ 8 Crash state: spvtools::opt::CompositeInsertToCompositeConstruct std::1::function::funcbool spvtools::opt::InstructionFolder::FoldInstructionInternal...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
Stack overflow
DISPUTED A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-42860
CVE-2021-42860 describes a stack-overflow in Mini-XML 3.2 when passing an unformed XML string to mxmlLoadString, triggering a stack-buffer-overflow in mxml_string_getc:2611. The vulnerability is documented across multiple sources (SUSE, OSV, NVD, etc.) with the same core flaw. The input’s legalit...
CVE-2021-42860
Removed by vendor...
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxmlstringgetc:2611. NOTE: it is unclear whether this input is allowed by the API specification...
CVE-2021-20314
A stack buffer overflow was found in libspf2 when processing certain SPF macros. This issue can lead to a denial of service and potentially code execution via malicious crafted SPF explanation messages. The highest threat from this vulnerability is to confidentiality, integrity, as well as system...