164 matches found
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
Out-of-bounds
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
Out-of-bounds
Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
CVE-2023-38649
Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concer...
CLSA-2023-1689009273 Fix CVE(s): CVE-2023-32324
SECURITY UPDATE: a heap buffer overflow vulnerability - debian/patches/CVE-2023-32324.patch: fix cupsstrlcpy to exit immideately if a length of the source string is zero - CVE-2023-32324...
PT-2023-2330 · Rocket · Universe +1
Name of the Vulnerable Software and Affected Versions: Rocket Software UniData versions prior to 8.2.4 build 3003 Rocket Software UniVerse versions prior to 11.3.5 build 1001 Rocket Software UniVerse versions prior to 12.2.1 build 2002 Description: The issue is related to a buffer overflow in an...
SUSE CVE-2012-6538
The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...
SUSE CVE-2013-2546
The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...
SUSE CVE-2015-8869
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function...
SUSE CVE-2016-5243
The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...
SUSE CVE-2016-10145
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy...
SUSE CVE-2021-41689
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...
CVE-2017-16336
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
CVE-2017-16318
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...
Grandstream GSD3710 缓冲区错误漏洞
The Grandstream GSD3710 is an HD video access control system from Grandstream. A security vulnerability exists in the Grandstream GSD3710 version 1.0.11.13, which originates from not checking the length of parameters before using the strcopy command, and can be exploited by an attacker to create ...
Denial Of Service (DoS)
libdcmtk.so is vulnerable to denial of service. The vulnerability exists due to the improper handle of the string copy property which allows an attacker to crash the system via a maliciously crafted request...
DEBIAN-CVE-2021-41689
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...
CVE-2021-41689
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the result even if the result is null, which can incur a head-based overflow. An attacker can use it to launch a DoS attack...