Lucene search
K

40 matches found

OSV
OSV
added 2022/03/17 1:15 a.m.3 views

CVE-2022-25515

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

6.5CVSS5.8AI score0.00922EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/03/17 1:15 a.m.1 views

CVE-2022-25515

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

6.5CVSS5.5AI score0.00922EPSS
Exploits1References3
NVD
NVD
added 2022/03/17 1:15 a.m.22 views

CVE-2022-25514

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

7.5CVSS0.01021EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/03/17 1:15 a.m.2 views

CVE-2022-25514

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

7.5CVSS5.5AI score0.01021EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2022/03/17 1:15 a.m.35 views

CVE-2022-25516

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbttfindtable at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

6.5CVSS6.6AI score0.00922EPSS
Exploits1References2
Prion
Prion
added 2022/03/17 1:15 a.m.14 views

Heap overflow

DISPUTED stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

5CVSS7.6AI score0.01021EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/03/17 1:15 a.m.18 views

Heap overflow

DISPUTED stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbttfindtable at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

5CVSS6.5AI score0.00922EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/03/17 1:15 a.m.34 views

CVE-2022-25514

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

7.5CVSS7.1AI score0.01021EPSS
Exploits1References2
OSV
OSV
added 2022/03/17 1:15 a.m.8 views

UBUNTU-CVE-2022-25515

DISPUTED stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

6.5CVSS5.8AI score0.00922EPSS
Exploits1References3
OSV
OSV
added 2022/03/17 1:15 a.m.6 views

UBUNTU-CVE-2022-25514

DISPUTED stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

7.5CVSS7.1AI score0.01021EPSS
Exploits1References3
OSV
OSV
added 2022/03/17 1:15 a.m.5 views

UBUNTU-CVE-2022-25516

DISPUTED stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbttfindtable at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

6.5CVSS5.8AI score0.00922EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/03/17 12:0 a.m.15 views

CVE-2022-25514

stbtruetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT at stbtruetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input...

7.4AI score0.01021EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/03/17 12:0 a.m.3 views

PT-2022-17343 · Unknown · Stb Truetype.H

Name of the Vulnerable Software and Affected Versions: stb truetype.h version 1.26 Description: A heap-buffer-overflow issue was discovered in the ttUSHORT function at stb truetype.h. It is noted that the source code includes a disclaimer stating it should only be used with trusted input. A third...

7.5CVSS7.4AI score0.01021EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2022/03/17 12:0 a.m.5 views

PT-2022-17344 · Unknown · Stb Truetype.H

Name of the Vulnerable Software and Affected Versions: stb truetype.h version 1.26 Description: A heap-buffer-overflow issue was discovered in stb truetype.h via the function ttULONG. It is noted that the source code includes a disclaimer stating it should only be used with trusted input. A third...

6.5CVSS7.2AI score0.00922EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2022/03/17 12:0 a.m.51 views

CVE-2022-25515

Removed by vendor...

6.5CVSS6.5AI score0.00922EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/03/17 12:0 a.m.64 views

CVE-2022-25516

Removed by vendor...

6.5CVSS6.5AI score0.00922EPSS
Exploits1
NVD
NVD
added 2021/08/20 10:15 p.m.31 views

CVE-2021-21827

A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within DecodeTreeBlock which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An...

9.8CVSS0.01136EPSS
Exploits1References1
Prion
Prion
added 2021/03/03 2:15 a.m.22 views

Remote code execution

Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was...

6.8CVSS9.2AI score0.04269EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2019/03/12 5:41 p.m.8 views

SUSE-SU-2019:13977-1 Security update for python-numpy

This update for python-numpy fixes the following issues: Security issue fixed: - CVE-2019-6446: Set allowpickle to false by default to restrict loading untrusted content bsc1122208. With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing...

9.8CVSS9.7AI score0.17078EPSS
Exploits2References3
OSV
OSV
added 2018/09/17 12:0 p.m.45 views

RUSTSEC-2018-0006 Uncontrolled recursion leads to abort in deserialization

Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth. Note: clap 2.33 is not...

7.5CVSS7.5AI score0.01411EPSS
Exploits0References3
Rows per page
Query Builder