ROS-20230622-07

The vulnerability in the libx11 library is due to the fact that the functions in src/InitExt.c in libX11 do not check that the the values provided for request, event, or error identifiers are within the boundaries of the of the arrays to which these functions write, using these identifiers as arr...

Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09887)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that would result in a write operation outside of the array boundaries i...

Mozilla Firefox TCP Socket API Implementation Information Disclosure Vulnerability

Mozilla Firefox is an open source web browser. The Mozilla Firefox TCP Socket API implementation fails to properly handle array boundaries, allowing remote attackers to exploit a vulnerability by reading packet data to obtain sensitive information in process memory...

CVE-2015-4503

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as...

CVE-2015-4503

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as...

CVE-2015-4503

The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as...

Fedora 21 : dcraw-9.25.0-2.fc21 (2015-8647)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directl...

Fedora 21 : ufraw-0.21-1.fc21 (2015-8717)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora 22 : ufraw-0.21-1.fc22 (2015-8699)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora 22 : dcraw-9.25.0-2.fc22 (2015-8621)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directl...

Fedora 20 : dcraw-9.25.0-2.fc20 (2015-8671)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS. Note that Tenable Network Security has extracted the preceding description block directl...

Debian DSA-2420-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. - CVE-2011-3377 The IcedTea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix...

Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not...

USN-342-1: PHP vulnerabilities

The sscanf function did not properly check array boundaries. In applications which use sscanf with argument swapping, a remote attacker could potentially exploit this to crash the affected web application or even execute arbitrary code with the application's privileges. CVE-2006-4020 The fileexis...

CVE-2005-0369

Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service application crash via a packet with a large 1 descriptor ID or 2 claimid, which exceeds the boundaries of an array...

CVE-2005-0369

CVE-2005-0369 affects Armagetron 0.2.6.0 and earlier, and Armagetron Advanced 0.2.7.0 and earlier. The vulnerability allows remote attackers to cause a denial of service (application crash) by sending a packet with a large descriptor_id or claim_id that exceeds array boundaries. The technical det...

xfstt array out of boundary

Large req-numranges causes out of array boundary memory access...