Format string

An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...

CVE-2021-35940

The connected docs confirm a concrete issue in the Apache Portable Runtime (APR) regarding CVE-2017-12613: an out-of-bounds array read in apr_time_exp*() that was fixed in APR 1.6.3. The APR 1.7.x branch did not carry that fix, and APR 1.7.0 regressed to be vulnerable to the same issue. A patch f...

CVE-2021-35940

An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...

Apache Portable Runtime 缓冲区错误漏洞

Apache Portable Runtime APR, Apache Portable Runtime Library is an Apache Foundation library that provides an underlying support interface for upper-level applications that can be used across multiple operating system platforms. a security vulnerability exists in Apache Portable Runtime version...

VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2020-14153

In IJG JPEG aka libjpeg from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers...

CVE-2020-14153

In IJG JPEG aka libjpeg from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers...

Out-of-bounds

In IJG JPEG aka libjpeg from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers...

CVE-2020-14153

In IJG JPEG aka libjpeg from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers...

CVE-2020-14153

Affected software: IJG JPEG (libjpeg) up to version 9c. Root cause: out-of-bounds array read in jdhuff.c for certain table pointers. Impact (per provided CVE data): partial confidentiality, partial availability; local/remote exploitability details and user interaction are documented differently a...

Debian DLA-2039-1 : libvorbis security update

Two issues have been found in libvorbis, a decoder library for Vorbis General Audio Compression Codec. 2017-14633 In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to DoS when operating on a crafted audio fi...

EulerOS 2.0 SP3 : libvorbis (EulerOS-SA-2019-2622)

According to the version of the libvorbis package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to Do...

EulerOS 2.0 SP2 : libvorbis (EulerOS-SA-2019-2502)

According to the versions of the libvorbis package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward in mapping0.c, which may lead to...

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

Design/Logic Flaw

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

UBUNTU-CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

Information disclosure

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...