6 matches found
CVE-2026-21888
CVE-2026-21888 affects NanoMQ (MQTT v5) where get_var_integer() in the Variable Byte Integer parser accepts 5-byte varints without bounds checks, causing an out-of-bounds read and potential crash when built with ASan. Impact is described as high severity (CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N...
OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute
Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. Details In the LossyDctDecoderexecute function from...
AZL-35073 CVE-2023-2977 affecting package opensc for versions less than 0.22.0-3
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...
PT-2023-22410 · Opensc +7 · Opensc +7
Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: A security flaw in OpenSC causes a buffer overrun vulnerability in pkcs15 cardos have verifyrc package. An attacker can supply a smart card package with malformed ASN1 context. The cardos ha...
WebRTC - FEC Out-of-Bounds Read Exploit
Exploit for multiple platform in category dos / poc There is an out-of-bounds read in FEC processing in WebRTC. If a very short RTP packet is received, FEC will assume the packet is longer and process data outside of the allocated buffer. This bug causes the following ASAN crash: ==109993==ERROR:...
WebRTC - FEC Out-of-Bounds Read
WebRTC - FEC Out-of-Bounds Read There is an out-of-bounds read in FEC processing in WebRTC. If a very short RTP packet is received, FEC will assume the packet is longer and process data outside of the allocated buffer. This bug causes the following ASAN crash: ==109993==ERROR: AddressSanitizer:...