Astra Linux – Vulnerability in apr-util

The integer overflow or wraparound vulnerability in the aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond the bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util version 1.6.1 and earlier...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the bintobase64 function in base64.c. An attacker can cause memory corruption by supplying very large input to sshgetfingerprinthash. Note: This is only exploitable on 32-bit systems. Remediation Upgrade libssh to...

CVE-2024-27094

OpenZeppelin Contracts is a library for secure smart contract development. The Base64.encode function encodes a bytes input by iterating over it in chunks of 3 bytes. When this input is not a multiple of 3, the last iteration may read parts of the memory that are beyond the input buffer. The...

aide: heap-based buffer overflow on outputs larger than B64_BUF

A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL...

Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004)

Luigi Auriemma Application: PopMessenger http://www.leadmind.com Versions: = 1.60 before 20 Sep 2004 Platforms: Windows Bug: crash Risk: medium Exploitation: remote broadcast Date: 21 September 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...