The Sleuth Kit 缓冲区错误漏洞

The Sleuth Kit TSK is a set of data forensics tools developed by Brian Carrier individually. This tool can analyze file systems such as FAT, NTFS, and UFS, and provide detailed information about those file systems. The Sleuth Kit versions 4.14.0 and earlier contained a buffer error vulnerability...

Kamailio 缓冲区错误漏洞

Kamailio is an open-source implementation of a SIP signaling server developed by Kamailio. Versions of Kamailio prior to 6.0.5 and 5.8.7 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read operations, which could lead to denial-of-service attacks...

Kamailio 缓冲区错误漏洞

Kamailio is an open-source implementation of a SIP signaling server developed by Kamailio. Versions of Kamailio prior to 6.1.1, 6.0.6, and 5.8.8 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds access, which could lead to denial of service attacks...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain a buffer error vulnerability, which stems from the lack of boundary checks, leading to out-of-bound writes and potentially allowing for remote privilege escalation...

Mozilla Firefox和Mozilla Thunderbird 缓冲区错误漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...

Theora 缓冲区错误漏洞

Theora is a reference implementation of Theora video compression format developed by Xiph open-source projects. Theora has a buffer error vulnerability, which stems from a heap out-of-bounds read in the aviparseinputfile function of the AVI parser. This vulnerability could lead to denial-of-servi...

SDL_image 缓冲区错误漏洞

SDLimage is an open-source library from Simple DirectMedia Layer that supports loading images in various formats. SDLimage has a buffer error vulnerability, which stems from the lack of validation of pixel index values, potentially leading to out-of-buffer reads...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.1.0 and 3.2.7, as well as versions prior to 3.3.9 and 3.4.9, contain a buffer error vulnerability. This vulnerability stems from integer overflows...

Xlight FTP Server 缓冲区错误漏洞

Xlight FTP Server is an open-source FTP server software developed by Xlight. Version 3.9.1 of Xlight FTP Server contains a buffer error vulnerability. This vulnerability stems from a coverage issue with structured exception handlers, which may allow local attackers to cause the application to cra...

Core Flight System 缓冲区错误漏洞

Core Flight System cFS is a generic flight software architecture framework open source by NASA. It is used for flagship spacecraft, manned spacecraft, cube satellites, and Raspberry Pi devices. Versions of Core Flight System 7.0.0 and earlier contain a buffer error vulnerability. This vulnerabili...

Libraw 缓冲区错误漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and others format images. It supports various operating systems. Versions of LibRaw 0.22.0 and earlier contain a buffer error vulnerability. This vulnerability stems from an out-of-bounds write during the...

stb 缓冲区错误漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 1.26 contained a buffer error vulnerability. This vulnerability stems from the operation of the stbttbufget8 function in the TTF File Handler component’s stbtruetype.h library, which could lead to...

Libraw 缓冲区错误漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and others format images. It supports various operating systems. Versions of Libraw prior to 0.22.0 contain a buffer error vulnerability. This vulnerability stems from improper handling of parameters...

stb 缓冲区错误漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 1.22 contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds write operation in the startdecoder function found in the file stbvorbis.c, which could lead to remote...

stb 缓冲区错误漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 1.26 contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds read in the stbtruetype.h library within the TTF File Handler component, which could lead to remote attac...

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.8 contained a buffer error vulnerability. This vulnerability stemmed from specially crafted B44 or B44A EXR files, which could cause...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds read in the VS6ComFile!getmacromemCOM function, whic...

Cisco Integrated Management Controller（IMC） 缓冲区错误漏洞

The Cisco Integrated Management Controller IMC is a set of software developed by Cisco, Inc., used for managing UCS Unified Computing System environments. This software supports HTTP and SSH access, and allows operations such as powering on, powering off, and restarting servers. The Cisco IMC has...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contain a buffer error vulnerability. This vulnerability stems from an out-of-bounds read in VS6MemInIF!settemptypedefault, which may lead to...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software developed by Fuji Electric, a Japanese company. Versions of Fuji Electric V-SFT 6.2.10.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds reading in VS6ComFile!loadlinkinf, which could lead to...