Fortinet FortiProxy 缓冲区错误漏洞

Fortinet FortiProxy is a secure network proxy from Fortinet that protects employees from cyberattacks by combining multiple detection technologies such as Web filtering, DNS filtering, DLP, anti-virus, intrusion prevention, and advanced threat protection.FortiProxy helps reduce bandwidth...

PT-2022-20540 · Ultrajson +4 · Ultrajson +4

Name of the Vulnerable Software and Affected Versions: UltraJSON versions prior to 5.4.0 Description: The issue occurs when an error happens while reallocating a buffer for string decoding, causing the buffer to get freed twice. Due to how UltraJSON uses the internal decoder, this double free is...

UltraJSON 资源管理错误漏洞

UltraJSON is an open source, ultra-fast JSON encoder and decoder written in pure C and bundled with Python 3.7+. A resource management error vulnerability exists in versions of UltraJSON prior to 5.4.0, which stems from an error when reallocating a buffer for string decoding, which could cause th...

Fortinet FortiManager 缓冲区错误漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and the ability to group devices into different management domains ADOM to further simplify multi-device security deployment a...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. A buffer error vulnerability exists in versions prior to Vim 9.0 that stems from the presence of out-of-bounds reads...

JPEGOPTIM 缓冲区错误漏洞

JPEGOPTIM is a utility for optimizing/compressing JPEG files by Timo Kokkonen, a US-based individual developer. A security vulnerability exists in JPEGOPTIM v1.4.7, which stems from a segmentation violation caused by a READ memory access on jpegoptim.c. The vulnerability is caused by a READ memor...

Net-SNMP 缓冲区错误漏洞

Net-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices, computer devices, UPS devices, and more. Net-SNMP suffers from a buffer error vulnerability that stems from a misformatted OID in a SET request to...

CVA6 缓冲区错误漏洞

CVA6 is an application class 6 RISC-V CPU open-sourced by the OpenHW Group in Canada. A security vulnerability exists in CVA6 that originates from accessing invalid memory when reading the value of MHPMCOUNTER30...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox 102 suffers from a buffer error vulnerability that originates from a memory corruption issue in the application. An attacker could exploit the vulnerability to achieve arbitrary code...

Xpdf 缓冲区错误漏洞

Xpdf is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. Xpdf v4.04 there is a security vulnerability , the vulnerability stems from the PDF file caused by object loops...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework. a denial of service vulnerability exists in GPAC version 1.0.1, which originates from the gfbswritedata function. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box command...

Huawei MindSpore Community 缓冲区错误漏洞

Huawei MindSpore Community is an open source deep learning framework from Huawei China. Huawei MindSpore Community Tile is vulnerable to an information disclosure vulnerability that stems from accessing sensitive data when the input data type is not int or int32. An attacker could use this...

curl 缓冲区错误漏洞

curl is a tool for transferring data from or to a server. A buffer error vulnerability exists in curl versions 7.16.4 and later, including 7.83.1, due to incorrect handling of certain cookies, which can be exploited by an attacker to perform a denial-of-service attack...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. A buffer error vulnerability exists in versions prior to Vim 8.2, which stems from vim out-of-bounds writes...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in several CODESYS products, which can be exploited by a low-privileged remote attacker to craft a request that results in read access to uninitialized pointers, leading to a deni...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from Germany's 3S-Smart Software Solutions. A buffer error vulnerability exists in several CODESYS products and stems from a lack of internal buffer read limits in the application. An attacker can exploit this vulnerability to craft a request with an...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from Germany's 3S-Smart Software Solutions. A buffer error vulnerability exists in several CODESYS products and stems from a lack of internal buffer read limits in the application. An attacker can exploit this vulnerability by crafting requests with...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from Germany's 3S-Smart Software Solutions A buffer error vulnerability exists in several CODESYS products that stems from an internal failure to properly handle the length of associated structured data in an application. An attacker can exploit this...

Autodesk AutoCAD Buffer Error Vulnerability (CNVD-2022-61610)

Autodesk AutoCAD is a professional 3D drawing software from Autodesk, Inc. A security vulnerability exists in Autodesk AutoCAD 2023 and prior versions, which stems from writing beyond the allocated buffer when parsing TGA files, and can be exploited by attackers to execute arbitrary code...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. A security vulnerability exists in Vim versions prior to 8.2, which stems from a read out-of-bounds condition in vim...