OpenHarmony 缓冲区错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.1.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which could allow local attackers to execute...

OpenHarmony 缓冲区错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.1.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which could allow local attackers to execute...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a buffer error vulnerability. This vulnerability stemmed from the freerdpbitmapdecompressplanar function not verifying the buffer size when SrcSize was 0,...

Lexbor 缓冲区错误漏洞

Lexbor is an open-source C language library for processing HTML and CSS. Versions of Lexbor prior to 2.7.0 contained a buffer error vulnerability. This vulnerability stemmed from an integer underflow in the ISO-2022-JP encoder, which could lead to out-of-bounds reading and writing...

GStreamer 缓冲区错误漏洞

GStreamer is a set of open-source frameworks for processing streaming media. GStreamer has a buffer error vulnerability, which stems from a lack of validation of data provided to users during the processing of video packets. This vulnerability may lead to out-of-bounds writing and remote code...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a buffer error vulnerability. This vulnerability stemmed from the lack of checks on the predictor and stepindex values in the input data by the MS-ADPCM a...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a buffer error vulnerability, which stemmed from a minor error in the bitmap caching subsystem. This vulnerability could lead to out-of-bounds reads and writes...

Ella Core 缓冲区错误漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.5.1 contained a buffer error vulnerability. This vulnerability occurred when processingNGAP/NAS messages with a length of less than 7 bytes,...

GPAC 缓冲区错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. The GPAC 26.03-DEV version contains a buffer error vulnerability, which stems from an out-of-bounds write operation in the function svinprocess of the SVG Parser component’s src/filters/loadsvg.c file...

fe 缓冲区错误漏洞

fe is a lightweight, embeddable ANSI C scripting language developed by rxi. fe has a buffer error vulnerability, which stems from an out-of-bounds read in the read function located in the src/fe.c file...

pocketlang 缓冲区错误漏洞

Pocketlang is an embeddable scripting language developed by Thakee Nathees. Pocketlang has a buffer error vulnerability, which stems from the incorrect handling of the length parameter in the function pkByteBufferAddString, potentially leading to memory corruption...

SoLoud 缓冲区错误漏洞

SoLoud is a game audio engine developed by Jari Komppa personally. Versions of SoLoud dated before 20200207 contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds read in the function drwavreadpcmframess16msadpcm within the WAV File Parser component’s library fil...

NanoMQ 缓冲区错误漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.6 contain a buffer error vulnerability. This vulnerability stems from the lack of boundary checks during the parsing of variable byte integers in MQTT v5, which can lead to...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute in the current user...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Windows 11 Version...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. In versions 29.8.4 and 30.1 of Adobe Illustrator, there was a buffer error vulnerability. This vulnerability stems from out-of-bounds read operations, which may lead to memory exposure...

Adobe Substance3D Painter 缓冲区错误漏洞

Adobe Substance3D Painter is a 3D scene building software developed by Adobe, a company based in America. Versions of Adobe Substance3D Painter 11.1.2 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds read operations, which may lead to memory informatio...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. In versions 29.8.4 and 30.1 of Adobe Illustrator, there was a buffer error vulnerability. This vulnerability stemmed from out-of-bounds writing, which could allow arbitrary code to execute under current user...