FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained a buffer error vulnerability. This vulnerability stemmed from the use of the xfrailserverexecuteresult function, which accessed unchecked execResult values from the...

libvips 缓冲区错误漏洞

libvips is an open-source fast image processing library with low memory requirements. Versions of libvips 8.18.0 and earlier contain a buffer error vulnerability, which stems from memory corruption in the function found in the libvips/foreign/matrixload.c file...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a buffer error vulnerability. This vulnerability stemmed from excessive...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a buffer error vulnerability. This vulnerability stemmed from the PSD...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained a buffer error vulnerability. This vulnerability stemmed from an...

Valkey 缓冲区错误漏洞

Valkey is a flexible distributed key-value database developed by Valkey OpenSource. Versions prior to Valkey 9.0.2, 8.1.6, 8.0.7, and 7.2.12 contain a buffer error vulnerability. This vulnerability arises from the lack of validation of extended data packet positions in the cluster bus data packet...

Janet 缓冲区错误漏洞

Janet is a functional and imperative programming language and bytecode interpreter developed by Janet Language. Versions of janet-lang prior to 1.40.1 contain a buffer error vulnerability, which stems from an out-of-bounds read in the janetcvarset function located in the src/core/specials.c file...

EnOcean SmartServer IoT 缓冲区错误漏洞

EnOcean SmartServer IoT is a multi-protocol IoT edge server developed by the German company EnOcean. Versions of EnOcean SmartServer IoT prior to 4.60.009 contain a buffer error vulnerability, which stems from improper handling of LON IP-852 management messages, potentially leading to memory leak...

wren 缓冲区错误漏洞

Wren is a concurrent scripting language developed by Wren OpenSource. Versions of Wren 0.4.0 and earlier contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the peekChar function found in the src/vm/wrencompiler.c file...

GIMP 缓冲区错误漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a buffer error vulnerability, which stems from the lack of validation of data provided to users during the parsing of XWD files. This vulnerability may lead to out-of-bounds writing and remote code execution...

openbabel 缓冲区错误漏洞

OpenBabel is an open-source chemical toolkit software developed by Open Babel. Versions of OpenBabel 3.1.1 and earlier contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the function OpenBabel::transform3d::DescribeAsString located in the file...

QEMU 缓冲区错误漏洞

QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a buffer error vulnerability; this vulnerability can be triggered by specially crafted VMDK images, leading to...

lily 缓冲区错误漏洞

Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a buffer error vulnerability. This vulnerability stems from an out-of-bounds read in the counttransforms function located in the src/lilyemitter.c file, which could lead to...

Autodesk Shared Components 缓冲区错误漏洞

Autodesk Shared Components is a component provided by Autodesk, Inc. in the United States. Autodesk Shared Components has a buffer error vulnerability. This vulnerability arises from the possibility of out-of-bounds write attacks during the parsing of specially crafted MODEL files, which can lead...

SQUIRREL 缓冲区错误漏洞

SQUIRREL is the stable version of the programming language SQUIRREL 3.2. Versions of SQUIRREL 3.2 and earlier had a buffer error vulnerability, which stemmed from improper handling of parameters and the target stack. This vulnerability could lead to out-of-bounds read operations...

minisat 缓冲区错误漏洞

Minisat is an audio decoder developed by Niklas Sorensson. Versions of Minisat 2.2.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from improper handling of the parameter variable index in the DIMACS file parser component, which could lead to out-of-bounds reading...

libsoup 缓冲区错误漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a buffer error vulnerability, which stems from improper validation when handling specially crafted HTTP Range headers. This vulnerability may lead to unexpected access to memory on the server...

Nav2 缓冲区错误漏洞

Nav2 is a navigation framework and system for ROS communities that works with ROS2. Versions of Nav2 such as 1.3.11 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack overflow write vulnerability in the particle filter clustering logic of Nav2 AMCL, which...

QNAP Qsync Central 缓冲区错误漏洞

QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds write attacks, which could potentially lead ...

Pillow 缓冲区错误漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 10.3.0 to 12.1.1 contained a buffer error vulnerability. This vulnerability occurred when loading specially crafted PSD images, potentially leading to out-of-bounds write operations...