The vulnerability of the LibGD graphics library, related to reading beyond the allowed buffer data limits, allows attackers to cause service interruptions.

The vulnerability of the LibGD graphics library is related to reading data beyond the acceptable buffer limit. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of Fortinet’s FGFMD software products allows a hacker to execute arbitrary code.

The vulnerability of Fortinet’s FGFMD software products is related to a violation of the buffer’s initial limit. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code by sending specially crafted packets...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

Intel Media SDK 安全漏洞

Intel Media SDK is a multimedia SDK Software Development Kit from Intel Corporation USA. The product is primarily used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability exists in Intel Media SDK that stems from the presence of an...

Intel Media SDK 安全漏洞

Intel Media SDK is a multimedia SDK Software Development Kit from Intel Corporation USA. The product is primarily used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability exists in Intel Media SDK that stems from the presence of an...

UBUNTU-CVE-2024-26994

In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word 256 characters, we have to stop before the length of the word buffer...

The vulnerability of the Intel Performance Counter Monitor software lies in its ability to violate the initial buffer limit, allowing attackers to trigger a service failure.

The vulnerability of the Intel Performance Counter Monitor software lies in the violation of the buffer’s initial limit. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Intel C++ Compiler Classic Security Vulnerability

Intel C++ Compiler Classic is a C++ compiler from Intel Corporation USA used to generate optimized code that runs on Intel processors. A security vulnerability previously existed in Intel C++ Compiler Classic version 2021.8, which stemmed from an improper buffer limit in the affected product. It...

Intel Thunderbolt DCH drivers security vulnerability

Intel Thunderbolt DCH drivers is a driver for Windows from Intel Corporation USA. A security vulnerability previously existed in Intel ThunderboltTM DCH drivers for Windows version 88, which arose from an improper buffer limit in the affected product. The vulnerability could allow an authenticate...

Intel Thunderbolt DCH drivers security vulnerability

Intel Thunderbolt DCH drivers is a driver for Windows from Intel Corporation USA. A security vulnerability previously existed in the Intel ThunderboltTM DCH drivers for Windows version 88, which stemmed from an improper buffer limit in the affected product. This could lead to privileged users...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

Intel RealSense ID Buffer Error Vulnerability

Intel RealSense ID is a facial recognition solution from Intel Corporation USA that relies on its RealSense depth sensing technology. A security vulnerability exists in IntelR RealSenseTM 450 FA version 0.25.0, which stems from incorrect buffer limits. An attacker could exploit the vulnerability ...

UBUNTU-CVE-2023-1380

A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo-reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service...

Intel Media SDK 缓冲区错误漏洞

Intel Media SDK is a multimedia SDK Software Development Kit from Intel Corporation. The product is primarily used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability exists in Intel Media Software Development Kit versions prior to...

SUSE CVE-2009-2621

Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via 1 an incomplete request or 2 a request with a large header size, related to a HttpMsg.cc and b clientside.cc...

SUSE CVE-2016-8339

A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store. A crafted CONFIG S...