SUSE CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

SUSE CVE-2020-35502

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash...

Intel Hyperscan 缓冲区错误漏洞

Intel Hyperscan is a high-performance multi-regular expression matching library from Intel Corporation USA. A security vulnerability exists in versions of Intel Hyperscan prior to 2022/4/29, which stems from improperly limiting buffers. An attacker could exploit the vulnerability to escalate...

Intel NUC 缓冲区错误漏洞

The Intel NUC is a small minicomputer from Intel USA. A security vulnerability exists in Intel NUC Laptop Kits that stems from incorrect buffer limits. An attacker exploited the vulnerability to elevate privileges...

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

CVE-2022-29189 Buffer for inbound DTLS fragments has no limit

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could explo...

envoy: Use-after-free when response filters increase response data

A flaw was found in envoy. If the amount of buffered data by envoy goes over the limit, the buffer may overflow while a response is being processed by the filter chain. This issue possibly causes the operation to abort incorrectly, resulting in the access of a freed memory block...

The vulnerability of the `url::recvline` function in the `url.cpp` component of the Libproxy configuration management library involves allowing an operation’s output to be within acceptable buffer data limits. This allows a malicious actor to cause a service failure.

The vulnerability of the url::recvline function in the url.cpp component of the Libproxy configuration management library is related to incorrect handling of the absence of a new line character. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limit in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

redis: Integer overflow issue with Streams

An integer overflow issue was found in redis. The vulnerability involves changing the default "proto-max-bulk-len" and "client-query-buffer-limit" configuration parameters to very large values and constructing specially crafted large stream elements. This flaw allows a remote attacker to corrupt...

ALPINE-CVE-2021-32627

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

Insufficient size checks in ws

An issue was discovered in the ws crate through 2020-09-25 for Rust. The outgoing buffer is not properly limited, leading to a remote memory-consumption attack...

Buffer overflow

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause malicious code to be executed...

CVE-2021-22348

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute...

CVE-2021-22353

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart...

CVE-2021-22353

There is a Memory Buffer Improper Operation Limit Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause the kernel to restart...

The vulnerability of the MuPDf PDF viewer program, related to the operation exceeding the allowed buffer data limits, allows a hacker to trigger a service failure.

The vulnerability of the MuPDf PDF viewer program is related to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...