CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash...

Linux Distros Unpatched Vulnerability : CVE-2016-2482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buff...

Linux Distros Unpatched Vulnerability : CVE-2016-2479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buff...

PT-2025-10041

Name of the Vulnerable Software and Affected Versions GraphicsMagick versions prior to 1.3.46 Description The issue concerns the mishandling of palette buffer allocation in WPG, which is a part of GraphicsMagick. Recommendations For versions prior to 1.3.46, update to version 1.3.46 or later to...

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom OpenAtom Foundation. A security vulnerability exists in OpenHarmony 4.1.2 and earlier versions, which stems from the presence of a buffer mishandling that could lead to a local attacker's elevation of...

jetty: buffer not correctly recycled in Gzip Request inflation

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...

[ASA-202102-36] python-cryptography: incorrect calculation

Arch Linux Security Advisory ASA-202102-36 ========================================== Severity: Medium Date : 2021-02-27 CVE-ID : CVE-2020-36242 Package : python-cryptography Type : incorrect calculation Remote : No Link : https://security.archlinux.org/AVG-1541 Summary ======= The package...

GHSA-RHM9-P9W5-FWM7 PyCA Cryptography symmetrically encrypting large values can lead to integer overflow

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. When certain sequences of update calls with large values multiple GBs for symetric encryption or decryption occur, it's possible for an integer overflow to happen, leading to mishandling of...

CVE-2020-14415

osswrite in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position...

pdfresurrect 0.15 - Buffer Overflow Exploit

Exploit Title: pdfresurrect 0.15 Buffer Overflow Exploit Author: j0lama Vendor Homepage: https://github.com/enferex/pdfresurrect Software Link: https://github.com/enferex/pdfresurrect Version: 0.15 Tested on: Ubuntu 18.04 CVE : CVE-2019-14267 Description =========== PDFResurrect 0.15 has a buffer...

CVE-2016-9793

The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...