101 matches found
PT-2022-6884
Name of the Vulnerable Software and Affected Versions busybox versions prior to 1.35 Description The issue is related to a stack overflow vulnerability in the ash.c file of busybox, which can be exploited to achieve arbitrary code execution. This vulnerability is associated with a buffer overflow...
CVE-2022-35090
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via asanmemcpy at /asan/asaninterceptorsmemintrinsics.cpp:...
MGASA-2022-0311 Updated net-snmp packages fix security vulnerability
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. CVE-2022-24805 Buffer overflow and out of bounds memory access. CVE-2022-24806 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memo...
About the security content of watchOS 8.7
About the security content of watchOS 8.7 This document describes the security content of watchOS 8.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
SUSE-SU-2022:1194-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-2486 fixes several issues. The following security issues were fixed: - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects a...
MGASA-2022-0052 Updated glibc packages fix security vulnerability
Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...
CVE-2021-21860
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes memory corruption...
Bento4 Buffer Overflow Vulnerability (CNVD-2021-51789)
Bento4 is an open source C++ library for reading and writing MP4 files. Bento4 suffers from a buffer overflow vulnerability that stems from an unhandled memory allocation failure in Core/Ap4Atom.cpp in Bento version 1.5.1-628 that results in a null pointer dereference, which can be exploited by a...
CVE-2021-30499
A flaw was found in libcaca. A buffer overflow of export.c in function exporttroff might lead to memory corruption and other potential consequences...
PT-2021-4765 · Libcaca +6 · Libcaca +6
Name of the Vulnerable Software and Affected Versions: libcaca affected versions not specified Description: The issue is related to a buffer overflow in the export.c file, specifically in the export troff function of the libcaca graphic library, which is used for converting images to ASCII art...
SUSE-SU-2021:0773-1 Security update for slurm_20_11 and pdsh
This update for pdsh fixes the following issues: - Preparing pdsh for Slurm 20.11 jscECO-2412 - Simplify convoluted condition. This update for slurm fixes the following issues: - Fix potential buffer overflows from use of unpackmem. CVE-2020-27745 bsc1178890 - Fix potential leak of the magic cook...
The vulnerability of the UDP-based implementation of Cisco IOS XE SD-WAN’s microprogramming software for routers allows a attacker to induce service failure. This vulnerability applies to devices such as Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage.
The vulnerability of the UDP-based implementation of Cisco IOS XE SD-WAN microprogramming software, including Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN...
SUSE-SU-2020:2505-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19726 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...
PT-2021-5793
Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2 Description A heap-based Buffer Overflow issue exists in FFmpeg, specifically at libavfilter/vf floodfill.c, which may lead to memory corruption and other potential consequences. This issue is related to a buffer overflow...
Denial Of Service (Dos)
mcpp is vulnerable to denial of service. The domsg function in support.c does not handle the memory properly when a malicious input is provided, causing heap-based buffer overflows...
CVE-2018-20177
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdpinunistr and results in memory corruption and possibly even a remote code execution...
CVE-2018-20177
rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdpinunistr and results in memory corruption and possibly even a remote code execution...
CVE-2018-8786
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function updatereadbitmapupdate and results in a memory corruption and probably even a remote code execution...
Buffer overflow
Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...
CVE-2018-1000050
Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...