PT-2023-1815 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as...

K2104: Buffer read overflow in DNS resolver libraries - CAN-2002-1146

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE CVE-2017-7813

Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This...

SUSE CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages lib/vauth/ntlm.c:ntlmdecodetype2target does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that...

SUSE CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

PT-2023-5351 · Libtiff +8 · Libtiff +8

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds read in the tiffcrop function in tools/tiffcrop.c at line 3400, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file. The...

CVE-2022-42385

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2022-46143

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data...

OP-TEE Trusted OS 输入验证错误漏洞

OP-TEE Trusted OS is OP-TEE open source an open source trusted execution environment TEE that implements Arm TrustZone technology. A buffer overflow vulnerability exists in OP-TEE Trusted OS versions prior to 3.19.0, which stems from an unvalidated "numparams" parameter that can be exploited to...

Adobe Acrobat 缓冲区错误漏洞

Adobe Acrobat is a suite of PDF file editing and conversion tools from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Acrobat DC versions prior to 22.003.20258 and Acrobat 2020 20.005.30407, which originates from an out-of-bounds read and could lead to a memory...

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

curl: CVE-2022-32208: FTP-KRB bad message verification

Summary: libcurl handles gssunwrap GSSSBADSIG error incorrectly. This enables malicious attacker to inject arbitrary FTP server responses to GSSAPI protected FTP control connection and/or make the client consume unrelated heap memory as a FTP command response. The defective krb5decode function is...

Lua buffer overflow vulnerability (CNVD-2022-31843)

Lua is a lightweight, extensible open source scripting language from the Lua LUA team. A buffer error vulnerability exists in Lua 5.4.4 and earlier, which stems from the lack of a specific luaKexp2anyregup call in singlevar in lparser.c, resulting in an overread of the heap-based buffer, which...

vim 缓冲区错误漏洞

Vim is an editor for UNIX-based platforms. A buffer error vulnerability exists in vim that stems from reading out of bounds in vim prior to 8.2...

Debian DLA-2868-1 : advancecomp - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2868 advisory. - An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use thi...

Debian: Security Advisory (DLA-2868-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated glibc packages fixes security related bugs

This update fixes a few security related bugs: - regex: fix buffer read overrun in search BZ 28470 - nptl: Do not set signal mask on second setjmp return BZ 28607...

Libmobi 缓冲区错误漏洞

Libmobi is a C library . Used to handle Mobipocket/Kindle MOBI e-book format documents. An out-of-bounds read vulnerability exists in Libmobi, which stems from the program being vulnerable to the use of out-of-range pointer offsets, and can be exploited by an attacker to read memory information...

Heap OOB in `RaggedGather`

Impact If the arguments to tf.rawops.RaggedGather don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. python import tensorflow as tf tf.rawops.RaggedGather paramsnestedsplits = 0,0,0, paramsdensevalues = 1,1, indices = 0,0,9,0,0,...

ok-file-formats 缓冲区错误漏洞

ok-file-formats is an open source decoder for PNG, JPEG, WAV and some other file formats. A security vulnerability exists in ok-file-formats. The vulnerability stems from a heap-based buffer overflow in the okcsvcircularbufferread function in okcsv.c in ok-file-formats through 2021-04-29...