HCC Embedded InterNiche 缓冲区错误漏洞

HCC Embedded InterNiche is a newsletter software. An out-of-bounds read vulnerability exists in the HCC Embedded InterNiche stack and NicheLite, which can be exploited by an attacker to cause an out-of-bounds read...

Modesty Pdf2json 缓冲区错误漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. PDF2JSON DCTStream::readHuffSym suffers from a denial of service vulnerability. The vulnerability stems from an invalid read of size 2. An attacker could exploit this...

The vulnerability of the WavpackVerifySingleBlock function in the openUtils.c component of the WavPack audio codec allows a hacker to trigger a service failure by exceeding the permissible buffer data read limits.

The vulnerability of the WavpackVerifySingleBlock function in the openUtils.c component of the WavPack audio codec is related to reading data from within acceptable buffer limits. Exploiting this vulnerability allows a remote attacker to cause a service failure by using a specially created WavPac...

Advisory ROSA-SA-2021-1891

Software: libsolv 0.6.34 OS: Cobalt 7.9 CVE-ID: CVE-2019-20387 CVE-Crit: HIGH CVE-DESC: repodataschema2id in repodata.c in libsolv before version 0.7.6 has an excessive heap-based buffer read due to the last schema being less than the length of the input schema. CVE-STATUS: default CVE-REV: defau...

Advisory ROSA-SA-2021-1842

Software: giflib 4.1.6 OS: Cobalt 7.9 CVE-ID: CVE-2015-7555 CVE-Crit: MEDIUM CVE-DESC: Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service program crash via the created image and logical screen width fields in a GIF file. CVE-STATUS:...

The vulnerability of Mozilla Thunderbird email client, related to reading data beyond the buffer in memory, allows attackers to gain access to confidential information.

The vulnerability of Mozilla Thunderbird’s email client, related to reading data beyond the buffer in memory, allows attackers to gain access to confidential information through a specially crafted message...

SUSE: Security Advisory (SUSE-SU-2015:0835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-1918

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

OESA-2021-1018 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

CentOS 8 : curl (CESA-2019:3701)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3701 advisory. - curl: NTLM type-2 heap out-of-bounds buffer read CVE-2018-16890 - wget: Information exposure in setfilemetadata function in xattr.c CVE-2018-20483 -...

Qualcomm Automotive Telematics Security Breach

Qualcomm Automotive Telematics is a support firmware for automotive telematics from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Automotive Telematics where a newly created buffer is read again from mmc without validation. mdm9630, mdm9640, mdm9650, mdm9655, msm8909w,...

Adobe Illustrator 2020 Out-of-Bounds Read Vulnerability (CNVD-2020-57876)

Adobe Illustrator 2020 is a vector graphics editor. Adobe Illustrator 2020 suffers from an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

Security Advisory - Buffer Read Overflow Vulnerability in Huawei Product

There is a buffer overflow vulnerability in Huawei Product. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. Vulnerability ID: HWPSIRT-2020-02172 This...

Security Bulletin: Publicly disclosed vulnerability from Libreswan affects IBM Netezza Host Management

Summary Open Source Libreswan is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1763 DESCRIPTION: libreswan is vulnerable to a denial of service, caused by an out-of-bounds buffer read flaw in the pluto...

NewStart CGSL MAIN 6.01 : libreswan Vulnerability (NS-SA-2020-0035)

The remote NewStart CGSL host, running version MAIN 6.01, has libreswan packages installed that are affected by a vulnerability: - An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to...

PT-2020-12048 · Python Imaging Library +2 · Pillow +2

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Pillow versions 7.x prior to 7.0.1 Pillow version 6.2.3 and earlier Description: An out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer in the...

FreeBSD Kernel NAT Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of FreeBSD Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of NAT. The issue results from the lack of proper validation of...