389 Directory Server 安全漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. There is a security vulnerability in 389 Directory Server, which stems from the ldaputf8prev function reading bytes from the buffer without boundary checks. This leads ...

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability due to out-of-bound reading, which could lead to excessi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of the usbkillurb call during signal interrupts in the hwmon powerz module. This...

CVE-2026-37535

openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...

Silicon Labs Simplicity SDK 安全漏洞

Silicon Labs Simplicity SDK is a core software development kit provided by Silicon Labs, Inc. in the United States. The Silicon Labs Simplicity SDK has a security vulnerability that stems from integer underflow, which may lead to excessive buffer reads through specially crafted data packets...

CVE-2019-10507

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640,...

The vulnerability of the pex64_bfd_print_pdata_section function in the bfd/libbfd.c component, and the pex64_get_runtime_function function in the pei-x86_64.c component of the GNU Binutils development environment, allows a attacker to cause a service failure.

The vulnerability of the pex64bfdprintpdatasection function in the bfd/libbfd.c component, and the pex64getruntimefunction function in the pei-x8664.c component of the GNU Binutils development environment, relates to reading data from within acceptable buffer limits. Exploitation of this...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. A buffer error vulnerability exists in versions prior to Vim 8.2, which stems from the presence of out-of-bounds reads...

Advisory ROSA-SA-2021-1928

Software: netpbm 10.79.00 OS: Cobalt 7.9 CVE-ID: CVE-2018-8975 CVE-Crit: MEDIUM CVE-DESC: The pmmallocarray2 function in lib / util / mallocvar.c in Netpbm before version 10.81.03 allows remote attackers to cause a denial of service excessive heap-based buffer reads via a crafted image file, as...

Advisory ROSA-SA-2021-1821

Software: dcraw 9.19 OS: Cobalt 7.9 CVE-ID: CVE-2018-19565 CVE-Crit: HIGH CVE-DESC: Buffer re-reading in cropmaskedpixels in dcraw before 9.28 could have been used by attackers who could provide malicious files to crash the application that binds the dcraw code or leak private information...

Mozilla: Backport critical security fixes in Skia

Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR 52.8, Thunderbird 52.8, and Firefox ESR 52.8...

SQLite Heap Buffer Overflow Vulnerability

SQLite is an open source C-based embedded relational database management system developed by American software developer D. RichardHipp. The system is characterized by independence, isolation, cross-platform and so on. SQLite has a heap buffer overflow vulnerability. An attacker can exploit this...

imagemagic DoS

Out-of-buffer reads...