CVE-2023-31130 Buffer Underwrite in ares_inet_net_pton()

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

CVE-2023-31130

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

Buffer Underwrite ('Buffer Underflow')

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

CVE-2023-31130

A vulnerability was found in c-ares. This issue occurs in the aresinetnetpton function, which is vulnerable to a buffer underflow for certain ipv6 addresses. "0::00:00:00/2" in particular was found to cause an issue. C-ares only uses this function internally for configuration purposes, which woul...

SUSE CVE-2023-31130

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

PT-2023-6788

Name of the Vulnerable Software and Affected Versions c-ares versions prior to 1.19.1 Description The issue is related to a buffer underflow in the ares inet net pton function for certain IPv6 addresses, such as "0::00:00:00/2". This function is used internally by c-ares for configuration purpose...

EulerOS Virtualization 2.9.1 : edk2 (EulerOS-SA-2023-1652)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. CVE-2021-38578 Note that Tenable...

Buffer Underflow

libzstd.so is vulnerable to Buffer Underflow. The vulnerability is due to not validating the character arguments dir1 and dir2 passed to mallocAndJoin2Dir function in util.c file . This can result in buffer underflow error when an empty string is passed to the dir1 argument causing application to...

Security Bulletin: Vulnerabilities in OpenSSL affect SAN Volume Controller and Storwize Family (CVE-2016-2107 CVE-2016-2108)

Summary OpenSSL vulnerabilities were disclosed in May 2016 by the OpenSSL Project. OpenSSL is used by SAN Volume Controller and Storwize Family. SAN Volume Controller and Storwize Family products have addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2107 DESCRIPTION: OpenSSL...

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems. The issue, tracked as CVE-2023-25610 , is rated 9.3 out of 10 for severity and was internally...

Fortinet Fortigate Heap buffer underflow in administrative interface (FG-IR-23-001)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-001 advisory. - A buffer underflow vulnerability in FortiOS & FortiProxy HTTP/HTTPS administrative interface could allow an unauthenticated...

K12896623: glibc vulnerability CVE-2018-1000001

Security Advisory Description In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. CVE-2018-1000001 Impact There is no impact; F5 products are not affect...

SUSE CVE-2002-2227

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service memory corruption via a crafted SSLv2 challenge value...

SUSE CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander mc 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code...

SUSE CVE-2006-1168

The decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow...

SUSE CVE-2006-4336

Buffer underflow in the buildtree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index...

SUSE CVE-2007-0907

Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapiheaderop function...

SUSE CVE-2007-1453

Buffer underflow in the PHPFILTERTRIMDEFAULT macro in the filtering extension ext/filter in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filtervar with certain modes such as FILTERVALIDATEINT, which causes filter to write a null byte in whitespace that precede...

SUSE CVE-2007-6725

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cfdecode2d function...

SUSE CVE-2008-2327

Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...