SUSE CVE-2008-5702

Buffer underflow in the ibwdtioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOCSETTIMEOUT IOCTL call...

SUSE CVE-2008-6070

Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of...

SUSE CVE-2009-1959

Off-by-one error in the eventwallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service crash via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow...

SUSE CVE-2009-4134

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service application crash via a large ZSIZE value in a black-and-white aka B/W RGB image that triggers an invalid pointer dereference...

SUSE CVE-2012-5134

Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML...

SUSE CVE-2015-0564

Buffer underflow in the ssldecryptrecord function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service application crash via a crafted packet that is improperly handled during decryption of an SSL...

SUSE CVE-2015-5309

Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via an ECH erase characters escape sequence with a large parameter value, which triggers a buffer underflow...

SUSE CVE-2016-5252

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations...

SUSE CVE-2016-7953

Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string...

SUSE CVE-2017-11110

The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...

SUSE CVE-2017-17935

The Filereadline function in epan/wslua/wsluafile.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service buffer underflow and application crash via a crafted packet that triggers the attempted processing of an empty line...

SUSE CVE-2018-5388

In strokesocket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket...

SUSE CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2023-24551

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...

CVE-2023-24551

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...

CVE-2023-24551

A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...

CVE-2023-24551

CVE-2023-24551 affects Siemens/Solid Edge SE2022 and SE2023. The issue is a heap-based buffer underflow when parsing specially crafted PAR files, enabling code execution in the current process. Affected products are: Solid Edge SE2022: all versions prior to V222.0MP12 Solid Edge SE2023: all versi...

PT-2023-6654 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge SE2022 versions prior to V222.0MP12 Solid Edge SE2023 versions prior to V223.0Update2 Description: A heap-based buffer underflow vulnerability has been identified in the affected application while parsing specially crafted PAR file...

OESA-2022-2122 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.CVE-2021-38578...

OSV-2022-1148 Stack-buffer-underflow in gs_type2_interpret

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53054 Crash type: Stack-buffer-underflow READ 4 Crash state: gstype2interpret gstype1glyphinfo pdficffglyphinfo...