DEBIAN-CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

UBUNTU-CVE-2021-40985

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to imageloadbmp...

PT-2021-23032 · Htmldoc +5 · Htmldoc +5

Name of the Vulnerable Software and Affected Versions: htmldoc versions prior to 1.9.12 Description: A buffer under-read vulnerability in the image load bmp function allows attackers to cause a denial of service via a crafted BMP image. This issue affects htmldoc and can be exploited by providing...

ruby: Buffer under-read in String#unpack

A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...

ruby: Buffer under-read in String#unpack

A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...

ruby: Buffer under-read in String#unpack

A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...

php: Stack-based buffer under-read in php_stream_url_wrap_http_ex() in http_fopen_wrapper.c when parsing HTTP response

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in copying a large string...

CVE-2019-16115

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause...

php: Stack-based buffer under-read in php_stream_url_wrap_http_ex() in http_fopen_wrapper.c when parsing HTTP response

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in copying a large string...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service DoS. The vulnerability exists as the xmlParseElementDecl function can cause a heap-based buffer underread, causing a DoS attack...

DEBIAN-CVE-2019-10899

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read...

ruby: Buffer under-read in String#unpack

A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...

Debian DSA-4240-1 : php7.0 - security update

Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2018-7584 Buffer underread in parsing HTTP responses - CVE-2018-10545 Dumpable FPM child processes allowed the bypass of opcache access controls - CVE-2018-10546 Denial of service via...

[SECURITY] [DSA 4240-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4240-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4240-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-8778

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled informatio...

ALPINE-CVE-2018-8778

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled informatio...

UBUNTU-CVE-2018-8778

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled informatio...

Buffer under-read in String#unpack

An attacker controlling the unpacking format similar to format string vulnerabilities can trigger a buffer under-read in the Stringunpack method, resulting in a massive and controlled information disclosure. Stringunpack receives format specifiers as its parameter, and can be specified the positi...

UBUNTU-CVE-2018-8882

Netwide Assembler NASM 2.13.02rc2 has a stack-based buffer under-read in the function ieeeshr in asm/float.c via a large shift value...