Apache Commons JXPath 缓冲区错误漏洞

Apache Commons JXPath is a Java-based implementation of XPath 1.0 from the Apache Foundation. Apache Commons JXPath suffers from a buffer error vulnerability that stems from a parser running on user-supplied input that allows an attacker to submit special data resulting in a denial of service due...

Omron CX-Programmer 缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron Japan. A buffer error vulnerability exists in Omron CX-Programmer version 9.78 and prior versions, which can be exploited by an attacker to achieve arbitrary code execution via an out-of-bounds write...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer error vulnerability exists in Huawei HarmonyOS versions prior to 2.0, which stems from a lack of length checking vulnerability in the HWKEYMASTER...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A buffer error vulnerability exists in Autodesk AutoCAD that stems from parsing maliciously crafted XB, CATIA, and PDF files can be used to write to a buffer that exceeds the allocated buffer,...

Autodesk Moldflow 缓冲区错误漏洞

Autodesk Moldflow is a software simulation from the American company Autodesk. It can show how the resin fills the mold during the injection molding process. A buffer error vulnerability exists in versions prior to Autodesk Moldflow 2023, which stems from a memory corruption that may occur when t...

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A buffer error vulnerability exists in Bento4 v1.6.0-639, which stems from a heap overflow in the AP4BitReader::ReadBit method of the mp4mux component...

XPDF 缓冲区错误漏洞

Xpdf is a free PDF viewer and toolkit from Xpdf, including a text extractor, image converter, HTML converter and more. A buffer error vulnerability exists in XPDF version 4.04, which stems from a crash in the XRef::fetchint, int, Object, int function in xpdf/XRef.cc...

Dell SmartFabric OS10 缓冲区错误漏洞

Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell, USA. A security vulnerability exists in Dell SmartFabric OS10 versions 10.5.1.x, 10.5.2.x, and 10.5.3.x. The vulnerability stems from the fact that an attacker can cause a system crash by running a specific security...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files. A security vulnerability exists in SWFTools that stems from a segmentation violation in the convertgfxline location of /gfxpoly/convert.c. The vulnerability is caused by an error in the /gfxpoly/convert.c location. No...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from a segmentation violation in the FoFiTrueType::writeTTF location of /xpdf/FoFiTrueType.cc...

Grandstream GSD3710 缓冲区错误漏洞

The Grandstream GSD3710 is an HD video access control system from Grandstream. A security vulnerability exists in the Grandstream GSD3710 version 1.0.11.13, which stems from not checking the length of parameters before using the strcopy command, and can be exploited by an attacker to execute a...

OTFCC 缓冲区错误漏洞

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. Caryll OTFCC suffers from a buffer vulnerability that originates from a boundary error in /release-x64/otfccdump+0x6b559f when processing untrusted input. An attacker could exploit th...

IrfanView 缓冲区错误漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion and more. A security vulnerability exists in IrfanView version 4.54, which stems from a user-mode write access conflict issue i...

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A buffer error vulnerability exists in Ansys SpaceClaim 2022 R1, which stems from a specific flaw in the parsing of XB files, where a pointer is not properly initialized before being accessed, and can be exploited by an...

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A buffer error vulnerability exists in Ansys SpaceClaim 2022 R1, which stems from the parsing of XT files without proper validation of user-supplied data could result in writes beyond the end of the allocated data structure...

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A buffer error vulnerability exists in Ansys SpaceClaim 2022 R1, which stems from the parsing of XB files without proper validation of user-supplied data could result in writes beyond the end of the allocated data structure...

Ansys SpaceClaim 缓冲区错误漏洞

Ansys SpaceClaim is a solid modeling CAD software from Ansys Corporation. A buffer error vulnerability exists in Ansys SpaceClaim 2022 R1, which stems from the parsing of XB files without proper validation of user-supplied data could result in writes beyond the end of the allocated data structure...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A buffer error vulnerability exists in the SMR Sep-2022 Release 1 version of SAMSUNG Mobile devices, which stems from a heap-based overflow...

Linux kernel 缓冲区错误漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from multiple out-of-bounds reads and possibly out-of-bounds writes contained in the Linux kernel driver for USB 2.0/3.0 Gigabit...

Rizin 缓冲区错误漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. A buffer error vulnerability...