ADMesh 缓冲区错误漏洞

ADMesh is a program for working with triangular solid meshes. A security vulnerability exists in ADMesh version 0.98.4 and earlier, which stems from a heap-based out-of-bounds read in stlupdateconnectsremove1 called from stlremovedegenerate in connect.c in libadmesh.a. The vulnerability is caused...

squirrel 缓冲区错误漏洞

squirrel is the stable version of the programming language SQUIRREL 3.2. A security vulnerability exists in squirrel version 3.2, which stems from the lack of a specific sqreservestack call to threadcall in sqbaselib.cpp. No detailed vulnerability details are currently available...

多款MediaTek产品缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek. A security vulnerability exists in various MediaTek products, which stems from an integer overflow that may cause an application to crash and can be exploited by an attacker to cause a local denial of service. Th...

Libmobi 缓冲区错误漏洞

Libmobi is a C library . It is used to process Mobipocket/Kindle MOBI e-book format documents. A security vulnerability in parserawml.c:1416 in the GitHub library Libmobi before 0.11, which stems from a buffer error, can be exploited by an attacker to read sensitive information or cause a crash...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc USA. Google Chromium suffers from a buffer error vulnerability that stems from multiple security issues found in Chromium, resulting in the execution of arbitrary code, denial of service, or information disclosure...

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is 3D model review software for architecture, engineering, and construction from Autodesk, Inc. A buffer error vulnerability exists in Autodesk Navisworks 9.0.7 in Autodesk Navisworks 2022, which stems from a memory corruption vulnerability that could lead to code execution vi...

多款 MediaTek 产品缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in several MediaTek products, which stems from an incorrect boundary check in ccci, where a kernel pointer may be leaked...

多款 MediaTek 产品缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a division of China's MediaTek Mediatek. A security vulnerability exists in several MediaTek products, which stems from a lack of boundary checking in atf spm, which may result in out-of-bounds writes...

Bentley View 缓冲区错误漏洞

Bentley Systems Bentley View is a free viewer from Bentley Systems, USA. A buffer error vulnerability exists in Bentley View version 10.16.02.022. An attacker could exploit the vulnerability to force an out-of-bounds read to be triggered via a DXF file containing malicious data...

Bentley Systems MicroStation 缓冲区错误漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer error vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.034, which originates from a failure to properly validate the length of user-supplied data befo...

Bentley Systems MicroStation 缓冲区错误漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer error vulnerability exists in Bentley MicroStation CONNECT version 10.16.02.034, which originates from a failure to properly validate the length of user-supplied data befo...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A buffer error vulnerability exists in Autodesk AutoCAD, which could be exploited by an attacker to obtain sensitive information or cause a system crash by using a maliciously crafted DWG file ...

CVE-2021-32994 Softing OPC-UA C++ SDK Improper Restriction of Operations within the Bounds of a Memory Buffer

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

Canon imageCLASS MF644Cdw 10.02 printers 缓冲区错误漏洞

Canon imageCLASS MF644Cdw is an intelligent and efficient 3-in-1 color multifunction printer from Canon Japan. A security vulnerability exists in Canon imageCLASS MF644Cdw 10.02 printers, which originates from a failure to properly validate the length of user-supplied data before copying it to a...

Tenda AC6 缓冲区错误漏洞

The Tenda AC6 is a wireless router. A security vulnerability exists in Tenda AC6, which can be exploited by attackers to corrupt memory or cause a denial of service...

stb_truetype.h 缓冲区错误漏洞

stbtruetype.h is a TTF font parsing library. A buffer error vulnerability exists in stbtruetype.h v1.26, which stems from the function stbttfindtable in stbtruetype.h containing a heap buffer overflow...

CVE-2021-40767

Adobe Character Animator version 4.4 and earlier is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the...

CVE-2021-40741

Adobe Audition version 14.4 and earlier is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user...

Spoofing

Adobe Character Animator version 4.4 and earlier is affected by an Access of Memory Location After End of Buffer vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the...

CVE-2021-40741

CVE-2021-40741 affects Adobe Audition 14.4 and earlier. The issue is a memory/buffer access vulnerability (memory corruption/out-of-bounds) that occurs when parsing a specially crafted file, enabling a denial-of-service in the context of the current user. Exploitation requires user interaction (v...