D-Link DCS-1100 and D-Link DCS-1130 Buffer Error Vulnerability (CNVD-2019-21249)

The D-Link DCS-1100 and the D-Link DCS-1130 are both network cameras from Taiwan, China-based AUO D-Link. A buffer error vulnerability exists in the D-Link DCS-1100 and DCS-1130. A local attacker could exploit this vulnerability to execute arbitrary commands on the device without authentication...

file 'readelf.c' stack buffer out-of-bounds read vulnerability

file is a command-line tool used on Unix-like systems to view file information. A stack buffer out-of-bounds read vulnerability exists in docorenote in the readelf.c file of the libmagic.a static link library in file version 5.35. The vulnerability allows remote attackers to submit a special file...

CVE-2018-11840

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice...

Heap overflow

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

DEBIAN-CVE-2018-7167

Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...

Google Android DRM API buffer out-of-bounds read vulnerability

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. The DRM API is one of the digital rights management APIs Application Programming Interfaces, and the Qualcomm MDM9206 and other devices are Qualcomm CPUs used on...

Google Android buffer out-of-bounds read vulnerability (CNVD-2018-10035)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9206 and other central processing unit CPU products from Qualcomm are used in different platforms. A buffer out-of-bounds read vulnerability exists in th...

GEGL Denial of Service Vulnerability (CNVD-2018-08258)

GEGL is a data stream based image processing framework. The framework provides floating point processing and lossless image processing for projects such as the GNU Image Manipulation Program. A security vulnerability exists in the 'gegltilebackendswapconstructed' function in the...

Adobe Acrobat and Reader Buffer Access Vulnerability (CNVD-2017-35600)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acroba and Reader security vulnerabilities exist. Remote attackers can use the...

Adobe Acrobat and Reader Buffer Access Vulnerability (CNVD-2017-35601)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acroba and Reader security vulnerabilities exist. Remote attackers can use the...

Ruby Buffer Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. A security vulnerability exists in Ruby versions prior to 2.4.2, 2.3.5 and 2.2.8. An attacker can exploit this vulnerability to execute arbitrary code or...

Apache httpd Buffer Overflow Vulnerability

Apache httpd is the U.S. Apache Apache Software Foundation, an open source HTTP server developed and maintained specifically for modern operating systems. A security vulnerability exists in Apache httpd version 2.2.x prior to 2.2.33 and version 2.4.x prior to 2.4.26. An attacker can exploit this...

NECROSOFT NScan Local Buffer Vulnerability

NECROSOFT NScan is a scanning tool for large networks to scan and collect relevant network/host information. A local buffer vulnerability exists in NECROSOFT NScan version 0.9.1 due to the program failing to properly filter the boundary-checks parameter. This allows an attacker to exploit the...

CVE-2016-4021

The readbinary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service infinite loop and CPU consumption via crafted input, as demonstrated by the \xa3\x03 string...

Debian DLA-470-1 : libksba security update

It was discovered that there was a possible read access beyond a buffer vulnerability in libksba, a X.509 and CMS certificate support library. The returned length of the object from ksbaberparsetl ti.length was not always checked against the actual buffer length, thus leading to a read access aft...

BIND DNSSEC Key Handling Error Denial of Service Vulnerability

ISC BIND is a very widely used implementation of the DNS protocol, maintained by ISC. A security vulnerability in ISC BIND 'buffer.c' allows remote users to send a special query that causes the remote Zone DNS server to return a special DNSSEC to the target checksum resolver, triggering the...

CVE-2015-3281

The bufferslowrealign function in HAProxy 1.5.x before 1.5.14 and 1.6-dev does not properly realign a buffer that is used for pending outgoing data, which allows remote attackers to obtain sensitive information uninitialized memory contents of previous requests via a crafted request...

openSUSE Security Update : python (openSUSE-SU-2014:1292-1)

CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer CVE-2014-7185, bnc898572 - CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer CVE-2014-7185, bnc898572 - CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer...

CVE-2011-1044

The ibuverbspollcq function in drivers/infiniband/core/uverbscmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially fille...

CVE-2007-3023

unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors...