CVE-2023-45678

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

stb_vorbis buffer error vulnerability

stbvorbis is an open source audio decoder for decoding ogg vorbis files. A security vulnerability exists in stbvorbis, which stems from the fact that a carefully crafted file may trigger a buffer write in "startdecoder", because "m-submaps" can be at most 16, but "submapfloor" and "submapresidue"...

CVE-2023-45681 Out of bounds heap buffer write in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in startdecoder. The root cause is a potential integer overflow in sizeofchar f-commentlistlength which may make setupmalloc allocate less memory...

CVE-2023-45678 Off-by-one heap buffer write in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

CVE-2023-45678

CVE-2023-45678 affects the stb_vorbis library (open-source Ogg Vorbis decoder). The root cause described in multiple sources is an out-of-bounds write in start_decoder where m->submaps can be up to 16, but submap_floor and submap_residue are declared as 15-element arrays, creating a potential ...

CVE-2023-45678

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

K000137093: Node.js vulnerabilities CVE-2018-7167, CVE-2018-12115, and CVE-2018-12116

Security Advisory Description CVE-2018-7167 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instea...

F5 Networks BIG-IP : Node.js vulnerabilities (K000137093)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2 / 17.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K000137093 advisory. CVE-2018-7167Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which...

CVE-2023-40031 Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...

Intel Server Board 缓冲区错误漏洞

Intel Server Board is a server motherboard from Intel Corporation USA. A security vulnerability exists in Intel Server Board versions prior to 2.90 that stems from an out-of-bounds write issue. An attacker could exploit the vulnerability to enable privilege escalation via local access...

TCG TPM 缓冲区错误漏洞

TCG TPM is a chip from the Trusted Computing Group that is planted inside a computer to provide a trusted root for the computer. A security vulnerability exists in version 2.0 of the TCG TPM that stems from an out-of-bounds write issue. An attacker could use this vulnerability to cause a denial o...

SUSE CVE-2017-18185

An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an integer overflow in the PNG filter...

SUSE CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, and integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation due to an affected application parsing specially crafted SPP files that contain out-of-bounds write...

PT-2022-24953 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 2.0.2 Description: There is a bug in Wasmtime's C API implementation where the definition of the wasmtime trap code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy causes t...

PT-2022-33420 · Apparmor · Apparmor

Name of the Vulnerable Software and Affected Versions: apparmor versions prior to v5.19.4 Description: A memory leak issue exists in the aa simple write to buffer function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v5.19.4, update t...

grub2: Crafted JPEG image can lead to buffer underflow write in the heap

A flaw was found in grub2 when handling JPEG images. This flaw allows an attacker to craft a malicious JPEG image, which leads to an underflow on a grub2's internal pointer, leading to a heap-based out-of-bounds write. Secure-boot mechanisms circumvention and arbitrary code execution may also be...

SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley View, a free viewer from Bentley Systems, Inc. An out-of-bounds write vulnerability exists in Bentley View DGN file parsing, which stems from the fact that data created in a DGN file can trigger a write operation beyond the end of the allocated buffer. An attacker could exploit this...