CVE-2023-45678 Off-by-one heap buffer write in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

CVE-2023-45678

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maximum m-submaps can be 16 but submapfloor and submapresidue are declared as arrays of 15 elements. This issue may lead to code execution...

K000137093: Node.js vulnerabilities CVE-2018-7167, CVE-2018-12115, and CVE-2018-12116

Security Advisory Description CVE-2018-7167 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instea...

F5 Networks BIG-IP : Node.js vulnerabilities (K000137093)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2.2 / 17.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K000137093 advisory. CVE-2018-7167Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which...

CVE-2023-40031 Notepad++ vulnerable to heap buffer write overflow in Utf8_16_Read::convert

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...

Intel Server Board 缓冲区错误漏洞

Intel Server Board is a server motherboard from Intel Corporation USA. A security vulnerability exists in Intel Server Board versions prior to 2.90 that stems from an out-of-bounds write issue. An attacker could exploit the vulnerability to enable privilege escalation via local access...

TCG TPM 缓冲区错误漏洞

TCG TPM is a chip from the Trusted Computing Group that is planted inside a computer to provide a trusted root for the computer. A security vulnerability exists in version 2.0 of the TCG TPM that stems from an out-of-bounds write issue. An attacker could use this vulnerability to cause a denial o...

SUSE CVE-2017-18185

An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an integer overflow in the PNG filter...

SUSE CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

Tecnomatix Plant Simulation 缓冲区错误漏洞

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, and integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation due to an affected application parsing specially crafted SPP files that contain out-of-bounds write...

PT-2022-24953 · Wasmtime · Wasmtime

Name of the Vulnerable Software and Affected Versions: Wasmtime versions prior to 2.0.2 Description: There is a bug in Wasmtime's C API implementation where the definition of the wasmtime trap code does not match its declared signature in the wasmtime/trap.h header file. This discrepancy causes t...

PT-2022-33420 · Apparmor · Apparmor

Name of the Vulnerable Software and Affected Versions: apparmor versions prior to v5.19.4 Description: A memory leak issue exists in the aa simple write to buffer function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v5.19.4, update t...

grub2: Crafted JPEG image can lead to buffer underflow write in the heap

A flaw was found in grub2 when handling JPEG images. This flaw allows an attacker to craft a malicious JPEG image, which leads to an underflow on a grub2's internal pointer, leading to a heap-based out-of-bounds write. Secure-boot mechanisms circumvention and arbitrary code execution may also be...

SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley View, a free viewer from Bentley Systems, Inc. An out-of-bounds write vulnerability exists in Bentley View DGN file parsing, which stems from the fact that data created in a DGN file can trigger a write operation beyond the end of the allocated buffer. An attacker could exploit this...

(Pwn2Own) Parallels Desktop Toolgate Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...

Modesty Pdf2json 缓冲区错误漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. A denial of service vulnerability exists in the CCITTFaxStream::lookChar function in PDF2JSON version 0.70. The vulnerability stems from an invalid write of size 2. An...

DEBIAN-CVE-2020-28010

Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...

PT-2021-17965

Name of the Vulnerable Software and Affected Versions: Deark versions prior to 1.5.8 Description: The issue arises from a specially crafted input file that can cause a NULL pointer dereference in the dbuf write function, located in src/deark-dbuf.c. Recommendations: For versions prior to 1.5.8,...