128 matches found
Buffer overflow
RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 in 4.0.x and 4.1.4 in 4.1.x and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 in 4.0.x and prior to 4.4 in 4.1.x, 4.2.x, 4.3.x are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote...
KLA11762 DOS vulnerability in VLC media player
Heap-based buffer over-read vulnerability was found in VLC media player. Malicious users can exploit this vulnerability to cause denial of service. Original advisories sb-vlc308 Related products VLC-media-player CVE list CVE-2019-13962 critical Solution Update to the latest version Download VLC...
OPENSUSE-SU-2019:1964-1 Security update for tcpdump
This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2019-1010220: Fixed a buffer over-read in printprefix which may expose data bsc1142439. - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoeprint and lookupemem bsc1068716. This update was imported fr...
Design/Logic Flaw
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "NDPRINTndo, "%s", buf;", in function named "printprefix", in "print-hncp.c". The attack vector is: The victim must open a...
SUSE-SU-2019:1208-1 Security update for sqlite3
This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas bsc1085790. - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize bsc1132045...
openSUSE Security Update : libjpeg-turbo (openSUSE-2019-1343)
This update for libjpeg-turbo fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-14498: Fixed a heap-based buffer over read in get8bitrow function which could allow to an attacker to cause denial of service bsc1128712. - CVE-2018-11813: Fixed the...
Buffer overflow
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alawarray in alaw.c that will lead to a denial of service...
CVE-2018-19214
Netwide Assembler NASM 2.14rc15 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for insufficient input...
CVE-2018-18196
An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp...
Design/Logic Flaw
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device...
CVE-2018-14790
Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini C1, FRENIC-Mini C2, FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device...
PYSEC-2018-133
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...
EulerOS 2.0 SP2 : curl (EulerOS-SA-2018-1202)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl version curl 7.20.0 to and including curl 7.59.0 contains a Buffer Over-read vulnerability in denial of service that can result in curl can b...
Heap overflow
The mobiparsemobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted mobi file...
MGASA-2018-0217 Updated links packages fix security vulnerability
Buffer over-read vulnerability in case of corrupted UTF-8 data CVE-2017-11114...
SUSE-SU-2018:0585-1 Security update for openexr
This update for openexr fixes the following issues: CVE-2017-9110: In OpenEXR, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. bsc1040107 CVE-2017-9114: In OpenEXR, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cau...
CVE-2018-7435
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroycell function...
SUSE-SU-2018:0311-1 Security update for openvswitch
This update for openvswitch fixes the following issues: CVE-2017-9263: While parsing an OpenFlow role status message, there is a call to the abort functio for undefined role status reasons in the function ofpprintrolestatusmessage in lib/ofp-print.c that may be leveraged toward a remote DoS attac...
CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region...
CVE-2017-14643
The AP4HdlrAtom class in Core/Ap4HdlrAtom.cpp in Bento4 version 1.5.0-617 uses an incorrect character data type, leading to a heap-based buffer over-read and application crash in AP4BytesToUInt32BE in Core/Ap4Utils.h...