The vulnerability of the XML.toJSONObject component in the file and network operations library hutool-json allows a attacker to cause a service failure.

The vulnerability of the XML.toJSONObject component in the library for file processing and network operations in hutool-json is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

PT-2023-11742 · Mongoose · Mongoose

Name of the Vulnerable Software and Affected Versions: Mongoose version 6.18 Description: The issue is a buffer overflow in the mg resolve from hosts file function when reading from a crafted hosts file. This can occur in Mongoose 6.18. Recommendations: For Mongoose version 6.18, consider updatin...

PT-2023-11667 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 Description: A Buffer Overflow issue exists in the load function in PluginICO.cpp, allowing remote attackers to run arbitrary code via the opening of crafted ico files. Recommendations: For FreeImage version 3.19.0, a...

PT-2023-26084 · Unknown · Ez Softmagic Mp3 Audio Converter

Name of the Vulnerable Software and Affected Versions: EZ softmagic MP3 Audio Converter version 2.7.3.700 Description: A buffer overflow issue was discovered in the software. Recommendations: For EZ softmagic MP3 Audio Converter version 2.7.3.700, at the moment, there is no information about a...

PT-2023-22653 · Libcoap +1 · Libcoap +1

Name of the Vulnerable Software and Affected Versions: libcoap library versions 4.3.1-103-g52cfd56 through 4.3.1-119 Description: The issue is related to a Buffer Overflow vulnerability in the coap send function. This vulnerability allows attackers to obtain sensitive information via a malformed...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2023-52697)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox, which arises from a failure to validate a member of the DEVMODEW structure set by a printer device driver, which could be exploited by an attacker to...

MGASA-2023-0161 Updated imagemagick packages fix security vulnerability

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of...

CVE-2023-28772

An issue was discovered in the Linux kernel before 5.13.3. lib/seqbuf.c has a seqbufputmemhex buffer overflow...

PT-2023-35722 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a global buffer overflow read, as indicated by a crash report. The crash occurs in the htmlParseDocument function, which is calle...

PT-2023-35234 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.35 through 5.10.165 Description: A buffer overflow issue exists in the rndis wlan component of the Linux Kernel, specifically in the rndis query oid function. This issue was introduced in version v2.6.35 and is fixed...

PT-2023-13023 · Bestechnic · Bestechnic Bluetooth Mesh Sdk

Name of the Vulnerable Software and Affected Versions: Bestechnic Bluetooth Mesh SDK BES2300 version 1.0 Description: A buffer overflow issue can be triggered during provisioning due to the lack of a check for the SegN field of the Transaction Start PDU. This occurs because there is no validation...

PT-2023-12352 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr versions prior to 2.4.0 Description: The issue is related to a buffer overflow in the implementation of net buf add mem in the USB device Bluetooth class. Recommendations: For versions prior to 2.4.0, update to version 2.4.0 or later t...

PT-2022-27631 · Ip Com · Ip-Com M50

Name of the Vulnerable Software and Affected Versions: IP-COM M50 version 15.11.0.3310768 Description: A buffer overflow issue was discovered via the rules parameter in the formIPMacBindAdd function. This issue affects the specified version of the IP-COM M50 device. Recommendations: For IP-COM M5...

PT-2022-27620 · Ip Com · Ip-Com M50

Name of the Vulnerable Software and Affected Versions: IP-COM M50 version 15.11.0.3310768 Description: A buffer overflow issue was discovered in the formSetNetCheckTools function via the hostname parameter. Recommendations: For IP-COM M50 version 15.11.0.3310768, consider restricting access to th...

PT-2022-27584 · Tenda · Tenda Ac6V1.0

Name of the Vulnerable Software and Affected Versions: Tenda AC6V1.0 version 15.03.05.19 Description: A buffer overflow issue was discovered via the deviceId parameter in the addWifiMacFilter function. This issue can be exploited, potentially leading to unintended consequences. Recommendations: F...

ASB-A-253337348

The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow...

SUSE-SU-2022:4005-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2022-37454: Fixed buffer overflow in hashupdate on long parameter bug81738 bsc1204577. - CVE-2022-31630: Fixed OOB read due to insufficient input validation in imageloadfont bug81739 bsc1204979. - version update to 8.0.25 27 Oct 2022 Session:...

PT-2022-11614 · Stmicroelectronics +2 · Stm32 Mw Usb Host +2

Name of the Vulnerable Software and Affected Versions: stm32 mw usb host versions prior to 3.5.1 Description: A buffer overflow issue allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH MAX NUM ENDPOINTS. This typically occurs when using a RTOS such ...

PT-2022-17444 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible buffer overflow due to the lack of buffer length check during management frame Rx handling, which can lead to denial of service in various...

SUSE-SU-2022:3492-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 bsc1203530: - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution...