wolfSSL 缓冲区错误漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for embedded systems developers from wolfSSL, Inc. A security vulnerability exists in wolfSSL versions prior to 5.5.2. An attacker exploited the vulnerability to trigger a buffer over-read...

The vulnerability of the vector graphics editor CorelDRAW Graphics Suite (formerly CorelDRAW) lies in the ability to read data beyond the buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the CorelDRAW Graphics Suite formerly CorelDRAW graphic editor relates to reading data beyond the buffer boundaries in memory during PDF file parsing. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by opening a specially...

The vulnerability in the implementation of the crypt() function in the system administration software Sudo, which allows a hacker to trigger a service failure.

The vulnerability in the implementation of the crypt function in the system administration program Sudo relates to the ability to read data beyond the buffer in memory during the processing of the plugins/sudoers/auth/passwd.c file. Exploiting this vulnerability could allow an attacker to cause a...

PT-2022-6103 · Wolfssl +1 · Wolfssl +1

Name of the Vulnerable Software and Affected Versions: wolfSSL versions prior to 5.5.2 Description: The issue is related to a buffer over-read vulnerability in the wolfSSL library. This can be triggered by a malicious TLS 1.3 client or network attacker when callback functions are enabled via the...

UBUNTU-CVE-2021-37789

stbimage.h 2.27 has a heap-based buffer over in stbijpegload, leading to Information Disclosure or Denial of Service...

The vulnerability of the Cisco Discovery Protocol implementation in the microsoftware of Cisco Analog Telephone Adapter (ATA) series 190 devices allows a perpetrator to cause a service failure.

The vulnerability of the Cisco Discovery Protocol implementation in microprogrammed software for Cisco Analog Telephone Adapter ATA devices of the 190 series is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause servi...

The vulnerability of the setRepeaterSecurity function in D-Link DIR-816 A2 router software allows a hacker to execute arbitrary code.

The vulnerability of the setRepeaterSecurity function in D-Link DIR-816 A2 router software is related to the output of the operation outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pskValue parameter...

UBUNTU-CVE-2022-31630

In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...

The vulnerability of the Adobe InCopy text creation and editing software, related to reading beyond the buffer in memory, allows attackers to exploit the protected information.

The vulnerability of the Adobe InCopy text creation and editing software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

curl 缓冲区错误漏洞

Curl is a tool used to transfer data from or to a server. A security vulnerability exists in curl that stems from the fact that curl can read more than the end of a stack-based buffer, resulting in a denial of service...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading data beyond the buffer in memory, allows attackers to access confidential information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to access confidential information through a specially crafted file...

zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...

The vulnerability of Adobe InCopy, a text creation and editing software, relates to reading beyond the buffer in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the Adobe InCopy text creation and editing software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

OESA-2022-2003 mariadb-connector-c security update

This package is used for connecting C/C++ programs to MariaDB and MySQL database. Security Fixes: zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected...

The vulnerability of the Adobe InCopy text creation and editing software lies in the reading beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of the kernel-level driver nvlddmkm.sys from NVIDIA’s graphics processing units, including GeForce, Quadro, NVS, and Tesla, for Windows operating systems, allows attackers to cause system failures or gain unauthorized access to protected information.

The vulnerability of the kernel mode driver nvlddmkm.sys of NVIDIA’s graphics processing unit software products such as GeForce, Quadro, NVS, and Tesla for Windows operating systems is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to caus...

The vulnerability of the Adobe Bridge file manager, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code in the context of the current user, using a specially crafted file...