ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer aka an out-of-bounds slice situation.

...

pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...

pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...

ODAViewer 缓冲区错误漏洞

Open Design Alliance OdaViewer is a viewer from Open Design Alliance, USA. It is used for visualization of all Oda supported file formats and other visualization related functions. A security vulnerability exists in ODAViewer, which stems from the fact that carefully crafted data in a U3D file ca...

Open Design Alliance Drawings SDK 缓冲区错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to data in .dwg and .dgn through a convenient, object-oriented API, offering features such as a C++ API, support for repairing files, and .NET,...

ODAViewer 缓冲区错误漏洞

Open Design Alliance OdaViewer is a viewer from Open Design Alliance, USA. It is used for visualization of all Oda supported file formats and other visualization related functions. A security vulnerability exists in ODAViewer that stems from the fact that carefully crafted data in a DWF file can...

The vulnerability of the macOS operating system, related to the ability to read data beyond the buffer in memory, allows attackers to gain access to protected information.

The vulnerability of the macOS operating system is related to the ability to read data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain access to protected information...

binutils: Heap-based buffer overflow in bfd_getl_signed_32() in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section() in elf.c

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfdgetlsigned32 in libbfd.c because shentsize is not validated in bfdelfslurpsecondaryrelocsection in elf.c...

pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...

python-pillow: Buffer over-read in PCX image reader

A flaw was found in python-pillow. The PcxDecode in Pillow has a buffer over-read when decoding a crafted PCX file due to the user-supplied stride value trusted for buffer calculations. The highest threat from this vulnerability is to system availability...

python-pillow: Buffer over-read in SGI RLE image reader

A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

PT-2021-6114 · Tp Link · Tp-Link Ac1750

Name of the Vulnerable Software and Affected Versions: TP-Link AC1750 version 1.1.4 Build 20211022 rel.591035553 Description: The issue is related to a read past the end of an allocated buffer in the NetUSB.ko module, which can be exploited by network-adjacent attackers to execute arbitrary code ...

The vulnerability of the print_prefix function in tcpdump software for network traffic analysis, related to reading data beyond the buffer’s allowed limits, allows a hacker to gain access to confidential data.

The vulnerability of the printprefix function in software for analyzing network traffic using tcpdump relates to reading data from within allowable buffer limits. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

The vulnerability of the rasteropGeneralLow component in the Leptonica image processing library, which involves reading data beyond the permissible buffer limits, allows attackers to cause service failures.

The vulnerability of the rasteropGeneralLow component in the Leptonica image processing library involves reading data beyond the permissible buffer size. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the `epsonds_net_read` function in the `epsonds-net.c` API of the SANE scanning device allows a hacker to access confidential data by reading beyond the allowed buffer size.

The vulnerability of the epsondsnetread function in the epsonds-net.c API of the SANE scanning device involves reading data beyond the permissible buffer size. Exploiting this vulnerability could allow an attacker to access confidential data...

多款Qualcomm产品缓冲区错误漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.APQ8017 is a central processing unit CPU product.SDX55 is a modem.Qualcomm QCA6574AU is a central processing unit CPU product.APQ8017 is a central processing unit CPU...

The vulnerability of the Exiv2 metadata management library, related to the execution of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Exiv2 metadata management library is related to the execution of operations outside the buffer in memory due to errors in metadata writing. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability of the tcpdump software for analyzing network traffic lies in the reading of data beyond the buffer’s acceptable limits, which allows a hacker to cause a service failure.

The vulnerability of the tcpdump software for analyzing network traffic is related to reading data from the buffer beyond its allowable limits. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data beyond the allowed buffer limits, allowing an attacker to access confidential data.

The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data from beyond the allowable buffer size. Exploiting this vulnerability can allow an attacker to access confidential data...

The vulnerability of the Nef polygon function in the CGAL computational geometry algorithm library, which involves reading data beyond the permissible buffer limits, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Nef polygon function in the CGAL computational geometry algorithm library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause servi...