The vulnerability of the ComplexImages function in the MagickCore/fourier.c component of the console-based image editing tool ImageMagick, which involves reading data beyond the permissible buffer size, allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ComplexImages function in the MagickCore/fourier.c component of the console-based image editing tool ImageMagick involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its...

The vulnerability of the do_core_note function in the File type detection utility allows a attacker to cause a service failure.

The vulnerability of the docorenote function in the File type detection utility relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

libsndfile: buffer over-read in the function i2alaw_array in alaw.c

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alawarray in alaw.c that will lead to a denial of service...

php: Heap-based buffer over-read in mbstring regular expression functions

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in...

php: Heap buffer over-read in exif_scan_thumbnail()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

php: Buffer over-read in PHAR reading functions

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...

php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...

php: memcpy with negative length via crafted DNS response

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

php: Buffer over-read in exif_read_data()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

php: Heap-based buffer over-read in PHAR reading functions

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the...

tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

The vulnerability of the libarchive library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the libarchive library is related to reading beyond the buffer boundaries of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures through the use of a specially created ISO966 file...

The vulnerability of Google Chrome browsers, related to reading beyond the buffer in memory, allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Google Chrome’s browser involves reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to information and compromise its integrity and availability through a specially created HTML page...

The vulnerability of the PDFium PDF-content processor in Google Chrome browsers allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of the PDFium PDF-content processor in the Google Chrome browser involves reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information and compromise its integrity and accessibility throu...

The vulnerability of the PHP programming language interpreter, related to reading beyond the buffer boundaries of memory, allows attackers to gain unauthorized access to information.

The vulnerability of the PHP programming language interpreter is related to reading beyond the buffer boundaries of memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information...

The vulnerability of the Exiv2::Internal::PngChunk::parseTXTChunk function in the Exiv2 metadata management library allows a attacker to cause a service failure.

The vulnerability of the Exiv2::Internal::PngChunk::parseTXTChunk function in the Exiv2 metadata management library involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure through the use of a specially created...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine, related to reading beyond the buffer in memory, allows attackers to trigger a denial-of-service attack.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to reading beyond the buffer boundary in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially crafted HTML page...