UBUNTU-CVE-2020-11894

Ming aka libming 0.4.8 has a heap-based buffer over-read 8 bytes in the function decompileIF in decompile.c...

UBUNTU-CVE-2020-11895

Ming aka libming 0.4.8 has a heap-based buffer over-read 2 bytes in the function decompileIF in decompile.c...

CVE-2019-10551

String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2019-10551

String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

CVE-2019-10551

CVE-2019-10551 describes a string processing error in non-standard SIP messages that can cause a buffer overread and denial of service on Qualcomm/Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, IoT, Mobile, Wearables) across numerous Snapdragon families. The vulnera...

The vulnerability of the mpeg4decode_studio_block() function in the FFmpeg multimedia library allows a attacker to cause a service failure.

The vulnerability of the mpeg4decodestudioblock function in the FFmpeg multimedia library relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially created MPEG-4 video files...

The vulnerability of the RRE decoder VNC client component of the remote desktop management software UltraVNC allows a hacker to execute arbitrary code.

The vulnerability of the RRE decoder VNC client component of the remote desktop management software UltraVNC is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the CoRRE decoder’s VNC client, a software tool for managing remote desktops like UltraVNC, allows a hacker to execute arbitrary code.

The vulnerability of the CoRRE decoder’s VNC client, a software component for managing remote desktops such as UltraVNC, lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the header::add_INFO_descriptor function in the VCF file handling package VCFtools allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the header::addINFOdescriptor function in the VCF file handling library VCFtools relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through a specially created vcf fi...

The vulnerability of the handle_open_brace function in the FFmpeg multimedia library allows a hacker to cause a service failure.

The vulnerability of the handleopenbrace function in the FFmpeg multimedia library relates to the reading of data beyond the buffer’s boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by using specially created Matroska video format data...

The vulnerability of the fgetss() function in the general-purpose scripting language PHP, which has open source code, relates to reading beyond the buffer boundaries of memory. This allows attackers to gain access to confidential data and also trigger a denial-of-service attack.

The vulnerability of the fgetss function in the general-purpose scripting language PHP, with open source code, is related to a data reading error involving tag stripping. Exploiting this vulnerability can allow an attacker to gain access to confidential data and also cause service failures...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine, related to reading beyond the buffer in memory, allows attackers to gain unauthorized access to sensitive information.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to information through a specially created HTML page...

Vulnerability of the print-ospf6.c:ospf6_print_lshdr() function in the packet capture and analysis tool tcpdump: allowing a hacker to cause a service failure

The vulnerability in the print-ospf6.c:ospf6printlshdr utility for capturing and analyzing network traffic using tcpdump is related to the execution of a read operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability in the print-hncp.c:print_prefix() utility for capturing and analyzing network traffic with tcpdump, allowing a hacker to cause a service failure

The vulnerability in the print-hncp.c:printprefix utility for capturing and analyzing network traffic using tcpdump is related to the execution of read operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2017-18656

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 August 2017...

Open-Xchange: Buffer overread in parse_angle_addr called from message_address_parse_path

Call messageaddressparsepathpooldatastackcreate, data0, size0, &addr2; with input 0x3c,0x40,0x5b,0x40,0x40,0x28, ie parser.data == '@' if parsedomainlistctx 0 && ctx-parser.data == ':' ctx-parser.data++; - else if parsingpath && ctx-parser.data != ':' + else if parsingpath && ctx-parser.data...

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

wireshark: Multiple dissectors could crash (wnpa-sec-2018-36)

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuffzlib.c by rejecting negative lengths to avoid a buffer over-read...

ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file...

DEBIAN-CVE-2019-20630

An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BSReadByte called from gfbsreadbit in utils/bitstream.c that can cause a denial of service via a crafted MP4 file...