The vulnerability of the ReadSUNImage function (coders/sun.c) in the cross-platform library for working with graphics, GraphicsMagick, allows a hacker to execute arbitrary code.

The vulnerability of the ReadSUNImage function coders/sun.c in the cross-platform library for working with graphics, GraphicsMagick, is related to reading beyond the buffer boundaries in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the WriteOnePNGImage function (coders/png.c) in the cross-platform graphics library GraphicsMagick, which allows a hacker to trigger a service failure.

The vulnerability of the WriteOnePNGImage function coders/png.c in the cross-platform graphics library GraphicsMagick is related to reading beyond the buffer boundaries in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure by using a specially...

The vulnerability of the ReadMNGImage function (coders/png.c) in the cross-platform library for working with graphics, GraphicsMagick, allows a hacker to execute arbitrary code.

The vulnerability of the ReadMNGImage function coder/png.c in the cross-platform library for working with graphics, GraphicsMagick, is related to reading beyond the buffer boundaries in dynamic memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

CVE-2019-19035

jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and processSOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file...

PT-2019-15699 · Tnef +2 · Tnef +2

Name of the Vulnerable Software and Affected Versions: tnef versions prior to 1.4.18 Description: The issue allows an attacker to potentially write to the victim's .ssh/authorized keys file via a crafted winmail.dat application/ms-tnef attachment in an email message. This is due to a heap-based...

The vulnerability of the VideoLAN VLC media player, which arises from reading data beyond the buffer in memory, allows a hacker to cause a system failure.

The vulnerability of the VideoLAN VLC media player arises from reading data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause the code to fail by using a specially created .wmv file...

expat: heap-based buffer over-read via crafted XML input

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read...

UBUNTU-CVE-2019-18798

LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in astselweave.cpp...

elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...

elfutils: buffer over-read in the ebl_object_note function in eblobjnote.c in libebl

In elfutils 0.175, there is a buffer over-read in the eblobjectnote function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf...

The vulnerability of the SSH_MSG_CHANNEL_REQUEST command in the libssh2 library allows a attacker to trigger a service failure or gain unauthorized access to protected information.

The vulnerability of the SSHMSGCHANNELREQUEST command in the libssh2 library involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain unauthorized access to protected information by connecting to an S...

The vulnerability of the libssh2 library, related to reading data beyond the buffer limit, allows an attacker to cause a service failure or gain unauthorized access to protected information.

The vulnerability of the libssh2 library lies in the reading of data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures or gain unauthorized access to protected information by connecting to an SSH server...

The vulnerability of the _libssh2_packet_require and _libssh2_packet_requirev functions in the libssh2 library allows a attacker to cause a service failure or gain unauthorized access to protected information.

The vulnerability of the libssh2packetrequire and libssh2packetrequirev functions in the libssh2 library involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain unauthorized access to protected...

Fedora 31 : 12:aspell (2019-1e0f7ac968)

Rebase to upstream version 0.60.8, that fixes potential security flaw. ChangeLog Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

php: memcpy with negative length via crafted DNS response

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

php: Buffer over-read in PHAR reading functions

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...

php: Heap buffer over-read in exif_process_user_comment()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

php: Buffer over-read in exif_read_data()

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

php: Heap-based buffer over-read in PHAR reading functions

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the...

php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...