UBUNTU-CVE-2018-14882

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c...

UBUNTU-CVE-2018-14465

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvpobjprint...

UBUNTU-CVE-2018-14462

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmpprint...

UBUNTU-CVE-2018-14467

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...

UBUNTU-CVE-2018-16227

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

UBUNTU-CVE-2018-14470

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babelprintv2...

UBUNTU-CVE-2018-14464

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmpprintdatalinksubobjs...

UBUNTU-CVE-2019-16748

In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignatureex in wolfcrypt/src/asn.c...

PT-2019-6178 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.2.1 Description: A CWE-125: Out-of-bounds read issue exists in the long term filter function in g729postfilter.c during computation of the denominator of pseudo-normalized correlation R'0, that could result in disclosure of...

The vulnerability of the hdAudio.sys component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the hdAudio.sys component in the Windows operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...

poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc

Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function...

DEBIAN-CVE-2019-16166

GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...

Debian: Security Advisory (DLA-1912-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2019-0246 Updated monit packages fix security vulnerabilities

Updated monit package fixes security vulnerabilities: Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks CVE-2019-11454. Zack Flack discovered a buffer overread when Monit decoded certain...

[SECURITY] [DLA 1912-1] expat security update

Package : expat Version : 2.1.0-6+deb8u6 CVE IDs : CVE-2019-15903 Debian Bug : 939394 It was discovered that there was a heap-based buffer overread vulnerability in expat, an XML parsing library. A specially-crafted XML input could fool the parser into changing from DTD parsing to document parsin...

PT-2021-3327 · Gnu +9 · Glibc +9

Name of the Vulnerable Software and Affected Versions: glibc versions through 2.32 Description: The issue is related to a buffer over-read in the iconv feature of the GNU C Library when processing invalid multi-byte input sequences in the EUC-KR encoding. This could potentially allow a remote...

The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation virtualization platforms arises from reading data beyond the buffer in memory. This allows attackers to exploit the protected information or cause system failures.

The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation virtualization platforms is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause system failures...

ALPINE-CVE-2019-15903

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read...

DEBIAN-CVE-2015-9382

FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...