The vulnerability of the AdaptiveThresholdImage function in the console-based image editing tool ImageMagick allows a hacker to cause a service failure or expose protected information.

The vulnerability of the AdaptiveThresholdImage function MagickCore/threshold.c in the console-based image editing tool ImageMagick involves reading data beyond the buffer boundaries in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or reveal...

augeas: Improper handling of escaped strings leading to memory corruption

A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution...

exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...

libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c

An integer overflow has been discovered in libtiff in TIFFSetupStrips:tifwrite.c, which could lead to a heap-based buffer overflow in TIFFWriteScanline:tifwrite.c. An attacker may use this vulnerability to corrupt memory or cause Denial of Service...

elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file

An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of service via a...

elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...

The vulnerability of the memcpy_fromiovecend() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the memcpyfromiovecend function in the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the vm3dmp driver for the VMware Tools utility on Windows operating systems allows a hacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the VMware Tools utility’s driver vm3dmp for Windows operating systems arises from reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected information...

DEBIAN-CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

UBUNTU-CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

DEBIAN-CVE-2015-9290

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1GetPrivateDict where there is no check that the new values of cur and limit are sensible before going to Again...

UBUNTU-CVE-2015-9290

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1GetPrivateDict where there is no check that the new values of cur and limit are sensible before going to Again...

PYSEC-2019-244

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

The vulnerability of the DHCP server service in Windows Server operating systems allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the DHCP server service for Windows Server lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures or execute arbitrary code by sending a specially crafted packet to...

The vulnerabilities of PDF viewing and editing programs developed by Adobe Acrobat, Acrobat Reader, Adobe Acrobat Document Cloud, and Adobe Acrobat Reader Document Cloud involve reading beyond the buffer in memory, allowing attackers to compromise the confidentiality of protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat, Acrobat Reader, Adobe Acrobat Document Cloud, and Adobe Acrobat Reader Document Cloud lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the...

DEBIAN-CVE-2019-1010220

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "NDPRINTndo, "%s", buf;", in function named "printprefix", in "print-hncp.c". The attack vector is: The victim must open a...

UBUNTU-CVE-2019-1010220

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "NDPRINTndo, "%s", buf;", in function named "printprefix", in "print-hncp.c". The attack vector is: The victim must open a...

DEBIAN-CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

DEBIAN-CVE-2019-13616

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDLblitN.c when called from SDLSoftBlit in video/SDLblit.c...

ALPINE-CVE-2019-13616

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDLblitN.c when called from SDLSoftBlit in video/SDLblit.c...