PYSEC-2019-250

GattLib 0.2 has a stack-based buffer over-read in gattlibconnect in dbus/gattlib.c because strncpy is misused...

openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...

openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...

DEBIAN-CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

DEBIAN-CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

UBUNTU-CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

UBUNTU-CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

Denial Of Service (DoS)

mongodb is vulnerable to denial of service DoS attacks. The vulnerability exists as the default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the colum...

LibSass Heap Buffer Over-Read Vulnerability

LibSass is the C/C ++ implementation of the Sass compiler. A heap-based buffer over-read vulnerability exists in Sass::Prelexer::alternatives in prelexer.hpp in LibSass 3.5.5. An attacker can exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2019-6286

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...

UBUNTU-CVE-2019-6286

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...

DEBIAN-CVE-2019-6284

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...

PT-2019-18071 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.5 Description: A heap-based buffer over-read issue exists in the Sass::Prelexer::parenthese scope function, located in prelexer.hpp. This issue may potentially be exploited. Recommendations: For LibSass version 3.5.5,...

PT-2019-1678 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: A heap-based buffer over-read was discovered in the elf32 xlatetom function in libelf. This issue can be triggered by a crafted ELF input, causing a segmentation fault that leads to a denial of service...

Internet Bug Bounty: buffer overread in base64 code of the xmlrpc module

Malformed input to the xmlrpcdecode function can cause an out of bounds read in the base64 code. This is fixed in the latest updates of PHP 7.3.1 etc. Report: https://bugs.php.net/bug.php?id=77380 Impact If the attacker has access to the decoded output this may leak memory contents...

Updated aubio packages fix security vulnerabilities

NULL pointer dereference in the function aubiosourceavcodecreadframe which may lead to DoS when playing a crafted audio file CVE-2017-17554. A crash in aubiopitchsetunit CVE-2018-14522. A buffer overrread resulting in crash or information leakage in newaubiopitchyinfft CVE-2018-14523...

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory...

DEBIAN-CVE-2019-3574

In libsixel v1.8.2, there is a heap-based buffer over-read in the function loadjpeg in the file loader.c, as demonstrated by img2sixel...

UBUNTU-CVE-2019-3574

In libsixel v1.8.2, there is a heap-based buffer over-read in the function loadjpeg in the file loader.c, as demonstrated by img2sixel...

perl: Heap-based buffer read overflow in S_grok_bslash_N()

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory...