UBUNTU-CVE-2018-19662

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alawarray in alaw.c that will lead to a denial of service...

CVE-2018-5916

Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, ...

CVE-2018-5916

CVE-2018-5916 describes a buffer overread during PDP modify requests or network-initiated secondary PDP activation in Qualcomm Snapdragon components across Snapdragon Automotive, Mobile and Wear platforms. Affected Snapdragon families include MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640,...

CVE-2018-5916

Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, ...

DEBIAN-CVE-2018-19566

A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

DEBIAN-CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

UBUNTU-CVE-2018-19565

A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2decode in libjasper/jp2/jp2dec.c...

CVE-2018-19541

An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0....

UBUNTU-CVE-2018-19543

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2decode in libjasper/jp2/jp2dec.c...

UBUNTU-CVE-2018-19519

In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization...

PT-2018-3818 · Audiocoding +2 · Faad2 +2

Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 versions 2.8.8 Description: The issue is related to a buffer over-read in the ps mix phase function of the libfaad/ps dec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder. This i...

curl: RTSP RTP buffer over-read

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage...

curl: FTP PWD response parser out of bounds read

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

curl: TFTP sends more than buffer size

When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name longer than about 515 bytes, the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used...

DEBIAN-CVE-2018-19215

Netwide Assembler NASM 2.14rc16 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for the special cases of the % and $ and ! characters...

DEBIAN-CVE-2018-19214

Netwide Assembler NASM 2.14rc15 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for insufficient input...

UBUNTU-CVE-2018-19215

Netwide Assembler NASM 2.14rc16 has a heap-based buffer over-read in expandmmacparams in asm/preproc.c for the special cases of the % and $ and ! characters...

The vulnerability of the LAquis SCADA data collection and process control tool lies in the recording of data beyond the buffer boundaries in memory, allowing a intruder to execute arbitrary code.

The vulnerability of the LAquis SCADA data collection and process control tool lies in the recording of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...