5784 matches found
DEBIAN-CVE-2017-8393
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...
DEBIAN-CVE-2016-10350
The archivereadformatcabreadheader function in archivereadsupportformatcab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...
ALPINE-CVE-2017-8363
The flacbuffercopy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...
ALPINE-CVE-2017-8365
The i2lesarray function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file...
The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to breach the confidentiality of information.
The vulnerabilities of PDF viewing and editing programs such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat are related to reading beyond the buffer limit and memory leaks resulting from parsing segment APP13 into JPEG files. Exploiting these...
The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to breach the confidentiality of information.
The vulnerability of image conversion tools for viewing and editing PDF files, such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat, is related to reading beyond the buffer limit and memory leaks caused by parsing EMF format files. Exploiting this...
libcroco 'cr_input_new_from_uri' function denial of service vulnerability
libcroco is a CSS2 parsing library. A security vulnerability exists in the 'crinputnewfromuri' function in the cr-input.c file in libcroco versions 0.6.11 and 0.6.12. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer out-of-bounds read with the help of a...
The vulnerability of the Mac OS X operating system allows a perpetrator to trigger a service failure or obtain confidential information.
The vulnerability of the Menus component in the Mac OS X operating system arises from reading data beyond the specified buffer limit. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information or cause a service failure reading beyond the...
The vulnerability of the Mac OS X operating system and the iOS operating system allows attackers to trigger service interruptions or obtain confidential information.
The vulnerability of the FontParser component in the Mac OS X and iOS operating systems arises from reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to obtain confidential information or cause a service failure such as reading beyond the memory limit or...
The vulnerability of the FreeType library, which allows a perpetrator to trigger a service failure or cause other effects
The vulnerability of the parsecharstrings function in the type1/t1load.c file of the FreeType library does not guarantee that the font contains the glyph’s name. This vulnerability arises from reading beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cau...
DEBIAN-CVE-2017-7697
In libsamplerate before 0.1.9, a buffer over-read occurs in the calcoutputsingle function in srcsinc.c via a crafted audio file...
UBUNTU-CVE-2017-7697
In libsamplerate before 0.1.9, a buffer over-read occurs in the calcoutputsingle function in srcsinc.c via a crafted audio file...
PT-2017-17839 · Red Hat +3 · Elfutils +3
Name of the Vulnerable Software and Affected Versions: elfutils version 0.168 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted ELF file. This is due to the ebl object note type name functio...
UBUNTU-CVE-2016-10271
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service heap-based buffer over-read and buffer overflow or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tiffax3.c:413:13...
DEBIAN-CVE-2016-10269
LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted TIFF image, related to "READ of...
The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure
The vulnerability of the SpliceImage function in the console-based image editing tool ImageMagick is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure application termination by using a specially created PNG file...
DEBIAN-CVE-2017-7210
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads of size 1 and size 8 while handling corrupt STABS enum type strings in a crafted object file, leading to program crash...
Updated wavpack packages fix security vulnerability
Hanno Böck discovered a global buffer overread vulnerability in WavPack's word parsing logic CVE-2016-10169, this update fixes it...
MGASA-2017-0077 Updated wavpack packages fix security vulnerability
Hanno Böck discovered a global buffer overread vulnerability in WavPack's word parsing logic CVE-2016-10169, this update fixes it...
UBUNTU-CVE-2017-6960
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the loadapng function and the imagesize variable...