2 matches found
CVE-2019-17264
In libyal liblnk before 20191006, liblnklocationinformationreaddata in liblnklocationinformation.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue...
CVE-2018-13870
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c...