AnyBurn 安全漏洞

AnyBurn is a disc burning and image processing tool developed by AnyBurn Corporation. The AnyBurn 4.3 x86 version contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the image conversion function, which could allow local attackers to cause the...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the opencc::MaxMatchSegmentation and Conversion::Convertconst char functions. An attacker can achieve unauthorized access to memory and potentially execute arbitrary code by providing specially crafted inp...

Linux Distros Unpatched Vulnerability : CVE-2023-52997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as ...

CVE-2022-49873

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in releasereference Some helper functions will allocate memory. To avoid memory leaks, the verifier requires the eBPF program to release these memories by calling the corresponding helper...

SUSE CVE-2025-2152

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The...

OpenEXR suffers from an unspecified vulnerability (CNVD-2025-24802)

OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in OpenEXR version v.3.2.3 and earlier. An attacker could exploit this vulnerability to cause a denial of service DoS via the conversion function in exrmultipart.cpp...

PT-2023-35625 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified, which can cause a crash. The crash occurs in the H5T bit copy, H5T bit get d, and H5T conv f f functions. Recommendations: At the moment,...

SUSE CVE-2022-36000

TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...

convert collects funds even when minting is disabled

Handle paulius.eth Vulnerability details Impact function convert only performs the conversion when minting is turned on: ifminting However, the funds are collected before and it does not reimburse the sender: function convertForMemberaddress member, uint amount public returnsuint getFundsVADER,...

CVE-2017-17484

The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles ucnvconvertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly hav...

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=715 The ActionScript parameter conversion in the fix for issue 403 https://code.google.com/p/google-security-research/issues/detail?id=403 can sometimes access a parameter on the native stack that is uninitialized. If: mc.swapDepth...

[SECURITY] [DLA 383-1] claws-mail security update

Package : claws-mail Version : 3.7.6-4+squeeze2 CVE ID : CVE-2015-8614 CVE-2015-8708 "DrWhax" of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account...