Lucene search
K

56 matches found

RedHat Linux
RedHat Linux
added 2022/11/08 9:33 a.m.5 views

libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c

A buffer overflow vulnerability was found in libtiff. This flaw allows an attacker with network access to pass specially crafted files, causing an application to halt or crash. The root cause of this issue was from the memcpy function in tifunix.c...

5.5CVSS7.5AI score0.01336EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/09/02 12:0 a.m.9 views

The vulnerability in the JavaScript script handler of Firefox browsers, Firefox ESR, and the email client Thunderbird allows a hacker to execute arbitrary code.

The vulnerability of JavaScript script handlers in Firefox, Firefox ESR, and the email client Thunderbird lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by opening a specially crafted...

7.6CVSS7.5AI score0.00905EPSS
Exploits0References20Affected Software8
Amazon
Amazon
added 2022/03/08 12:0 a.m.5 views

Important: docker

Issue Overview: A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an...

7.5CVSS7AI score0.02693EPSS
Exploits3
OSV
OSV
added 2022/02/09 11:26 p.m.10 views

GHSA-Q85F-69Q7-55H2 Uninitialized variable access in Tensorflow

Impact The implementation of AssignOp can result in copying unitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized to minimize number of allocations, but does not check that the right hand...

7.6CVSS7.2AI score0.00755EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2021/11/09 5:42 p.m.4 views

python-pillow: Negative-offset memcpy in TIFF image reader

A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which could lead to a system crash...

7.5CVSS7.3AI score0.02372EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.4 views

MAT File I/O Library 缓冲区错误漏洞

The MAT File I/O Library matio is an open source, C language library for reading and writing binary MATLAB MAT files. A buffer error vulnerability exists in matio a.k.a. MAT File I O Library 1.5.20 and 1.5.21, which stems from a heap-based buffer overflow in the H5MM memcpy called from the H5MM...

6.5CVSS6.7AI score0.01503EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/08/12 11:45 a.m.9 views

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

7.1CVSS7.4AI score0.01218EPSS
Exploits0References4
OSV
OSV
added 2020/04/01 10:15 p.m.5 views

UBUNTU-CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

8.1CVSS7.6AI score0.05223EPSS
Exploits0References5
OSV
OSV
added 2020/01/22 10:15 p.m.3 views

UBUNTU-CVE-2019-20398

A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup. Applications that use libyang to parse untrusted input yang files may crash...

6.5CVSS6.6AI score0.01818EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2018/04/01 6:29 p.m.4 views

CVE-2018-9165

The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow attackers to...

6.5CVSS5.5AI score0.01135EPSS
Exploits0References3
CNVD
CNVD
added 2018/02/28 12:0 a.m.2 views

zsh Denial of Service Vulnerability

Z Shell Zsh is a Unix shell that can be used as an interactive login shell and a powerful shell script command interpreter. A denial of service vulnerability exists in params.c in zsh versions 5.4.2 and earlier during the copying of an empty hash table. An attacker can exploit this vulnerability ...

7.5CVSS9.1AI score0.02641EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2018/01/18 12:0 a.m.70 views

Microsoft Edge Chakra JIT Stack-To-Heap Copy Bug

Microsoft Edge: Chakra: JIT: stack-to-heap copy bug CVE-2018-0776 If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those...

7.6CVSS0.78434EPSS
Exploits4
OSV
OSV
added 2018/01/09 5:29 a.m.3 views

DEBIAN-CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

7.8CVSS7.2AI score0.0131EPSS
Exploits1References1
OSV
OSV
added 2015/09/06 2:59 a.m.2 views

DEBIAN-CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

7.5CVSS9.2AI score0.02482EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.3 views

kernel: crypto: info leaks in report API

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability...

2.1CVSS5.8AI score0.00386EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/07/20 1:1 p.m.11 views

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

4.6CVSS6.9AI score0.00474EPSS
Exploits1References4
Rows per page
Query Builder