28 matches found
DEBIAN-CVE-2026-12460
Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. Chromium security severity: High...
CVE-2026-6242
An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of externally supplied parameters within formatting functions. An attacker may inject crafted format strings into event subscription requests or notification generation pa...
CVE-2024-28739
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...
SUSE CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
SUSE CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
CVE-2021-34921
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
The vulnerability of the ksys2.dll library in the KOMPAS-3D 3D modeling system, which is related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.
The vulnerability of the ksys2.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...
The vulnerability of the ksys2.dll library in the KOMPAS-3D 3D modeling system, which is related to the execution of operations outside the buffer in memory, allows a hacker to cause a service failure.
The vulnerability of the ksys2.dll library in the KOMPAS-3D three-dimensional modeling system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially crafted CDW format file...
ruby: Buffer under-read in String#unpack
A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...
ruby: Buffer under-read in String#unpack
A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...
ruby: Buffer under-read in String#unpack
A integer underflow was found in the way Stringunpack decodes the unpacking format. An attacker, able to control the unpack format, could use this flaw to disclose arbitrary parts of the application's memory...
UBUNTU-CVE-2018-11130
The header::addFORMATdescriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted vcf file...
UBUNTU-CVE-2017-17123
The coffslurpreloctable function in coffcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted COFF based file...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
DEBIAN-CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Integer overflow
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...