An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in do_token_out routines. This flaw allows a guest user to crash the QEMU process resulting in a denial of service or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

...

ALPINE-CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

UBUNTU-CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

The vulnerability of the store_data_buffer function in the ImageGear image processing library allows a hacker to execute arbitrary code.

The vulnerability of the storedatabuffer function in the ImageGear image processing library is related to conversion errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created malicious PNG file...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-27757)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in the 'storedatabuffer' function of the igcore19d.dll library in Accusoft ImageGear version 19.5.0. An attacker can exploit the vulnerability to execute code with the hel...

CVE-2020-6075

An exploitable out-of-bounds write vulnerability exists in the storedatabuffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to...

The vulnerability of the ANGLE component in the Google Chrome web browser allows a perpetrator to compromise data integrity, cause service failures, or gain unauthorized access to confidential information.

The vulnerability of the ANGLE browser component in Google Chrome relates to the execution of operations within the data buffer’s allowable limits. Exploiting this vulnerability could allow an attacker to compromise data integrity, cause service failures, or gain unauthorized access to confidenti...

Important: Red Hat Security Advisory: http-parser security update

An update for http-parser is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: http-parser security update

An update for http-parser is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

The vulnerability of the TCP/IP emulator tcp_emu(), Slirp emulator, and the hardware emulation software QEMU allows a hacker to induce a service failure.

The vulnerability of the tcpemu function slirp/tcpsubr.c of the Slirp TCP/IP emulator and the QEMU hardware emulation software is related to the execution of operations outside the data buffer “scrcv-sbdata”. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2019-10559

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

CVE-2019-10559

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...

The vulnerability of the Firefox browser, related to the execution of operations beyond the data buffer, allows attackers to execute arbitrary code.

The vulnerability of the Firefox browser is related to the execution of operations beyond the data buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Input validation

In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program c...

FreeBSD-SA-19:23.midi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:23.midi Security Advisory The FreeBSD Project Topic: kernel memory disclosure from /dev/midistat Category: core Module: sound Announced: 2019-08-20 Credits:...

exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file...

UBUNTU-CVE-2019-13959

In Bento4 1.5.1-627, AP4DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186...

CVE-2019-13959

CVE-2019-13959 affects Bento4 1.5.1-627. The issue is in AP4_DataBuffer::SetDataSize where reallocation failures are not handled, causing a memory copy into a NULL pointer. Related sources (CNVD-2019-28473, RH/SOSV/UBUNTU entries) describe this as a null-pointer dereference that can lead to a cra...

Yubico Security Keys with a Crypto Flaw

Wow, is this an embarrassing bug: Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness ...

The vulnerability of the data buffer in Intel’s microprogramming software allows a hacker to gain access to confidential information.

The vulnerability of the MSBDS microprogramming system’s data buffer relates to the improper implementation of micro-optimization measures aimed at improving the efficiency of data writing to RAM. Exploiting this vulnerability allows an attacker to gain access to confidential information...