SUSE CVE-2023-26157

Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service DoS due to an out-of-bounds read involving section-numpages in decoder2007.c...

libredwg Security Vulnerabilities

libredwg is a free implementation of the DWG file format. A security vulnerability exists in libredwg versions prior to 0.12.5.6384, which stems from an out-of-bounds read problem in section-numpages in decoder2007.c. The vulnerability is caused by a read-over-bounds problem in section-numpages...

PT-2024-12088 · Libredwg +1 · Libredwg +1

Name of the Vulnerable Software and Affected Versions: libredwg versions prior to 0.12.5.6384 Description: The issue is related to a Denial of Service DoS due to an out-of-bounds read involving section-num pages in the decode r2007.c file. This can cause the software to become unresponsive or...

OESA-2023-1985 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

CVE-2023-51773

BACnet Stack before 1.3.2 is affected by a decode function APDU buffer over-read in bacapp_decode_application_data (bacapp.c). The vulnerability affects BACnet Stack prior to version 1.3.2 and can impact confidentiality and availability due to a buffer over-read. No explicit exploitation details ...

PT-2023-35668 · Rawspeed · Rawspeed

Name of the Vulnerable Software and Affected Versions: rawspeed affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the parseWhiteBalance function within DngDecoder, which is part of the rawspeed library...

PT-2023-31891 · Unknown · Bacnet Stack

Name of the Vulnerable Software and Affected Versions: BACnet Stack versions prior to 1.3.2 Description: The issue is related to a decode function APDU buffer over-read in the bacapp decode application data function in bacapp.c. This over-read occurs in versions of the BACnet Stack before 1.3.2...

SUSE CVE-2023-2794

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...

SUSE CVE-2023-4233

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...

PT-2023-35653 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state includes functions such as ih264d filter boundary left nonmbaff, ih264d deblock mb...

PT-2023-35649 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue was identified, potentially causing a crash. The crash occurs in the ih264d format convert function, which is called by isvc...

PT-2023-35648 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue is reported, with a crash type indicating a WRITE operation. The crash state involves functions such as ih264d format conver...

PT-2023-35650 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow write crash. Technical details about the crash include the functions isvcd start of pic, isvcd parse decod...

PT-2023-8463 · Jasper +1 · Jasper +1

Name of the Vulnerable Software and Affected Versions: Jasper-Software Jasper versions 4.1.1 and earlier Description: The issue is related to an invalid memory write that allows a local attacker to execute arbitrary code. It involves a buffer overflow in memory when handling an ICC profile,...

SUSE CVE-2023-49460

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

CVE-2023-49460

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

DEBIAN-CVE-2023-49460

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

UBUNTU-CVE-2023-49460

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

libheif Security Vulnerabilities

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif version v1.17.5, which stems from the discovery of a containment segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...

PT-2023-27252 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a possible out of bounds write due to a heap buffer overflow in the a2dp vendor opus decoder decode packet function of a2dp vendor opus decoder.cc. This could le...