Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in versions of the Linux kernel prior to 5.13.13, which stems from a slab out-of-bounds write to the decodedata function in...

CVE-2021-39527

An issue was discovered in libredwg through v0.10.1.3751. appinfoprivate in decode.c has a heap-based buffer overflow...

libredwg 代码问题漏洞

LibreDWG is a free C library for reading and writing DWG files. a null pointer dereference vulnerability exists in the checkPOLYLINEhandles function in decode.c in LibreDWG version 0.10.1.3751. An attacker could exploit this vulnerability to cause a denial of service...

DEBIAN-CVE-2020-21596

libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited via a crafted a file...

ALPINE-CVE-2020-21596

libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited via a crafted a file...

UBUNTU-CVE-2020-21596

libde265 v1.0.4 contains a global buffer overflow in the decodeCABACbit function, which can be exploited via a crafted a file...

Libde265 缓冲区错误漏洞

libde265 is an open source implementation of the h.265 video codec. libde265 version 1.0.4 contains a global buffer overflow vulnerability in the decodeCABACbit function. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

Unexpected panic in multihash

In versions prior 0.11.3 it's possible to make fromslice panic by feeding it certain malformed input. It's never documented that fromslice and frombytes which wraps it can panic, and its' return type Result suggests otherwise. In practice, fromslice/frombytes is frequently used in networking code...

GHSA-8C6G-4XC5-W96C Uninitialized memory exposure in claxon

Affected versions of Claxon made an invalid assumption about the decode buffer size being a multiple of a value read from the bitstream. This could cause parts of the decode buffer to not be overwritten. If the decode buffer was newly allocated and uninitialized, this uninitialized memory could b...

Uninitialized memory exposure in claxon

Affected versions of Claxon made an invalid assumption about the decode buffer size being a multiple of a value read from the bitstream. This could cause parts of the decode buffer to not be overwritten. If the decode buffer was newly allocated and uninitialized, this uninitialized memory could b...

Exiv2 Invalid Memory Access Vulnerability

Exiv2 is a cross-platform C library and command-line utility for managing image metadata. An invalid memory access vulnerability exists in the decode function in iptc.cpp in Exiv2 version 0.27.99.0. An attacker could exploit the vulnerability to cause a denial of service via a specially crafted t...

CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

DEBIAN-CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

PYSEC-2021-883

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

Design/Logic Flaw

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

UBUNTU-CVE-2020-18776

In Libav 12.3, there is a segmentation fault in vc1decodebmbintfr in vc1block.c that allows an attacker to cause denial-of-service via a crafted file...

Exiv2 缓冲区错误漏洞

Exiv2 is a cross-platform C library and command-line utility for managing image metadata. An invalid memory access vulnerability exists in the decode function in iptc.cpp in Exiv2 version 0.27.99.0. An attacker could exploit the vulnerability to cause a denial of service via a specially crafted t...

CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

PT-2021-10244 · Libav · Libav

Name of the Vulnerable Software and Affected Versions: Libav version 12.3 Description: The issue is a heap-based buffer over-read in the vc1 decode p mb intfi function in vc1 block.c, which can be exploited by an attacker to cause a denial-of-service via a crafted file. Recommendations: For Libav...