PT-2019-8750 · Open Information Security Foundation · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata version 4.0.4 Description: The issue arises from incorrect handling of EtherNet/IP PDU parsing, which can lead to the parsing code reading beyond the allocated data due to an integer overflow during a length check in the DecodeENIPPD...

freerdp: Out-of-bounds write in nsc_rle_decode() function

A flaw was found in freerdp in versions before 2.0.0-rc4. An out-of-bounds write of up to 4 bytes in the nscrledecode function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Linux/x86 - NOT Encoder / Decoder - execve(/bin/sh) Shellcode (44 bytes)

/ ; NOT-Encoder.py ; Author: Daniele Votta ; Description: This program encode shellcode with NOT technique. ; Tested on: i686 GNU/Linux ; Shellcode Length:25 !/usr/bin/python Python NOT Encoder Execve /bin/sh shellcode...

CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

DEBIAN-CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

CVE-2019-3804

It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

Heap overflow

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwgdecodeeeddata at decode.c for the z dimension...

Heap overflow

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwgdecodeeeddata at decode.c for the y dimension...

DEBIAN-CVE-2019-7175

In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c...

PHP has unspecified vulnerabilities (CNVD-2019-42545)

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A...

HDF HDF5 out-of-bounds read vulnerability (CNVD-2019-42548)

HDF5 is a data model, library, and file format for storing and managing data. An out-of-bounds read vulnerability exists in the H5MMxstrdup function in H5MM.c in HDF HDF5 1.10.4 when called from H5Odtypedecodehelper in H5Odtype.c. An attacker could exploit this vulnerability to obtain information...

PT-2019-19939 · Gnu +5 · Gnu Tar +5

Name of the Vulnerable Software and Affected Versions: GNU Tar versions prior to 1.32 Description: The issue arises from a NULL pointer dereference in the pax decode header function within sparse.c when parsing certain archives with malformed extended headers. Recommendations: For GNU Tar version...

UBUNTU-CVE-2019-9024

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...

UBUNTU-CVE-2019-9020

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpcdecode can lead to an invalid memory access heap out of bounds read or read after free. This is related to xmlelemparsebuf in...

skia/image_decode: Use-of-uninitialized-value in sse2::blit_row_s32a_opaque

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5762139996815360 Project: skia Fuzzer: libFuzzerskiaimagedecode Fuzz target binary: imagedecode Job Type: libfuzzermsanskia Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29169)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'IMAADPCMdecode' function of the audio/SDLwave.c file in SDL versions prior to...

SDL (Simple DirectMedia Layer) Buffer Overflow Vulnerability (CNVD-2019-29170)

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A heap-based buffer overflow vulnerability exists in the 'IMAADPCMdecode' function of the audio/SDLwave.c file in SDL versions prior to...

UBUNTU-CVE-2019-7575

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...

DEBIAN-CVE-2019-7575

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...