4783 matches found
OSV-2021-646 Heap-use-after-free in std::__1::__tree_iterator<std::__1::__value_type<std::__1::basic_string<char, st
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33315 Crash type: Heap-use-after-free READ 8 Crash state: std::1::treeiteratorstd::1::valuetypestd::1::basicstringchar, st draco::Metadata::AddSubMetadata draco::MetadataDecoder::DecodeMetadata...
Denial Of Service (DoS)
Nanopb is vulnerable to denial of service. Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer...
EulerOS Virtualization 2.9.1 : python-pillow (EulerOS-SA-2021-1729)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.CVE-2020-5313 - An out-of-bounds write flaw was...
openvswitch: use-after-free in decode_NXAST_RAW_ENCAP during the decoding of a RAW_ENCAP action
Open vSwitch aka openvswitch has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...
Authorization Before Parsing and Canonicalization in jetty
Release 9.4.37 introduced a more precise implementation of RFC3986 with regards to URI decoding, together with some new compliance modes to optionally allow support of some URI that may have ambiguous interpretation within the Servlet specified API methods behaviours. The default mode allowed %...
GHSA-V7FF-8WCX-GMC5 Authorization Before Parsing and Canonicalization in jetty
Release 9.4.37 introduced a more precise implementation of RFC3986 with regards to URI decoding, together with some new compliance modes to optionally allow support of some URI that may have ambiguous interpretation within the Servlet specified API methods behaviours. The default mode allowed %...
CVE-2021-24026
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an out-of-bounds write...
CVE-2021-24026
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an out-of-bounds write...
Out-of-bounds
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an out-of-bounds write...
CVE-2021-24026
CVE-2021-24026 is a high-severity remote code execution flaw in WhatsApp’s audio decoding pipeline. A missing bounds check in the audio decoding path could allow an out-of-bounds write when processing calls, affecting WhatsApp for Android (pre-2.21.3) and WhatsApp Business for Android (pre-2.21.3...
CVE-2021-24026
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an out-of-bounds write...
GHSA-57H3-9RGR-C24M Out of bounds write in Pillow
An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...
CVE-2021-21401
Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...
CVE-2021-21401
Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...
CVE-2021-21401
Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...
PYSEC-2021-432
Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...
CVE-2021-21401 Invalid free() call in Nanopb
Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...
Out-of-bounds write in libpng
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function gettoken in pnm2png.c in pnm2png...
The vulnerability of the ZRLEDecoder software, which is part of VNC TigerVNC, allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the ZRLEDecoder software, developed for VNC and TigerVNC protocols, relates to operations involving resources after their expiration. Exploiting this vulnerability can allow unauthorized individuals to gain access to confidential data, compromise its integrity, and cause...
ALPINE-CVE-2021-25290
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...