PT-2023-36029 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow issue has been identified, which can cause a crash. The crash occurs due to a WRITE 1 heap-buffer-overflow. The functions involved in the crash include H5O mtime new...

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

Mozilla: Out of bounds memory write from EncodeInputStream

The Mozilla Foundation Security Advisory describes this flaw as: When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write...

SUSE CVE-2006-0019

Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI...

SUSE CVE-2009-1336

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

SUSE CVE-2009-5030

The tcdfreeencode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid...

SUSE CVE-2010-2097

The 1 iconvmimedecode, 2 iconvsubstr, and 3 iconvmimeencode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by...

SUSE CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

SUSE CVE-2011-2939

Off-by-one error in the decodexs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service memory corruption via a crafted Unicode string, which triggers a heap-based buffer overflow...

SUSE CVE-2011-4324

The encodeshareaccess function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service BUG and system crash by using the mknod system call with a pathname on an NFSv4 filesystem...

SUSE CVE-2016-2327

libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted .avi file, related to the apngencodeframe and encodeapng...

SUSE CVE-2016-3076

Heap-based buffer overflow in the j2kencodeentry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service memory corruption via a crafted Jpeg2000 file...

SUSE CVE-2016-3620

The ZIPEncode function in tifzip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

SUSE CVE-2016-3621

The LZWEncode function in tiflzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service buffer over-read via a crafted BMP image...

SUSE CVE-2016-6296

Integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...

SUSE CVE-2017-14039

A heap-based buffer overflow was discovered in the opjt2encodepacket function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact...

SUSE CVE-2017-18246

The pcmencodeframe function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted media file...

SUSE CVE-2018-5358

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c...

SUSE CVE-2018-5727

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

SUSE CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...