47 matches found
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...
LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp
A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...
DEBIAN-CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
SUSE CVE-2024-27280
A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...
LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp
A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...
LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp
A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...
The vulnerability of the `LibRaw_buffer_datastream::gets` function in the `src/libraw_datastream.cpp` file of the LibRaw image processing library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the LibRawbufferdatastream::gets function in the src/librawdatastream.cpp file of the LibRaw image processing library is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity,...
DEBIAN-CVE-2021-32142
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp...
UBUNTU-CVE-2021-32142
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp...
Libraw 缓冲区错误漏洞
Libraw is a C++ library from Libraw for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images, supporting various operating systems. A security vulnerability exists in Libraw version v0.20.0, which originated from a vulnerability that allows an attacker to elevate privileges via...
BufferOverflow
Description Buffer Overflow is most commonly found in languages such as C and C ++, where there is the need for prior definition of the memory size of the buffer to be used. The program calls a gets function, which does not checks against overflowing the size assigned to buffer. As a result, it...
PT-2021-7867 · Libraw +8 · Libraw +8
Name of the Vulnerable Software and Affected Versions: LibRaw version 0.20.0 Description: The issue is related to a buffer overflow in the LibRaw buffer datastream::gets function, located in the libraw datastream.cpp component of the LibRaw image processing library. This allows an attacker to...
Windows-Pwn-Step-by-Step
This is a Windows executable file ExploitMe1.exe that appears to be a proof-of-concept PoC exploit for a vulnerability in the Windows operating system. The file is a Visual Studio project that has been compiled and packaged into an executable. The executable is designed to exploit a vulnerability...
CVE-2019-9884
eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...
Design/Logic Flaw
eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...
CVE-2019-9884 eClass platform contains a Broken Access Control vulnerability
eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...
BoF-Challenge2
On this simple stack-based buffer overflow you need to identify the vulnerable function and the buffer to overflow, then inject your payload and get a local shell. include include void func char buf100; getsbuf; printf"You entered: %s\n", buf; int mainint argc, char argv func; return 0;...
My Baby Gets Organized - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application My Baby Gets Organized published at the 'play' market has multiple vulnerabilities...