Lucene search
K

47 matches found

RedHat Linux
RedHat Linux
added 2024/06/06 2:3 p.m.5 views

ruby: Buffer overread vulnerability in StringIO

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...

9.8CVSS7.4AI score0.02364EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/03 6:41 p.m.5 views

ruby: Buffer overread vulnerability in StringIO

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...

9.8CVSS7.4AI score0.02364EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/05/30 1:22 p.m.5 views

ruby: Buffer overread vulnerability in StringIO

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...

9.8CVSS7.4AI score0.02364EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/05/22 9:57 a.m.4 views

LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp

A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...

7.8CVSS5.9AI score0.00424EPSS
Exploits1References5
OSV
OSV
added 2024/05/14 3:11 p.m.1 views

DEBIAN-CVE-2024-27280

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...

9.8CVSS6.8AI score0.02364EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/03/23 3:34 a.m.3 views

SUSE CVE-2024-27280

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...

3.1CVSS6.8AI score0.02364EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/23 4:26 p.m.5 views

LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp

A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...

7.8CVSS5.9AI score0.00424EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/11/07 8:49 a.m.14 views

LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp

A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...

7.8CVSS5.9AI score0.00424EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.8 views

The vulnerability of the `LibRaw_buffer_datastream::gets` function in the `src/libraw_datastream.cpp` file of the LibRaw image processing library allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the LibRawbufferdatastream::gets function in the src/librawdatastream.cpp file of the LibRaw image processing library is related to writing beyond the buffer’s boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity,...

7.8CVSS6.2AI score0.00424EPSS
Exploits1References13Affected Software8
OSV
OSV
added 2023/02/17 6:15 p.m.1 views

DEBIAN-CVE-2021-32142

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp...

7.8CVSS5.9AI score0.00424EPSS
Exploits1References1
OSV
OSV
added 2023/02/17 6:15 p.m.3 views

UBUNTU-CVE-2021-32142

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp...

7.8CVSS6.3AI score0.00424EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.2 views

Libraw 缓冲区错误漏洞

Libraw is a C++ library from Libraw for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images, supporting various operating systems. A security vulnerability exists in Libraw version v0.20.0, which originated from a vulnerability that allows an attacker to elevate privileges via...

7.8CVSS6AI score0.00424EPSS
Exploits1References12
Huntr
Huntr
added 2022/08/29 4:39 a.m.19 views

BufferOverflow

Description Buffer Overflow is most commonly found in languages ​​such as C and C ++, where there is the need for prior definition of the memory size of the buffer to be used. The program calls a gets function, which does not checks against overflowing the size assigned to buffer. As a result, it...

1.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/04/12 12:0 a.m.3 views

PT-2021-7867 · Libraw +8 · Libraw +8

Name of the Vulnerable Software and Affected Versions: LibRaw version 0.20.0 Description: The issue is related to a buffer overflow in the LibRaw buffer datastream::gets function, located in the libraw datastream.cpp component of the LibRaw image processing library. This allows an attacker to...

7.8CVSS6.8AI score0.01711EPSS
Exploits5References102
Gitee
Gitee
added 2020/05/16 11:38 a.m.2 views

Windows-Pwn-Step-by-Step

This is a Windows executable file ExploitMe1.exe that appears to be a proof-of-concept PoC exploit for a vulnerability in the Windows operating system. The file is a Visual Studio project that has been compiled and packaged into an executable. The executable is designed to exploit a vulnerability...

7.3AI score
Exploits0
NVD
NVD
added 2019/07/25 5:15 p.m.14 views

CVE-2019-9884

eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...

10CVSS9.6AI score0.0296EPSS
Exploits1References3
Prion
Prion
added 2019/07/25 5:15 p.m.14 views

Design/Logic Flaw

eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...

10CVSS9.4AI score0.0296EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/07/25 4:25 p.m.17 views

CVE-2019-9884 eClass platform contains a Broken Access Control vulnerability

eClass platform ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page...

9.8CVSS9.5AI score0.0296EPSS
Exploits1References3
exploitpack
exploitpack
added 2019/05/02 12:0 a.m.16 views

BoF-Challenge2

On this simple stack-based buffer overflow you need to identify the vulnerable function and the buffer to overflow, then inject your payload and get a local shell. include include void func char buf100; getsbuf; printf"You entered: %s\n", buf; int mainint argc, char argv func; return 0;...

1.2AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:22 a.m.14 views

My Baby Gets Organized - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application My Baby Gets Organized published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder