16981 matches found
CVE-2021-3549
An Out of Bounds flaw was found in GNU binutils objdump utility. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as syste...
GNU LibreDWG Heap Buffer Overflow Vulnerability
GNU LibreDWG is a C language library for working with DWG files from the GNU community. LibreDWG 0.10.1 suffers from a security vulnerability that originates from a buffer overflow vulnerability in the libredwg-0.10.1/src/decoder2007.c:666:5 heap. An attacker could exploit this vulnerability to...
glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding
A flaw was found in glibc. When processing input in the EUC-KR encoding, an invalid input sequence could cause glibc to read beyond the end of a buffer, resulting in a segmentation fault. The highest threat from this vulnerability is to system availability...
glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match...
Moderate: Red Hat Security Advisory: cpio security update
An update for cpio is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Moderate: cpio security update
The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fixes: cpio: improper input validation when writing tar header fields leads to unexpected tar generation CVE-2019-14866 For more details about the security...
cpio security update
An update is available for cpio. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cpio packages provide the GNU cpio utility for creating and extracting...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36642)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the read2004sectionpreview ... /... /src/decode.c:3175 to cause a heap buffer overflow...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36650)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability by reading2004sectionhandles ... /... /src/decode.c:2637 to cause a heap buffer overflow...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36634)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via htmlescape ... /... /programs/escape.c:48 to exploit the vulnerability and cause a heap buffer overflow...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36632)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via htmlescape ... /... /programs/escape.c:46 to exploit the vulnerability and cause a heap buffer overflow...
EgavilanMedia PHPCRUD 1.0 - (First Name) SQL Injection Vulnerability
Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux 10 Vulnerable...
GNU LibreDWG Memory Leak Vulnerability
LibreDWG is a free C library for reading and writing DWG files. GNU LibreDWG version 0.10 in dwgdecodeeed ... /... A memory leak vulnerability exists in /src/decode.c:3638. An attacker could cause a memory leak by exploiting this vulnerability via specially crafted input...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36637)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the bitcalcCRC ... /... /src/bits.c:2213 to exploit the vulnerability and cause a heap buffer overflow...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36645)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via the bitsearchsentinel ... /... /src/bits.c:1985 to cause a heap buffer overflow...
GNU LibreDWG Null Pointer Dereference Vulnerability (CNVD-2021-36631)
LibreDWG is a free C library for reading and writing DWG files. A null pointer dereference vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can pass the outputTEXT ... /... /programs/dwg2SVG.c:114 to exploit the vulnerability and cause the application to crash...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36648)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability via bitreadRC ... /... /src/bits.c:318 to cause a heap buffer overflow...
GNU LibreDWG Null Pointer Dereference Vulnerability (CNVD-2021-36633)
LibreDWG is a free C library for reading and writing DWG files. A null pointer dereference vulnerability exists in GNU LibreDWG version 0.10.2641. An attacker can exploit this vulnerability via htmlescape ... /... /programs/escape.c:29 to exploit the vulnerability and cause the application to cra...
Unspecified vulnerability in GNU LibreDWG memcpy-param-overlap
LibreDWG is a free C library for reading and writing DWG files. The read2004sectionheader in GNU LibreDWG version 0.10 ... /... /src/decode.c:2580 contains a security vulnerability in memcpy-param-overlap. An attacker can exploit this vulnerability to execute arbitrary code...
GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2021-36636)
LibreDWG is a free C library for reading and writing DWG files. A heap buffer overflow vulnerability exists in GNU LibreDWG version 0.10. An attacker can exploit this vulnerability by reading2004compressedsection ... /... /src/decode.c:2379 to cause a heap buffer overflow...