RockyLinux 9 : httpd (RLSA-2026:21391)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

GLSA-202211-08 : sudo: Heap-Based Buffer Overread

The remote host is affected by the vulnerability described in GLSA-202211-08 sudo: Heap-Based Buffer Overread - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can...

PT-2020-19191 · Mats Peterson +5 · Jhead +5

Name of the Vulnerable Software and Affected Versions: jhead versions 3.04 and earlier Description: The issue is a heap-based buffer over-read in the process DQT function located in jpgqguess.c. This occurs in the processing of certain data. Recommendations: For versions 3.04 and earlier, at the...

Debian: Security Advisory (DLA-1912-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1912-1] expat security update

Package : expat Version : 2.1.0-6+deb8u6 CVE IDs : CVE-2019-15903 Debian Bug : 939394 It was discovered that there was a heap-based buffer overread vulnerability in expat, an XML parsing library. A specially-crafted XML input could fool the parser into changing from DTD parsing to document parsin...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service DoS attacks. The vulnerability exists due to a heap-based buffer overread issue in Exiv2::Internal::PngChunk::keyTXTCheck of pngchunkint.cpp, causing DoS attacks...

UBUNTU-CVE-2017-9727

The gxttfReaderRead function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document...

Heap-based Buffer Overread

The nokogiri gem contains a libxml2 package which is vulnerable to a heap-based buffer overread vulnerability. The vulnerability in libxml2 is referenced as CVE-2016-1833. Using a flaw in the htmlCurrentChar function, attackers can trigger the vulnerability using malicious XML input...

Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1292 advisory. - Heap-based buffer overread in xmlNextChar CVE-2016-1762 - Bug 763071: Heap-buffer-overflow in xmlStrncat CVE-2016-1834 - Bug 757711:...

Fedora 21 : unzip-6.0-20.fc21 (2015-2035)

Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread 1174844 - Fix CVE-2014-8140 - out-of-bounds write issue in testcompreb 1174851 - Fix CVE-2014-8141 - getZip64Data out-of-bounds read issues 1174856 - Fix buffer overflow on long file sizes 1191136 - CVE-2014-9636 unzip:...