36 matches found
EUVD-2019-19094
Malware in sbrugna...
EUVD-2009-0837
Malware in sbrugna...
CVE-2023-24551
A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...
CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
CVE-2023-24551
A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...
CVE-2023-24551
A vulnerability has been identified in Solid Edge SE2022 All versions V222.0MP12, Solid Edge SE2023 All versions V223.0Update2. The affected application is vulnerable to heap-based buffer underflow while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute...
CVE-2023-24551
CVE-2023-24551 affects Siemens/Solid Edge SE2022 and SE2023. The issue is a heap-based buffer underflow when parsing specially crafted PAR files, enabling code execution in the current process. Affected products are: Solid Edge SE2022: all versions prior to V222.0MP12 Solid Edge SE2023: all versi...
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNPReceiveUnreliableSegment, leading to a Heap-Based Buffer Underflow and a free of memory not from the heap, resulting in a memory corruption and probably even a remot...
CVE-2020-6016
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNPReceiveUnreliableSegment, leading to a Heap-Based Buffer Underflow and a free of memory not from the heap, resulting in a memory corruption and probably even a remot...
Remote Code Execution (RCE)
php is vulnerable to remote code execution. An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir function. If a remote attacker could upload an excessively large number of files to a directory the scandir function runs on, it could cause the PHP...
CVE-2019-9729
In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow...
CVE-2016-10402
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow...
CVE-2016-10402
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow...
Heap overflow
The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...
CVE-2017-11110
The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...
CVE-2017-11110
The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...
CVE-2017-11110
CVE-2017-11110 affects catdoc 0.95, with a heap-based buffer underflow in ole_init (ole.c) that can be triggered by a crafted file, potentially allowing remote denial of service or other impact. Public advisories from Mageia, Debian, openSUSE, and others confirm the issue and provide patches; exa...
CVE-2017-11110
The oleinit function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service heap-based buffer underflow and application crash or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer...
Amazon Linux AMI : libxml2 (ALAS-2012-143)
A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the...
USN-1656-1: Libxml2 vulnerability
It was discovered that libxml2 had a heap-based buffer underflow when parsing entities. If a user or automated system were tricked into processing a specially crafted XML document, applications linked against libxml2 could be made to crash or possibly execute arbitrary code...