CVE-2026-5037

A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit ha...

CVE-2026-5037

CVE-2026-5037 affects mxml up to 4.0.4, specifically the mxmlIndexNew component in mxml-index.c. The issue is a stack-based buffer overflow triggered by manipulating the tempr argument, with exploitation restricted to local execution. Public exploit details exist and a patch identified by the has...

ROS-20260126-73-0001

A vulnerability in the index.c component of the Linux operating system kernel is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Heap Buffer Overflow

libgit2 is vulnerable to Heap Buffer Overflow. The vulnerability is due to improper handling of string paths in the hasdirname function within index.c. This logic in path processing may cause the application to crash, resulting in Denial of Service DoS...

Updated halibut packages fix security vulnerability

Use-after-free in cleanupindex in index.c CVE-2021-42612 Double free in cleanupindex in index.c CVE-2021-42613 Use-after-free in infowidthinternal in bkinfo.c CVE-2021-42614...

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

Double free

A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...

UBUNTU-CVE-2021-42613

A double free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document...

Design/Logic Flaw

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

CVE-2021-42613

CVE-2021-42613 affects Halibut 1.2, where a double free in cleanup_index() (index.c) can cause a denial of service or other unspecified impact via a crafted text document. Public sources in connected documents confirm the issue and track mitigations: Mageia reports a fix in updated halibut packag...

CVE-2021-42612

The CVE-2021-42612 issue affects Halibut 1.2, with a use-after-free in cleanup_index() in index.c that can cause a segmentation fault or other unspecified impact when processing a crafted text document. Public sources in vendor advisories and third-party disclosures confirm related fixes and upda...

CVE-2021-42612

A use after free in cleanupindex in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document...

Halibut 资源管理错误漏洞

Halibut is a secure, RPC-based open source communication framework. Halibut version 1.2 contains a denial-of-service vulnerability that stems from a mix-up in the cleanupindex directive in index.c, which is responsible for freeing memory. An attacker could exploit this vulnerability to cause a...

A heap-buffer-overflow in mobi_decode_infl in index.c

Description A heap-buffer-overflow in mobidecodeinfl in index.c Env Distributor ID: Ubuntu Description: Ubuntu 20.04 LTS Release: 20.04 Codename: focal mobitool build: May 3 2022 20:46:07 clang Ubuntu Clang 11.1.0 libmobi: 0.10 Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasa...

Buffer Over-read

Description Stack-based Buffer Overflow at index.c:991 Build git clone https://github.com/bfabiszewski/libmobi.git cd libmobi export CFLAGS="-g -O0 -lpthread -fsanitize=address" export CXXFLAGS="-g -O0 -lpthread -fsanitize=address" export LDFLAGS="-fsanitize=address" ./autogen.sh ./configure...

CVE-2018-8098

Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...

Heap overflow

The mobiparseindexentry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted mobi file...

CVE-2018-11725

The mobiparseindexentry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted mobi file...

CVE-2018-11725

The CVE-2018-11725 vulnerability affects Libmobi 0.3, where mobi_parse_index_entry (in index.c) can be exploited by a crafted MOBI file to trigger a heap-based buffer over-read, enabling information disclosure. This is a remote issue with no explicit exploit details provided in the documents. Imp...