Buffer Overflows

gpac is vulnerable to Buffer Overflows. The vulnerability found within the filters/loadtext.c file, which causes the program to copy the input buffer into the output buffer without verifying the buffer size resulting in buffer overflows...

SUSE CVE-2019-11461

An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling terminal, allowing...

SUSE-SU-2023:2620-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2023-1255: Fixed input buffer over-read in AES-XTS implementation on 64 bit ARM bsc1210714. - CVE-2023-2650: Fixed possible DoS translating ASN.1 object identifiers bsc1211430...

Moderate: Red Hat Security Advisory: openssl security and bug fix update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM

A vulnerability was found in OpenSSL. This security flaw occurs because the AES-XTS cipher decryption implementation for the 64-bit ARM platform contains an issue that could cause it to read past the input buffer, leading to a crash...

CVE-2023-30576 Apache Guacamole: Use-after-free in handling of RDP audio input buffer

Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...

CVE-2023-30576 Apache Guacamole: Use-after-free in handling of RDP audio input buffer

Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process...

PT-2023-13246 · Qualcomm · Snapdragon +45

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption in the core due to a buffer copy without checking the size of the input while processing ioctl queries...

CVE-2023-1255

A vulnerability was found in OpenSSL. This security flaw occurs because the AES-XTS cipher decryption implementation for the 64-bit ARM platform contains an issue that could cause it to read past the input buffer, leading to a crash...

CVE-2023-1255 Input buffer over-read in AES-XTS implementation on 64 bit ARM

Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The...

Buffer Overflow

libraw.so is vulnerable to Buffer Overflows. The vulnerability exists in librawdatastream.cpp because the input buffer size on datastream::gets is not properly checked, resulting in an application crash...

K34239812: Libexpat vulnerability CVE-2019-15903

Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. CVE-2019-15903...

SUSE CVE-2016-2568

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

SUSE CVE-2016-2781

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

SUSE CVE-2016-10124

An issue was discovered in Linux Containers LXC before 2016-02-22. When executing a program via lxc-attach, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an attacker to escape the container...

ASB-A-253337348

The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow...

SUSE-SU-2022:4293-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2022-39318: Fixed division by zero in urbdrc bsc1205563. - CVE-2022-39319: Fixed missing input buffer length check in urbdrc bsc1205564...

Design/Logic Flaw

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a C source from Insyde Corporation, Taiwan, which implements the new technology "EFI/UEFI" specification designed to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O NvmExpressLegacy, which originates from the SMI...

CVE-2022-33905

DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler could cause SMRAM corruption a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the AhciBusDxe driver could cause SMRAM corruption through...