PT-2025-4768

Name of the Vulnerable Software and Affected Versions FastCGI fcgi2 versions 2.x through 2.4.4 Description The issue is related to an integer overflow and a resultant heap-based buffer overflow in the FastCGI library, specifically in the ReadParams function in fcgiapp.c. This occurs when crafted...

CVE-2024-46613

WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects stringfreesplitshared , stringfreesplit, stringfreesplitcommand, and stringfreesplittags...

CVE-2023-38103

GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

CVE-2024-21470 Integer Overflow to Buffer Overflow in Graphics Windows

Memory corruption while allocating memory for graphics...

MGASA-2024-0077 Updated libtiff packages fix security vulnerabilities

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. CVE-2023-40745 A vulnerability was found in libtiff due to...

Advisory ROSA-SA-2024-2336

software: hiredis 0.13.3 AXIS: ROSA-CHROME packageevrstring: hiredis-0.13.3-2.src.rpm CVE-ID: CVE-2021-32765 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: In vulnerable versions, Hiredis is vulnerable to integer overflow if provided with maliciously crafted or corrupted RESP mult-bulk protocol data. Whe...

Fedora 39 : gtkwave (2024-2647382c5f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2647382c5f advisory. Cumulative bug-fix update. This update includes fixes for multiple security issues found by Talos in which specially crafted input files could lead ...

PT-2024-1803

Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The issue is related to the CreateHob function in EDK2, which is susceptible to an integer overflow that can lead to a buffer overflow. This can be triggered via a local network, potentially...

SUSE-SU-2023:4216-1 Security update for zlib

This update for zlib fixes the following issues: - CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent bsc1216378...

PT-2023-6402

Name of the Vulnerable Software and Affected Versions zlib versions through 1.3 pyminizip versions through 0.2.6 Description The issue is related to an integer overflow and resultant heap-based buffer overflow in the zipOpenNewFileInZip4 64 function of the MiniZip package in zlib, which can be...

CVE-2022-48335

Widevine Trusted Application TA 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow...

CVE-2023-33863

SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow with a resultant Buffer Overflow. 0xffffffff is sign-extended to 0xffffffffffffffff SIZEMAX and then there is an attempt to add 1...

MGASA-2022-0403 Updated nbd packages fix security vulnerability

It was discovered that nbd prior to 3.24 contained an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name resulting in a write to a dangling pointer CVE-2022-26495. Stack-based...

USN-5708-1: backport-iwlwifi-dkms vulnerabilities

Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-41674 Sönke Hust...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GMP vulnerability (USN-5672-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5672-1 advisory. It was discovered that GMP did not properly manage memory on 32-bit platforms when processing a specially crafted input. An attacker could...

CVE-2022-27114

There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...

CVE-2021-27417 eCosCentric eCosPro RTOS Integer Overflow or Wraparound

eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc an implementation of malloc. The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow...

Mageia: Security Advisory (MGASA-2014-0211)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

rustc:sid is vulnerable to denial of service. The Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2021-2278)

According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could...