130 matches found
Important: postgresql17
Issue Overview: Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions...
libcoap 安全漏洞
Libcoap is a lightweight application protocol implementation developed by ObgM. Libcoap has a security vulnerability, which stems from out-of-bounds read operations during the CBOR decapsulation processing in OSCORE Appendix B.2. This vulnerability may lead to a heap buffer overflow attack throug...
CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2021-27427
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27439
TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tosmmheapalloc incorrect calculation of effective memory allocation size. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code...
CVE-2021-27431
ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...
CVE-2021-27435
ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in mallocwrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27419
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2024-2452
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of portablealignedalloc could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows...
iccDEV 缓冲区错误漏洞
iccDEV is a color configuration codebase open-sourced by the International Color Consortium ICC. A buffer error vulnerability exists in iccDEV version 2.3.1.1 and earlier, which stems from a post-release reuse, heap-based buffer overflow, and integer overflow or wrap-around error and out-of-bound...
EUVD-2021-14179
Malware in sbrugna...
EUVD-2021-14185
Malware in sbrugna...
EUVD-2021-14193
Malware in sbrugna...
EUVD-2016-3226
Malware in sbrugna...
EUVD-2021-14165
Malware in sbrugna...
EUVD-2007-2958
Malware in sbrugna...
EUVD-2021-14189
Malware in sbrugna...
EUVD-2021-13266
Malware in sbrugna...
EUVD-2021-14187
Malware in sbrugna...