Lucene search
K

38 matches found

NVD
NVD
added 2018/04/29 3:29 p.m.21 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.2AI score0.01631EPSS
Exploits1References8
CVE
CVE
added 2018/04/29 3:0 p.m.159 views

CVE-2018-10540

CVE-2018-10540 affects WavPack up to version 5.1.0 (W64 input). The vulnerability arises from ParseWave64HeaderConfig not validating unknown chunk sizes before memory allocation, combined with a lack of integer-overflow protection in a bytes_to_copy calculation and the subsequent malloc, which ca...

5.5CVSS5.7AI score0.01668EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2018/04/29 3:0 p.m.33 views

CVE-2018-10539

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...

5.9AI score0.01668EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2018/04/29 3:0 p.m.47 views

CVE-2018-10539

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...

5.5CVSS6.4AI score0.01668EPSS
Exploits1
CVE
CVE
added 2018/04/29 3:0 p.m.183 views

CVE-2018-10538

The CVE-2018-10538 issue affects WavPack up to version 5.1.0 for WAV input, where ParseRiffHeaderConfig in riff.c may allocate insufficient memory due to not validating unknown chunk sizes and a vulnerable bytes_to_copy/malloc path. This can cause out-of-bounds writes and memory allocation errors...

5.5CVSS5.7AI score0.01631EPSS
Exploits1References8Affected Software1
AlpineLinux
AlpineLinux
added 2018/04/29 3:0 p.m.49 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.1AI score0.01631EPSS
Exploits1
Cvelist
Cvelist
added 2018/04/29 3:0 p.m.30 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.9AI score0.01631EPSS
Exploits1References8
AlpineLinux
AlpineLinux
added 2018/04/29 3:0 p.m.78 views

CVE-2018-10539

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...

5.5CVSS6AI score0.01668EPSS
Exploits1
Debian CVE
Debian CVE
added 2018/04/29 3:0 p.m.46 views

CVE-2018-10540

An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.4AI score0.01668EPSS
Exploits1
Debian CVE
Debian CVE
added 2018/04/29 3:0 p.m.41 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.5AI score0.01631EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/04/29 12:0 a.m.23 views

CVE-2018-10539

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...

5.5CVSS6.8AI score0.01668EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2018/04/29 12:0 a.m.32 views

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...

5.5CVSS6.8AI score0.01631EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2017/11/29 9:49 a.m.27 views

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

7.8CVSS6.5AI score0.02201EPSS
Exploits1References1
OSV
OSV
added 2017/11/15 8:29 a.m.16 views

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

7.8CVSS7.4AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/11/15 8:29 a.m.26 views

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

7.8CVSS6.9AI score0.02201EPSS
Exploits1References1
NVD
NVD
added 2017/11/15 8:29 a.m.17 views

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

7.8CVSS7.9AI score0.02201EPSS
Exploits1References4
Prion
Prion
added 2016/07/11 1:59 a.m.17 views

Integer overflow

The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...

9.3CVSS7.3AI score0.00545EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.33 views

CVE-2014-9799

The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an integer-overflow protectio...

9.3CVSS7.1AI score0.00545EPSS
Exploits0References3
Rows per page
Query Builder