CVE-2026-57451

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

CVE-2026-3390

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

CVE-2026-3390 FascinatedBox lily Error Reporting lily_build_error.c patch_line_end out-of-bounds

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

CVE-2026-3390 FascinatedBox lily Error Reporting lily_build_error.c patch_line_end out-of-bounds

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

lily 缓冲区错误漏洞

Lily is a programming language developed by FascinatedBox’s individual developers. Versions of Lily prior to 2.3 contained a buffer error vulnerability, which stemmed from an out-of-bounds read in the patchlineend function within the component’s Error Reporting module, located at...

git: Git arbitrary code execution

A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return CR are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read,...

git: Git arbitrary code execution

A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return CR are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read,...

PYSEC-2024-295

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash...

SUSE CVE-2024-45306

Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop ...

SUSE CVE-2017-7703

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly...

vim: Fix of CVE-2023-0433

CVE-2023-0433: check for not going over the end of the line...

CLSA-2022-1657182150 Fix CVE(s): CVE-2022-2129, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into th...

Mutt 缓冲区错误漏洞

Mutt is a text-based email client for Unix-like systems by Michael Elkins, a personal developer. A security vulnerability exists in Mutt versions 0.94.13 through 2.2.3, which stems from a buffer overflow issue that allows the application to read the end of an input line...

CVE-2021-36159

libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...

libfetch 缓冲区错误漏洞

libfetch is a browser extension that makes it easier to access the content of electronic resources subscribed to by the NIE Library. A buffer error vulnerability exists in libfetch that stems from incorrectly handling strings of numbers for the FTP and HTTP protocols. the FTP passive mode...

UBUNTU-CVE-2017-7703

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly...