Astra Linux - уязвимость в ffmpeg5

FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the avmalloc function in libavutil/mem.c:105:9 component...

EUVD-2005-2749

Malware in sbrugna...

EUVD-2023-39949

Malicious code in bioql PyPI...

EUVD-2023-39951

Malicious code in bioql PyPI...

GNU Binutils ld libbfd.c bfd_malloc memory leak

...

CVE-2005-2748

The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application...

PT-2023-9358 · FFmpeg +4 · Ffmpeg +4

Name of the Vulnerable Software and Affected Versions: Ffmpeg version v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow in the av malloc function, located in the libavutil/mem.c component of the Ffmpeg library. This buffer overflow is caused by copying without checking t...

CVE-2023-35965

Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow result is...

CVE-2023-35967

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

CVE-2023-35967

Two heap-based buffer overflow vulnerabilities exist in the gwcfgcgisetmanagepostdata functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities.This integer overflow...

PT-2023-23516 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: The issue is related to an out-of-memory problem in the malloc function. Recommendations: For Jerryscript version 3.0 commit 05dbbd1, consider restricting memory allocation to prevent...

UBUNTU-CVE-2022-45587

Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service...

SUSE CVE-2012-2673

Multiple integer overflows in the 1 GCgenericmalloc and 2 calloc functions in malloc.c, and the 3 GCgenericmallocignoreoffpage function in mallocx.c in Boehm-Demers-Weiser GC libgc before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows...

CVE-2021-33643

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

PT-2022-10248

Name of the Vulnerable Software and Affected Versions NASM version 2.16rc0 Description An issue was discovered in the NASM software, specifically memory leaks in the nasm malloc function located in nasmlib/alloc.c. Recommendations For NASM version 2.16rc0, consider restricting the use of the nasm...

CVE-2021-34405

NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEEMalloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service...

Integer overflow

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

CVE-2021-31873

An issue was discovered in klibc before 2.0.9. Additions in the malloc function may result in an integer overflow and a subsequent heap buffer overflow...

NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has glibc packages installed that are affected by multiple vulnerabilities: - The idnatoascii4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via 6...