17 matches found
JLSEC-2025-12 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of ser...
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...
EUVD-2021-20320
Malware in sbrugna...
EUVD-2021-20321
Malware in sbrugna...
libtar: out-of-bounds read in gnu_longname
A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with size in header struct being 0 to trigger a calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
libtar: out-of-bounds read in gnu_longlink
A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink causing an out-of-bounds read.
...
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname causing an out-of-bounds read.
...
CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
DEBIAN-CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
AZL-10542 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-10
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
AZL-34946 CVE-2021-33643 affecting package libtar for versions less than 1.2.20-11
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
UBUNTU-CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
UBUNTU-CVE-2021-33644
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...
openEuler 缓冲区错误漏洞
openEuler is an operating system from the Open Atomics Open Source Foundation. Open Atomics Open Source Foundation A security vulnerability exists in versions 20.03-LTS-SP1, 20.03-LTS-SP3, and 22.03-LTS of openEuler, which stems from the fact that an attacker who submits a specially crafted tar...
PT-2022-10277 · Alt Linux +7 · Alt Linux +7
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger a call to malloc0 for a variable gnu longname,...
PT-2022-10276 · Alt Linux +7 · Alt Linux +7
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows an attacker to trigger an out-of-bounds read by submitting a crafted tar file with a size of 0 in the header struct. This can cause the...
cairo cairo-truetype-subset.c file denial of service vulnerability
cairo is a cross-platform open source vector graphics library developed by software developers Carl Worth and Behdad Esfahbod, which supports 2D drawing in multiple contexts and provides high-quality display and printouts. A security vulnerability exists in the cairo-truetype-subset.c file in cai...