Fedora 33 : wavpack (2021-5c83efb61c)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-5c83efb61c advisory. - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties...

[ASA-202101-23] wavpack: arbitrary code execution

Arch Linux Security Advisory ASA-202101-23 ========================================== Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-35738 Package : wavpack Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1387 Summary ======= The package wavpack before...

CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected. Mitigation If using the wavpack utility, this flaw c...

DEBIAN-CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

Integer overflow

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

UBUNTU-CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

CVE-2020-35738

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...

WavPack 缓冲区错误漏洞

WavPack is a free, open source lossless audio compression format with a .wv file extension. An out-of-bounds write vulnerability exists in WavpackPackSamples in packutils.c in WavPack 5.3.0, which stems from an integer overflow in the malloc parameter and can be exploited by an attacker to cause ...

PT-2020-5481 · Wavpack +5 · Wavpack +5

Name of the Vulnerable Software and Affected Versions: WavPack versions 5.3.0 through 5.3.2 Description: The issue is related to an out-of-bounds write in the WavpackPackSamples function in the pack utils.c file due to an integer overflow in a malloc argument. This can allow a remote attacker to...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuitry mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in several Qualcomm products, which...

EulerOS 2.0 SP9 : jbigkit (EulerOS-SA-2020-2497)

According to the version of the jbigkit package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In LibTIFF 4.0.8, there is a memory malloc failure in tifjbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of servi...

Huawei EulerOS: Security Advisory for jbigkit (EulerOS-SA-2020-2484)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : jbigkit (EulerOS-SA-2020-2484)

According to the version of the jbigkit package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In LibTIFF 4.0.8, there is a memory malloc failure in tifjbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of servi...

USN-4587-1 italc vulnerabilities

Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn't check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055...

Google gperftools 2.7 has a memory leak in malloc_extension.cc related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program

...

sploitfun-linux-x86-exp-tut-zh

This is a Linux x86 exploit development tutorial series. The series covers various topics such as buffer overflow, integer overflow, off-by-one vulnerability, return-to-libc, and ASLR bypass. The tutorials are written in Chinese and translated into English. The series includes chapters on: 1...

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. The getcount function in cplus-dem.c in GNU libiberty allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as...

Denial Of Service (DoS)

eoan is vulnerable to denial of service DoS. The vulnerability exists through an integer overflow in lsxmakelpf of effectidsp.c that occurs when a smaller than expected value is used in malloc...