857 matches found
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
UBUNTU-CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
CVE-2019-19004
A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image...
CVE-2019-19004
CVE-2019-19004 affects autotrace 0.31.1: an integer overflow (biWidth*biBitCnt) in input-bmp.c can cause a malformed value to be passed to malloc via a BMP image. The vulnerability is part of multiple autotrace issues (also cited as CVE-2019-19005 and CVE-2022-32323 in related advisories). Impact...
PT-2021-17305 · Unknown · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: Fluent Bit version 1.6.10 Description: The issue is related to a NULL pointer dereference that occurs when the return value of flb malloc is not validated by flb avro.c or http server/api/v1/metrics.c. This can lead to a crash or potentially...
Fedora 32 : wavpack (2021-de45e7bb88)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-de45e7bb88 advisory. - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties...
CVE-2020-27274
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller versions prior to 6.3.0.8233...
CVE-2020-27274
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller versions prior to 6.3.0.8233...
Design/Logic Flaw
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller versions prior to 6.3.0.8233...
CVE-2020-11136
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
Buffer overflow
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
CVE-2020-11136
CVE-2020-11136 corresponds to a buffer over-read in the Qualcomm audio driver caused by not returning NULL for a zero-sized memory request in the vulnerable Snapdragon family (Auto/Compute/Connectivity/IOT/Mobile, etc.). The issue affects Qualcomm closed‑source components and is listed as Critica...
CVE-2020-11136
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon...
Fedora 33 : wavpack (2021-5c83efb61c)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-5c83efb61c advisory. - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties...
[ASA-202101-23] wavpack: arbitrary code execution
Arch Linux Security Advisory ASA-202101-23 ========================================== Severity: Medium Date : 2021-01-12 CVE-ID : CVE-2020-35738 Package : wavpack Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1387 Summary ======= The package wavpack before...
CVE-2020-35738
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected. Mitigation If using the wavpack utility, this flaw c...
CVE-2020-35738
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...
DEBIAN-CVE-2020-35738
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...
Integer overflow
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...
UBUNTU-CVE-2020-35738
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected...