Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...

CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

EUVD-2026-1386

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to a null pointer passed to memcpy in CIccTagSparseMatrixArray. This issue has been patched in...

kernel: cifs: fix oops during encryption

An out-of-bounds memory access vulnerability exists in the linux kernel, such that A stack-allocated buffer backed by vmalloc was passed into crypto code scatterwalkmapandcopy → memcpy where a cross-page write occurred. This ended up hitting a read-only mapping, causing a page-level fault and...

Linux Distros Unpatched Vulnerability : CVE-2025-62672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in t...

UBUNTU-CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

Linux Distros Unpatched Vulnerability : CVE-2022-50094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions tracespmiwritebegin and tracespmireadend both call memcpy with a length of len + 1. This...

SUSE CVE-2022-50094

In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions tracespmiwritebegin and tracespmireadend both call memcpy with a length of "len + 1". This leads to one extra byte being read beyond the end of the specified...

UBUNTU-CVE-2022-50094

In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions tracespmiwritebegin and tracespmireadend both call memcpy with a length of "len + 1". This leads to one extra byte being read beyond the end of the specified...

DrayTek Vigor 3910 安全漏洞

The DrayTek Vigor 3910 is a high-performance router for enterprise networks from China's DrayTek. A security vulnerability exists in the DrayTek Vigor 3910 version 4.3.2.6 and prior versions, which originates from a byte symbol expansion operation in the memcpy call of the ftpayloaddns function,...

CVE-2022-48839

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket is using PACKETCOPYTHRESH and mmap operations, tpacketrcv is queueing skbs with garbage in skb-cb, triggering a too big copy 1...

DEBIAN-CVE-2021-47288

In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngenecommandconfigfreebuf Fix an 11-year old bug in ngenecommandconfigfreebuf while addressing the following warnings caught with -Warray-bounds: arch/alpha/include/asm/string.h:22:16:...

SUSE CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

SUSE CVE-2008-4683

The dissectbtacl function in packet-bthciacl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service application crash or abort via a packet with an invalid length, related to an erroneous tvbmemcpy call...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A security vulnerability exists in SWFTools that stems from the discovery of a contained heap buffer overflow via the asanmemcpy function in...

CVE-2022-37416

Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2mcfullxfully8x8...

PT-2024-11291 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is an out-of-bounds bug in the ngene command config free buf function. The problem arises because the original code attempts to copy 6 bytes of data into a one-byte size memb...

CVE-2021-30019

In the adtsdmxprocess function in filters/reframeadts.c in GPAC 1.0.1, a crafted file may cause ctx-hdr.framesize to be smaller than ctx-hdr.hdrsize, resulting in size to be a negative number and a heap overflow in the memcpy...