1716 matches found
CVE-2021-25456
OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file...
CVE-2021-21813
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflo...
CVE-2021-31292
A flaw was found in exiv2. A integer wraparound in the CrwMap:encode0x1810 function leads to memcpy call with a very large size allowing an attacker, who can provide a malicious image, to crash an application which uses the exiv2 library. The highest threat from this vulnerability is to service...
Arbitrary Code Execution
hdf5 is vulnerable to arbitrary code execution. A memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c allows an attacker to execute arbitrary code on the host OS...
Debian DLA-2716-1 : pillow - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2716 advisory. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer...
PT-2021-21415 · Hdf5 +1 · Hdf5 +1
Name of the Vulnerable Software and Affected Versions: matio aka MAT File I/O Library versions 1.5.20 through 1.5.21 Description: The issue is related to a heap-based buffer overflow in the H5MM memcpy function, which is called from H5MM malloc and H5C load entry. This overflow is associated with...
PT-2024-11291 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is an out-of-bounds bug in the ngene command config free buf function. The problem arises because the original code attempts to copy 6 bytes of data into a one-byte size memb...
EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2021-2227)
According to the version of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size.CVE-2021-25290 Note...
GSD-2021-1001144 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13 by commit...
UVI-2021-1001144 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13 by commit...
GSD-2021-1001135 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.14 by commit...
UVI-2021-1001135 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.14 by commit...
GSD-2021-1001127 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.47 by commit...
UVI-2021-1001127 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.47 by commit...
GSD-2021-1001120 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.129 by commit...
UVI-2021-1001120 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.129 by commit...
UVI-2021-1001112 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.196 by commit...
GSD-2021-1001107 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.238 by commit...
UVI-2021-1001107 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.238 by commit...
UVI-2021-1001101 net: qed: Fix memcpy() overflow of qed_dcbx_params()
net: qed: Fix memcpy overflow of qeddcbxparams This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.274 by commit...