Race condition

Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

CVE-2015-1607

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service invalid read operation via a crafted keyring file, related to sign extensions and "memcpy with overlappi...

CVE-2015-1607

Technical details of CVE-2015-1607 are not provided in the connected documents. The Initial Description mentions GNUPG but lacks vendor/product/version specifics beyond that. Monitor for updates.

CVE-2015-1607

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service invalid read operation via a crafted keyring file, related to sign extensions and "memcpy with overlappi...

CVE-2015-1607

kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service invalid read operation via a crafted keyring file, related to sign extensions and "memcpy with overlappi...

CVE-2019-17266

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...

elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

php: memcpy with negative length via crafted DNS response

An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dnsgetrecord misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects phpparser...

Vulnerability of the MSVCR90!memcpy function in the WebAccess HMI Designer software for developing and managing HMI applications. This vulnerability allows attackers to cause system failures.

The vulnerability of the MSVCR90!memcpy function 0x000000000000015c in the WebAccess HMI Designer software for developing and managing HMI applications is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause...

mysql-server:fuzz_real_query: Memcpy-param-overlap in read_ok_ex

Project: https://github.com/mysql/mysql-server.git Detailed Report: https://oss-fuzz.com/testcase?key=5745581829390336 Project: mysql-server Fuzzing Engine: libFuzzer Fuzz Target: fuzzrealquery Job Type: libfuzzerasanmysql-server Platform Id: linux Crash Type: Memcpy-param-overlap Crash Address:...

imagemagick:encoder_heic_fuzzer: Memcpy-param-overlap in NAL_unit::set_data

Project: https://github.com/imagemagick/imagemagick.git Detailed Report: https://oss-fuzz.com/testcase?key=5698815994101760 Project: imagemagick Fuzzing Engine: libFuzzer Fuzz Target: encoderheicfuzzer Job Type: libfuzzerasani386imagemagick Platform Id: linux Crash Type: Memcpy-param-overlap Cras...

Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File Exploit

We have encountered a Windows kernel crash in memcpy called by nt!MiRelocateImage while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug i...

Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File

We have encountered a Windows kernel crash in memcpy called by nt!MiParseImageLoadConfig while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering th...

Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File

Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File We have encountered a Windows kernel crash in memcpy called by nt!MiRelocateImage while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFI...

CVE-2019-17260

MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data Move starting at mpchc!memcpy+0x000000000000004e...

CVE-2019-17266

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...

openSUSE Security Update : u-boot (openSUSE-2019-2233)

This update for u-boot fixes the following issues : Security issues fixed : - CVE-2019-13106: Fixed stack-based buffer overflow via a crafted ext4 filesystem that may lead to code execution bsc1144656. - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount o...

openSUSE: Security Advisory for u-boot (openSUSE-SU-2019:2235-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for u-boot (moderate)

openSUSE Security Update: Security update for u-boot Announcement ID: openSUSE-SU-2019:2233-1 Rating: moderate References: 1144656 1144675 Cross-References: CVE-2019-13104 CVE-2019-13106 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

Security update for u-boot (moderate)

openSUSE Security Update: Security update for u-boot Announcement ID: openSUSE-SU-2019:2235-1 Rating: moderate References: 1144656 1144675 Cross-References: CVE-2019-13104 CVE-2019-13106 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description:...