CVE-2017-9693

The length of attribute value for STAEXTCAPABILITY in wlanhddchangestation in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extncapability results in a read for extra bytes when a memcpy is done from params-extcapab to...

CVE-2017-9693

CVE-2017-9693 describes a local vulnerability in Android for MSM, Firefox OS for MSM, and QRD Android where the length of the STA_EXT_CAPABILITY attribute value is shorter than StaParams.extn_capability, causing a memcpy from params->ext_capab to StaParams.extn_capability to read extra bytes. ...

CVE-2017-9693

The length of attribute value for STAEXTCAPABILITY in wlanhddchangestation in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extncapability results in a read for extra bytes when a memcpy is done from params-extcapab to...

Windows Kernel 64-bit stack memory disclosure in win32k!XDCOBJ::RestoreAttributes(CVE-2018-0811)

We have discovered that the win32k!XDCOBJ::RestoreAttributes function leaks portions of uninitialized kernel stack memory to user-mode address space on Windows 7 to 10. It was confirmed on 64-bit platforms, 32-bit builds were not tested. The overall copied memory area is 0x1a0 bytes long, 4 of...

CVE-2017-18234

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...

Design/Logic Flaw

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...

CVE-2018-7437

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parseSST function...

CVE-2018-7437

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parseSST function...

CVE-2018-5766

In Libav through 12.2, there is an invalid memcpy in the avpacketref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault via a crafted avi file...

UBUNTU-CVE-2018-5766

In Libav through 12.2, there is an invalid memcpy in the avpacketref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault via a crafted avi file...

CVE-2018-5766

CVE-2018-5766 affects Libav up to version 12.2, due to an invalid memcpy in av_packet_ref (libavcodec/avpacket.c). Remote attackers could trigger a denial of service (segmentation fault) via a crafted AVI file. Public references/contexts include: Debian DLA-1907-1 notes fixed packages in libav 6:...

CVE-2018-5766

In Libav through 12.2, there is an invalid memcpy in the avpacketref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault via a crafted avi file...

CVE-2018-5684

In Libav through 12.2, there is an invalid memcpy call in the ffmovreadstsdentries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault and program failure with a crafted avi file...

CVE-2018-5684

In Libav through 12.2, there is an invalid memcpy call in the ffmovreadstsdentries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault and program failure with a crafted avi file...

CVE-2018-5684

In Libav through 12.2, there is an invalid memcpy call in the ffmovreadstsdentries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service segmentation fault and program failure with a crafted avi file...

CVE-2018-5684

CVE-2018-5684 affects Libav up to version 12.2. The vulnerability is an invalid memcpy call in the function ff_mov_read_stsd_entries within libavformat/mov.c. A remote attacker can cause a denial of service (segmentation fault) and program failure by supplying a crafted AVI file. No patch/version...

PoDoFo Denial of Service Vulnerability (CNVD-2018-03971)

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the 'PdfMemoryOutputStream::Write' function in the base/PdfOutputStream.cpp file in PoDoFo version 0.9.5, which stems from a program that does not properly validate the 'memcp...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

Microsoft Windows win32kbase!NtQueryCompositionInputQueueAndTransform Kernel Stack Memory Disclosure

The win32k!NtQueryCompositionInputQueueAndTransform system call may disclose portions of uninitialized kernel stack memory to user-mode clients on Windows 10. Windows Kernel stack memory disclosure in win32kbase!NtQueryCompositionInputQueueAndTransform We have discovered that the...