1716 matches found
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
WebKit JSC JSArray::appendMemcpy Uninitialized Memory Copy Vulnerability
WebKit suffers from a JSC JSArray::appendMemcpy uninitialized memory copy vulnerability. WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy CVE-2017-7064 WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy Here's a snippet of JSArray::appendMemcpy. bool...
FontForge Denial of Service Vulnerability
FontForge is an open source font editing tool that supports multiple languages. A security vulnerability exists in the weight vector memcpy call to readcfftopdict in FontForge version 20161012. An attacker can exploit this vulnerability to cause a denial of service with the help of an otf file...
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
CVE-2017-11576
CVE-2017-11576 affects FontForge (min. FontForge 20161012). The root cause is a check failure in a weight vector memcpy in readcfftopdict (parsettf.c), which can lead to a denial of service or recovery via a crafted OpenType font file. Public sources in connected documents confirm the vulnerabili...
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
CVE-2017-11576
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...
The vulnerability of the avcodec codec in the VideoLAN Media Player allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the avcodec codec in the VideoLAN Media Player media player arises from an operation that goes beyond buffer boundaries in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure termination of the applicatio...
Internet Bug Bounty: PHP OpenSSL zif_openssl_seal() heap overflow (wild memcpy)
Description: A wild memcpy is discovered in the openssl package included in stable PHP release. During parsing a PEM certificate in opensslseal, an invalid key length is produced after parsing, eskl0 value is -1 after the call to EVPSealInit, subsequently causing a heap overflow via a wild memcpy...
CVE-2017-0340
An elevation of privilege vulnerability in the NVIDIA Libnvparser component due to a memcpy into a fixed sized buffer with a user-controlled size could lead to a memory corruption and possible remote code execution. This issue is rated as High. Product: Android. Version: N/A. Android ID:...
CVE-2017-0340
CVE-2017-0340 is an elevation of privilege in the NVIDIA Libnvparser component for Android, caused by a memcpy into a fixed-size buffer with user-controlled size that can lead to memory corruption and possible remote code execution. The entry is rated HIGH (CVSSv3 7.8, CVSSv2 9.3) and has no expl...
CVE-2017-0340
An elevation of privilege vulnerability in the NVIDIA Libnvparser component due to a memcpy into a fixed sized buffer with a user-controlled size could lead to a memory corruption and possible remote code execution. This issue is rated as High. Product: Android. Version: N/A. Android ID:...
VideoLAN VLC avcodec Denial of Service Vulnerability
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc., etc...
CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...
CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...
CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...
CVE-2017-10699
CVE-2017-10699 affects VLC media player (v2.2.x) where avcodec 2.2.x can perform an out-of-bounds heap memory write by calling memcpy() with an incorrect size in VLC before 2.2.7, potentially crashing the application or enabling code execution. Public advisories and vendor patches indicate fixes ...
CVE-2017-10699
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy with a wrong size, leading to a denial of service application crash or possibly code execution...