CVE-2023-2194

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data-block0" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dmabuffer. This flaw could allow a local privilege...

Updated libheif packages fix security vulnerability

Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. CVE-2023-0996...

CVE-2023-27729

Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njsvmcodereturn at src/njsvmcode.c...

CVE-2023-27729

Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njsvmcodereturn at src/njsvmcode.c...

Code injection

Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njsvmcodereturn at src/njsvmcode.c...

CVE-2023-27729

Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njsvmcodereturn at src/njsvmcode.c...

F5 Nginx 安全漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in F5 Nginx NJS version...

CVE-2023-27729

Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njsvmcodereturn at src/njsvmcode.c...

CVE-2023-27729

Summary: CVE-2023-27729 affects Nginx NJS 0.7.10. The issue is an illegal memcpy in the function njs_vmcode_return in src/njs_vmcode.c, which can lead to a memory overflow. The CVSS 3.1 base score is 7.5 (HIGH) with NETWORK attack vector, no privileges, no user interaction, and availability impac...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libheif (SUSE-SU-2023:1766-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1766-1 advisory. - There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. ...

CVE-2023-28506

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login t...

Stack overflow

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login t...

CVE-2023-28506 Stack buffer overflow in UniRPC service

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login t...

Rocket Software UniData 和 UniVerse 缓冲区错误漏洞

Rocket Software UniVerse and Rocket Software UniData are both products of Rocket Software, Inc. Rocket Software UniVerse is a suite of database management and support software now owned by Rocket Software. Software UniData is a MultiValue application platform. Rocket Software UniData is a...

The vulnerability of the Emscripten compiler in the encoding and decoding library for HEIF and AVIF files, which allows a hacker to trigger a service failure.

The vulnerability of the Emscripten compiler in the library for encoding and decoding HEIF and AVIF files is related to the copying of buffers without checking the size of the input data during image processing using the strided function. Exploiting this vulnerability can allow an attacker to cau...

CVE-2023-27754

vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy funciton. The flow allows an attacker to cause a denial of service abort via a crafted file...

CVE-2023-27754

vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy funciton. The flow allows an attacker to cause a denial of service abort via a crafted file...

Stack overflow

vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy funciton. The flow allows an attacker to cause a denial of service abort via a crafted file...

CVE-2023-1570

A vulnerability, which was classified as problematic, has been found in syoyo tinydng. Affected by this issue is the function interceptormemcpy of the file tinydngloader.h. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been...

CVE-2023-27754

vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy funciton. The flow allows an attacker to cause a denial of service abort via a crafted file...