PT-2023-21322 · Vox2Mesh · Vox2Mesh

Name of the Vulnerable Software and Affected Versions: vox2mesh version 1.0 Description: The issue is caused by a stack-overflow in the main.cpp file due to the incorrect use of the memcpy function. This allows an attacker to cause a denial of service abort via a crafted file. Recommendations: Fo...

syoyo tinydng 安全漏洞

syoyo tinydng is a loader and writer library by the individual developer Syoyo Fujita. A security vulnerability exists in syoyo tinydng, which stems from a problem with the function interceptormemcpy in the file tinydngloader.h, which can lead to a heap-based buffer overflow...

PT-2023-17086 · Unknown · Syoyo Tinydng

Name of the Vulnerable Software and Affected Versions: syoyo tinydng affected versions not specified Description: A problematic issue has been found, affecting the interceptor memcpy function of the file tiny dng loader.h. This leads to a heap-based buffer overflow. Local access is required for a...

ROS-20230322-01

A vulnerability in the HEIF and AVIF libheif file format decoder is related to the data parsing code of strided images in the emscripten wrapper for libheif. Exploitation of the vulnerability could allow an attacker acting remotely to use a specially crafted image file to cause a buffer overflow ...

CVE-2023-27754

CVE-2023-27754 affects vox2mesh 1.0. The vulnerability is a stack overflow in the program’s main.cpp caused by incorrect use of memcpy(), leading to denial of service via a crafted file. A PoC is available in the CVE context. Practically, this is a local attack with a high impact on availability ...

CVE-2023-27754

vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy funciton. The flow allows an attacker to cause a denial of service abort via a crafted file...

Debian: Security Advisory (DLA-48-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-0996

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

Buffer overflow

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

UBUNTU-CVE-2023-0996

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

CVE-2023-0996

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

CVE-2023-0996

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

libheif 安全漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif. An attacker exploited the vulnerability to cause a buffer overflow during a memcpy call via a specially crafted image file...

K88628547: glibc vulnerability CVE-2019-6488

Security Advisory Description The string component in the GNU C Library aka glibc or libc6 through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for sizet in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as...

K40977030: glibc vulnerability CVE-2020-6096

Security Advisory Description An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison...

PT-2025-38038

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The mpi3mr get all tgt info function contains several issues. The function incorrectly calculates the valid entry length in alltgt info by assuming an incorrect size for the header of th...

SUSE CVE-2003-0967

raddecode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service crash via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute...

SUSE CVE-2007-1387

The DirectShow loader loader/dshow/DSVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than...

SUSE CVE-2007-3764

The Skinny channel driver chanskinny in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a certain data length value...

SUSE CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...