PT-2022-22555 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A segmentation violation was discovered in SWFTools via the /multiarch/memmove-vec-unaligned-erms.S API endpoint. Recommendations: At the moment, there is no information about a newer...

lz4: memory corruption due to an integer overflow bug caused by memmove argument

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

CVE-2022-36150

tifig v0.2.2 was discovered to contain a heap-buffer overflow via asanmemmove at /asan/asaninterceptorsmemintrinsics.cpp...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

DEBIAN-CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-36150

tifig v0.2.2 was discovered to contain a heap-buffer overflow via asanmemmove at /asan/asaninterceptorsmemintrinsics.cpp...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

PT-2022-22857 · Otfcc +1 · Otfcc +1

Name of the Vulnerable Software and Affected Versions: OTFCC version 0.10.4 Description: A segmentation violation was discovered in OTFCC via the /multiarch/memmove-vec-unaligned-erms.S endpoint. Recommendations: For OTFCC version 0.10.4, consider restricting access to the...

tifig 缓冲区错误漏洞

tifig is a Monostream open source fast HEIF image converter for thumbnails. A security vulnerability exists in tifig version v0.2.2, which stems from a heap buffer overflow in its /asan/asaninterceptorsmemintrinsics.cpp component in asanmemmove...

OTFCC 缓冲区错误漏洞

OTFCC is a C library and utility program from Caryll Open Source. It is used to parse and write OpenType font files. A security vulnerability exists in OTFCC version 0.10.4, which stems from a segmentation violation in the file /multiarch/memmove-vec-unaligned-erms...

lz4: memory corruption due to an integer overflow bug caused by memmove argument

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()

The ntfs3g package is susceptible to an input validation flaw. A crafted NTFS image with invalid values could trigger an improper check. This incorrect check causes an integer overflow which then leads to a heap overflow. The highest threat from this vulnerability is to confidentiality, integrity...

NewStart CGSL MAIN 6.02 : lz4 Vulnerability (NS-SA-2022-0051)

The remote NewStart CGSL host, running version MAIN 6.02, has lz4 packages installed that are affected by a vulnerability: - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on...

lz4: memory corruption due to an integer overflow bug caused by memmove argument

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

EulerOS Virtualization 3.0.6.0 : lz4 (EulerOS-SA-2022-1083)

According to the versions of the lz4 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...

Huawei EulerOS: Security Advisory for lz4 (EulerOS-SA-2022-1083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : lz4 (EulerOS-SA-2022-1132)

According to the versions of the lz4 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...