CVE-2021-45955

A heap-based out-of-bounds WRITE flaw was found in dnsmasq. A remote attacker who can trigger a packet resize can use this flaw to write up to 50 bytes to the heap via a memmove call...

Mageia: Security Advisory (MGASA-2021-0229)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2021-46313

The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function memmoveavxunalignederms . This vulnerability can lead to a Denial of Service DoS...

UBUNTU-CVE-2021-46313

The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function memmoveavxunalignederms . This vulnerability can lead to a Denial of Service DoS...

GPAC 安全漏洞

GPAC is an open source multimedia framework. a security vulnerability exists in GPAC, which stems from a binary MP4Box in GPAC v1.0.1 that was found to contain a segmentation error via the function memmove avx unaligned erms. An attacker could exploit this vulnerability to cause a denial of servi...

CVE-2021-46333

Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component asanmemmove...

Moddable SDK 缓冲区错误漏洞

Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable USA. a security vulnerability exists in Moddable SDK v11.5.0, which stems from an invalid memory access in component asanmemmove. No details of the vulnerability are currently available...

EulerOS Virtualization 3.0.2.0 : lz4 (EulerOS-SA-2021-2831)

According to the versions of the lz4 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...

A crafted NTFS image can cause an integer overflow in memmove leading to a heap-based buffer overflow in the function ntfs_attr_record_resize in NTFS-3G < 2021.8.22.

...

EulerOS Virtualization 2.9.1 : lz4 (EulerOS-SA-2021-2747)

According to the versions of the lz4 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...

EulerOS Virtualization 2.9.0 : lz4 (EulerOS-SA-2021-2783)

According to the versions of the lz4 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer...

CVE-2021-3875

There's an out-of-bounds read flaw in Vim's exdocmd.c. An attacker who is capable of tricking a user into opening a specially crafted file could trigger an out-of-bounds read on a memmove operation, potentially causing an impact to application availability...

ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()

The ntfs3g package is susceptible to an input validation flaw. A crafted NTFS image with invalid values could trigger an improper check. This incorrect check causes an integer overflow which then leads to a heap overflow. The highest threat from this vulnerability is to confidentiality, integrity...

ntfs-3g: Integer overflow in memmove() leading to heap buffer overflow in ntfs_attr_record_resize()

The ntfs3g package is susceptible to an input validation flaw. A crafted NTFS image with invalid values could trigger an improper check. This incorrect check causes an integer overflow which then leads to a heap overflow. The highest threat from this vulnerability is to confidentiality, integrity...

EulerOS 2.0 SP5 : lz4 (EulerOS-SA-2021-2510)

According to the versions of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading ...

EulerOS 2.0 SP8 : lz4 (EulerOS-SA-2021-2474)

According to the versions of the lz4 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading...

EulerOS 2.0 SP2 : lz4 (EulerOS-SA-2021-2407)

According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to...

UBUNTU-CVE-2021-39254

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfsattrrecordresize, in NTFS-3G 2021.8.22...

CVE-2021-39254

A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfsattrrecordresize, in NTFS-3G 2021.8.22...

CVE-2021-39254

The CVE-2021-39254 issue affects NTFS-3G prior to 2021.8.22, where a crafted NTFS image can trigger an integer overflow in memmove, causing a heap-based buffer overflow in ntfs_attr_record_resize. Connected advisories confirm NTFS-3G is the vulnerable component and that upgrades to a fixed versio...