Lucene search
K

28 matches found

OSV
OSV
added 2022/09/16 5:41 p.m.33 views

GHSA-XG8P-34W2-J49J linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

Impact What kind of vulnerability is it? Who is impacted? This vulnerability impacts all the initialization functions on the Heap and LockedHeap types, including Heap::new, Heap::init, Heap::initfromslice, and LockedHeap::new. It also affects multiple uses of the Heap::extend method. Initializati...

8.4CVSS9.1AI score0.00754EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/09/07 10:50 p.m.31 views

CVE-2022-36086 linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

8.4CVSS9.7AI score0.00754EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/11/09 6:14 p.m.19 views

exiv2: Out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata

A flaw was found in exiv2. An out-of-bounds read in the Exiv2::Jp2Image::doWriteMetadata function may allow a remote attacker to crash an application using exiv2 library. The highest threat from this vulnerability is to application availability...

2.6CVSS5.8AI score0.01677EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/10/29 12:0 a.m.5 views

The vulnerability of the Exiv2 metadata management library, related to the execution of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Exiv2 metadata management library is related to the execution of operations outside the buffer in memory due to errors in metadata writing. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service...

8.8CVSS6.9AI score0.02152EPSS
Exploits1References13Affected Software6
RedHat Linux
RedHat Linux
added 2021/08/19 3:6 p.m.5 views

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp

A flaw was found in exiv2. A flawed bounds checking in the jp2Image.cpp:doWriteMetadata function leads to a heap-based buffer overflow. This flaw allows an attacker who can provide a malicious image to an application using the exiv2 library, to write data out of bounds and potentially execute cod...

6.2AI score
Exploits0References4
OSV
OSV
added 2021/08/09 7:15 p.m.1 views

UBUNTU-CVE-2021-37619

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.4 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

5.5CVSS6.6AI score0.00984EPSS
Exploits0References5
OSV
OSV
added 2021/05/15 11:2 a.m.1 views

OESA-2021-1183 exiv2 security update

Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A flaw was found in Exiv2 in version...

7.8CVSS7.3AI score0.02295EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2021/04/20 12:0 a.m.4 views

PT-2021-8244 · Exiv2 +8 · Exiv2 +8

Name of the Vulnerable Software and Affected Versions: Exiv2 versions v0.27.3 and earlier Description: A heap buffer overflow was found in Exiv2 when used to write metadata into a crafted image file. This could potentially allow an attacker to gain code execution if they can trick the victim into...

7.8CVSS6.5AI score0.02555EPSS
Exploits3References116
Rows per page
Query Builder