GSD-2021-1002202 nvme-tcp: fix possible req->offset corruption

nvme-tcp: fix possible req-offset corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

GSD-2021-1002133 nvme-tcp: fix possible req->offset corruption

nvme-tcp: fix possible req-offset corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.16 by commit...

UVI-2021-1002067 nvme-tcp: fix possible req->offset corruption

nvme-tcp: fix possible req-offset corruption This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.77 by commit...

CentOS 8 : python-pillow (CESA-2021:4149)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4149 advisory. - python-pillow: Buffer over-read in PCX image reader CVE-2020-35653 - python-pillow: Buffer over-read in SGI RLE image reader CVE-2020-35655 -...

RHEL 8 : python-pillow (RHSA-2021:4149)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4149 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal...

WildBit Viewer 缓冲区错误漏洞

WildBit Viewer is a compact image viewer with slide show and editor. A buffer overflow vulnerability exists in Editor+0x5f91 in WildBit Viewer version 6.6, which can be exploited by an attacker to cause a denial of service via a specially crafted tga file...

kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF

A missing bounds check flaw was found in the Linux kernel's Modem Host Interface bus driver in the channel doorbell offset validation logic. A local user can trigger this issue on systems with MHI devices typically Qualcomm modems or wireless cards by using a device that provides malformed or...

python-pillow: Negative-offset memcpy in TIFF image reader

A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which could lead to a system crash...

python-pillow: Excessive looping in BLP image reader

A flaw was found in python-pillow. BlpImagePlugin did not properly check that reads after jumping to file offsets returned data. This could lead to a denial-of-service where the decoder could be run a large number of times on empty data...

openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT versions prior to V2.4.7.56, which stems from a request with an invalid offset in the affected software that could result in...

Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2021-2601)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-38451

The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data...

CVE-2021-38451

The affected product’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data...

AUVESY Versiondog Out-of-Bounds Reading Vulnerability

An out-of-bounds read vulnerability exists in AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, which can be exploited by attackers to specify any offset and read out-of-bounds data...

Design/Logic Flaw

Possible out of bound access due to lack of validation of page offset before page is inserted in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

CVE-2021-30305

CVE-2021-30305 is a local access vulnerability in Qualcomm/Snapdragon graphics stack caused by missing validation of page offsets before a page is inserted, leading to possible out-of-bounds access in Snapdragon Auto, Connectivity, Industrial IoT, and Mobile subsystems. Public metadata from NVD i...

CVE-2021-3888

libmobi is vulnerable to Use of Out-of-range Pointer Offset...

CVE-2021-3888

libmobi is vulnerable to Use of Out-of-range Pointer Offset...

CVE-2021-3889

libmobi is vulnerable to Use of Out-of-range Pointer Offset...