CVE-2021-3889

libmobi is vulnerable to Use of Out-of-range Pointer Offset...

Null pointer dereference

libmobi is vulnerable to Use of Out-of-range Pointer Offset...

CVE-2021-3889

CVE-2021-3889 affects Libmobi, a C library for MOBI/Kindle formats. Connected sources describe an out-of-bounds read in mobi_decompress_huffman_internal caused by unsafe Huffman code_length handling, leading to a heap-buffer-overflow and potential memory disclosure or crash when processing input....

CVE-2021-3888

CVE-2021-3888 affects libmobi. The vulnerability is a buffer-overread/write caused by out-of-range pointer offsets in the Huffman-based decoding path, where the code does not validate index bounds for symbols before accessing symbol data. This can lead to memory reads/writes beyond allocated buff...

CVE-2021-3888

libmobi is vulnerable to Use of Out-of-range Pointer Offset...

AUVESY Versiondog 缓冲区错误漏洞

An out-of-bounds read vulnerability exists in AUVESY Versiondog, an automated production data and change management software solution from AUVESY Germany, which can be exploited by attackers to specify any offset and read out-of-bounds data...

CVE-2021-42387

Heap out-of-bounds read in ClickHouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2569)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4...

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Buffer overflow

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2021-1961

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

PT-2021-13706 · Qualcomm · Qualcomm Snapdragon Wearables +7

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto affected versions not specified Qualcomm Snapdragon Compute affected versions not specified Qualcomm Snapdragon Connectivity affected versions not specified Qualcomm Snapdragon Consumer IOT affected versions not...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A buffer error vulnerability exists in Qualcomm chips that stems...

GHSA-WCG3-CVX6-7396 Segmentation fault in time

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library. The...

crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow Exploit

Exploit Title: crossfire-server 1.9.0 - 'SetUp' Remote Buffer Overflow Exploit Author: Khaled Salem @Khaled0x07 Software Link: https://www.exploit-db.com/apps/43240af83a4414d2dcc19fff3af31a63-crossfire-1.9.0.tar.gz Version: 1.9.0 Tested on: Kali Linux 2020.4 CVE : CVE-2006-1236 !/bin/python impor...

The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR, related to a single offset error, allows attackers to cause service interruptions.

The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause service failures...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2021-2019)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-22545

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

CVE-2021-22545

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

Design/Logic Flaw

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...