GHSA-8XJQ-8FCG-G5HW Out-of-bounds Write in Pillow

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2020-7853

An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...

CVE-2020-7853

An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution...

Tobesoft Xplatform 缓冲区错误漏洞

Tobesoft Xplatform is a set of Korean Tobesoft application development platform. The platform supports form and composite component inheritance, CSS autosetting, and multi-document interfaces. A security vulnerability exists in Tobesoft Xplatform, which stems from an unchecked offset input range...

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

Welcome to our weekly exploit digest! We should say this hasnt been a big week because guys keep producing exploits for the vulnerabilities discovered in the 1st half of March. Nevertheless, we have some new good arrivals for VMware, MS Windows and Win32 to talk about. New 4+ scored exploits have...

Win32k ConsoleControl Offset Confusion

A vulnerability exists within win32k that can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists in how the WndExtra field of a window can be manipulated into being treated as an offset despite being populated by an attacker-controlled value. This...

ALPINE-CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

DEBIAN-CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

PYSEC-2021-36

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

PYSEC-2021-36

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2021-25290

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

CVE-2020-11226

CVE-2020-11226 concerns a memory-read out-of-bounds vulnerability in Qualcomm closed-source Data modem logic, stemming from a missing offset-length check during unpacking. Affected products span Snapdragon Auto/Compute/Connectivity/IoT lines (Qualcomm closed-source components). The underlying fla...

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Pillow 缓冲区错误漏洞

Pillow is a Python-based image processing library. buffer overflow vulnerability exists in versions of Pillow prior to 8.1.1, which stems from the presence of a negative offset memcpy with an invalid size in TiffDecode.c. No details of the vulnerability are currently available...

PT-2024-11075 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an unintentional stack access in the Linux kernel, specifically in the mtd: physmap: physmap-bt1-rom module. The problem arises because the data variable is of...

UBUNTU-CVE-2020-1921

In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions...

EulerOS Virtualization 3.0.6.6 : exiv2 (EulerOS-SA-2021-1470)

According to the version of the exiv2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from...

Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)

Golden FTP Server 4.70 - 'PASS' Buffer Overflow 2 Author: 1F98D Original Authors: Craig Freyman cd1zz and Gerardo Iglesias Galvan iglesiasgg Tested on Windows 10 x64 A buffer overflow exists in GoldenFTP during the authentication process. Note that the source ip address of the user performing the...