Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-buffer read, which could allow remote attackers to obtain sensitive information from the process memory...

EUVD-2019-2311

Malware in sbrugna...

Rocky Linux 8 : php:7.3 (RLSA-2020:3662)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:3662 advisory. - Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to...

CVE-2023-25668 TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

Medium: php71, php72, php73

Issue Overview: Function iconvmimedecodeheaders in PHP may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.CVE-2019-11039 When using gdImageCreateFromXbm function of PHP gd extension, it is possible to supply data that...

CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

Integer overflow

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

Security fix for the ALT Linux 8 package curl version 7.62.0-alt1

Oct. 31, 2018 Anton Farygin 7.62.0-alt1 - 7.62.0 - fixes: CVE-2018-16839 - buffer overrun in the SASL authentication code. CVE-2018-16840 - use-after-free in handle close CVE-2018-16842 - warning message out-of-buffer read...

curl -- multiple vulnerabilities

curl security problems: CVE-2018-16839: SASL password overflow via integer overflow libcurl contains a buffer overrun in the SASL authentication code. The internal function Curlauthcreateplainmessage fails to correctly verify that the passed in lengths for name and password aren't too long, then...

[ASA-201805-16] lib32-libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201805-16 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-697 Summary ======= Th...

Buffer under-read in String#unpack

Stringunpack receives format specifiers as its parameter, and can be specified the position of parsing the data by the specifier @. If a big number is passed with @, the number is treated as the negative value, and out-of-buffer read is occurred. So, if a script accepts an external input as the...