36 matches found
CVE-2023-29582
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...
yasm 缓冲区错误漏洞
yasm is a completely rewritten Netwide assembler from the yasm open source. A buffer error vulnerability exists in yasm version 1.3.0.55.g101bc, which stems from the discovery of a contained stack overflow vulnerability through the parseexpr1 function of /nasm/nasm-parse.c...
SUSE CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...
SUSE CVE-2018-8002
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...
SUSE CVE-2019-19648
In the machoparsefile functionality in macho/macho.c of YARA 3.11.0, commandsize may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service application crash or potential code execution...
zlog 1.2.15 - Buffer Overflow Exploit
Exploit Title: zlog 1.2.15 - Buffer Overflow Exploit Author: LIWEI Vendor Homepage: https://github.com/HardySimpson/zlog Software Link: https://github.com/HardySimpson/zlog Version: v1.2.15 Tested on: ubuntu 18.04.2 1.- compile the zlogv1.2.15 code to a library. 2.- Use the "zloginit" API to pars...
libarchive: Out-of-bounds read in parse_file_info
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
DEBIAN-CVE-2019-19648
In the machoparsefile functionality in macho/macho.c of YARA 3.11.0, commandsize may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service application crash or potential code execution...
UBUNTU-CVE-2019-9021
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the...
DEBIAN-CVE-2018-10771
Stack-based buffer overflow in the getkey function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
UBUNTU-CVE-2018-8002
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...
ALPINE-CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
DEBIAN-CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
UBUNTU-CVE-2017-14501
An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader...
UBUNTU-CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...
tnef 'parse_file()' function denial of service vulnerability
tnef is a set of programs for decompressing MIME attachments. A security vulnerability in the tnef 'parsefile' function allows an attacker to exploit the vulnerability to submit a special file for a denial-of-service attack that could crash the application...