Buffer overflow

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

Open Redirect in ionicabizau/parse-url

✍️ Description parse-url improperly handles the user input such as https:/\ and interprets it as a relative path. Backslashes after the protocol are accepted by browsers and treated as normal slashes, but parse-url reads them as the relative path, which could lead to SSRF, open redirects, or other...

OESA-2021-1262 nodejs-path-parse security update

Node.js path.parse ponyfill Security Fixes: All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.CVE-2021-23343...

OSV-2021-947 Dynamic-stack-buffer-overflow in hsql::SQLParserResult::addStatement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35946 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: hsql::SQLParserResult::addStatement hsqlparse hsql::SQLParser::parse...

Open Redirect in ionicabizau/parse-url

✍️ Description parse-url mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while parse-url sees it as a relative path. Which will lead to SSRF attacks, open redirects, or...

Open Redirect in ionicabizau/parse-path

✍️ Description parse-path mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while parse-path sees it as a relative path. Which will lead to SSRF attacks, open redirects, o...

CVE-2021-21807

An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Open Redirect in unshiftio/url-parse

✍️ Description url-parse mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while url-parse sees it as a relative path. Similar attacks:...

XML2Dict XML Entity Expansion Vulnerability

XXE vulnerability in 'XML2Dict' version 0.2.2 allows an attacker to cause a denial of service. The parse function does not properly restrict recursive entity references...

OSV-2021-907 Heap-buffer-overflow in decode_header_value_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35675 Crash type: Heap-buffer-overflow READ 1 Crash state: decodeheadervalueliteral decodeheader h2ohpackparserequest...

PT-2021-6593 · Htslib +1 · Htslib +1

Name of the Vulnerable Software and Affected Versions: HTSlib versions prior to 1.10.2 Description: The issue is related to the vcf parse format function in the HTSlib library, which does not properly check for excessive record size, allowing only individual fields to be checked. This can be...

GHSA-C38G-469G-CMGX Improper Neutralization of Special Elements in Output in helm.sh/helm/v3

Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version...

Denial Of Service (DoS)

htmldoc is vulnerable to denial of service. The vulnerability exists due to a stack buffer overflow in parsetable in ps-pdf.cxx...

CVE-2021-25385

An improper input validation vulnerability in sdfffdparsechunkPROP in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process...

CVE-2021-25682

It was discovered that the getpidinfo function in data/apport did not properly parse the /proc/pid/status file from the kernel...

SAMSUNG Mobile devices 缓冲区错误漏洞

The Samsung libsdffextractor library is a component for Samsung Samsung mobile devices. The Samsung libsdffextractor library suffers from an input validation error vulnerability that stems from improper input validation logic in the presence of a sample rate chunk in sdfffdparsechunkPROP in the...

Samsung SMR 缓冲区错误漏洞

The Samsung libsdffextractor library is a component for Samsung Samsung mobile devices. The Samsung libsdffextractor library suffers from an input validation error vulnerability that stems from faulty input validation logic in sdfffdparsechunkFVER in the libsapeextractor library, which can be...

PT-2021-16576 · Unknown · Libsdffextractor

Name of the Vulnerable Software and Affected Versions: libsdffextractor library versions prior to SMR MAY-2021 Release 1 Description: The issue is related to an improper input validation vulnerability in the sdfffd parse chunk PROP function. This vulnerability allows attackers to execute arbitrar...

CVE-2021-26195

An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexerparsenumber in js-lexer.c file...

UBUNTU-CVE-2021-26195

An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexerparsenumber in js-lexer.c file...