PT-2021-6593 · Htslib +1 · Htslib +1

Name of the Vulnerable Software and Affected Versions: HTSlib versions prior to 1.10.2 Description: The issue is related to the vcf parse format function in the HTSlib library, which does not properly check for excessive record size, allowing only individual fields to be checked. This can be...

GHSA-C38G-469G-CMGX Improper Neutralization of Special Elements in Output in helm.sh/helm/v3

Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version...

Denial Of Service (DoS)

htmldoc is vulnerable to denial of service. The vulnerability exists due to a stack buffer overflow in parsetable in ps-pdf.cxx...

CVE-2021-25385

An improper input validation vulnerability in sdfffdparsechunkPROP in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process...

CVE-2021-25682

It was discovered that the getpidinfo function in data/apport did not properly parse the /proc/pid/status file from the kernel...

SAMSUNG Mobile devices 缓冲区错误漏洞

The Samsung libsdffextractor library is a component for Samsung Samsung mobile devices. The Samsung libsdffextractor library suffers from an input validation error vulnerability that stems from improper input validation logic in the presence of a sample rate chunk in sdfffdparsechunkPROP in the...

Samsung SMR 缓冲区错误漏洞

The Samsung libsdffextractor library is a component for Samsung Samsung mobile devices. The Samsung libsdffextractor library suffers from an input validation error vulnerability that stems from faulty input validation logic in sdfffdparsechunkFVER in the libsapeextractor library, which can be...

PT-2021-16576 · Unknown · Libsdffextractor

Name of the Vulnerable Software and Affected Versions: libsdffextractor library versions prior to SMR MAY-2021 Release 1 Description: The issue is related to an improper input validation vulnerability in the sdfffd parse chunk PROP function. This vulnerability allows attackers to execute arbitrar...

CVE-2021-26195

An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexerparsenumber in js-lexer.c file...

UBUNTU-CVE-2021-26195

An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-overflow in lexerparsenumber in js-lexer.c file...

CVE-2020-23323

There is a heap-buffer-overflow at re-parser.c in reparsecharescape in JerryScript 2.2.0...

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in JerryScript 2.4.0, which stems from a heap buffer overflow in lexerparsenumber in the js-lexer.c file. No details of the vulnerability are provided at this time...

JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine . A heap buffer overflow vulnerability exists in reparsecharescape in re-parser.c in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

HTMLDOC 缓冲区错误漏洞

HTMLDOC is an open source program that converts HTML and Markdown files to EPUB, Indexed HTML, PostScript and PDF formats. HTMLDOC suffers from a buffer error vulnerability caused by a boundary error when processing table attributes in the parsetable function in ps-pdf.cxx. An unauthenticated,...

JerryScript 代码问题漏洞

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in JerryScript version 2.2.0 in js-parser.c:2185 in parserparsesource. No details of the vulnerability are provided at this time...

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.

...

The vulnerability of the parse_fix_phrase() function in the Exim message forwarding agent, related to writing beyond buffer boundaries in memory, allows a hacker to elevate their privileges in the system and execute arbitrary code.

The vulnerability of the parsefixfrase function in the Exim message forwarding agent is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an intruder with privileges in the system to execute arbitrary code...

Stack overflow

Stack overflow vulnerability in parsestatementlist Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service DoS via a crafted file...

CVE-2020-36374

Stack overflow vulnerability in parsecomparison Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service DoS via a crafted file...

CVE-2020-36367

Stack overflow vulnerability in parseblock Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service DoS via a crafted file...