UBUNTU-CVE-2018-7568

The parsedie function in dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer overflow and application crash via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm...

FreeXL heap buffer out-of-bounds read vulnerability (CNVD-2018-05153)

FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'parseSST' function in versions of FreeXL prior to 1.0.5. An attacker can exploit this...

DEBIAN-CVE-2018-7437

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parseSST function...

UBUNTU-CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...

DEBIAN-CVE-2018-7436

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parseSST function...

UBUNTU-CVE-2018-7436

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parseSST function...

CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...

DEBIAN-CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...

UBUNTU-CVE-2017-18187

In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the sslparseclientpskidentity function in library/sslsrv.c...

DEBIAN-CVE-2018-6872

The elfparsenotes function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service out-of-bounds read and segmentation violation via a note with a large alignment...

UBUNTU-CVE-2018-6872

The elfparsenotes function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service out-of-bounds read and segmentation violation via a note with a large alignment...

DEBIAN-CVE-2018-6869

In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the zzipparserootdirectory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

UBUNTU-CVE-2018-6869

In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the zzipparserootdirectory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

CCN-lite 'cnb_parse_lev' Function Denial of Service Vulnerability

CCN-lite is a lightweight CCNx Content Centric Networking Protocol implementation of the CCN-lite project. A security vulnerability exists in the 'cnbparselev' function in CCN-lite versions prior to 2.00. An attacker could exploit this vulnerability to cause an invalid read...

CCN-lite Integer Overflow Vulnerability

CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. An integer overflow vulnerability exists in the ndnparsesequence function in CCN-lite versions prior to 2.0.0. An attacker can exploit this vulnerability to cause an integer overflow via...

CCN-lite integer overflow vulnerability (CNVD-2018-03678)

CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. An integer overflow vulnerability exists in CCN-lite versions prior to 2.0.0. An attacker can exploit this vulnerability to cause an integer overflow by involving the vallen variable in th...

CVE-2017-12471

The cnbparselev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function...

DEBIAN-CVE-2018-6767

A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file...

rsync 'parse_arguments' function protection mechanism bypass vulnerability

rsync is a suite of data mirroring backup applications for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras, which synchronizes the updating of files and directories between two computers and reduces data transfers by using differential encoding...

The vulnerability of the parse_hid_report_descriptor function (drivers/input/tablet/gtco.c) in the Linux operating system allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the parsehidreportdescriptor function in the Linux kernel’s drivers/input/tablet/gtco.c file arises from a read operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service failures or other effects such as...