83 matches found
AZL-13005 CVE-2022-3515 affecting package gnupg2 for versions less than 2.4.0-1
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...
DEBIAN-CVE-2022-47629
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser...
libksba: integer overflow may lead to remote code execution
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...
SUSE-SU-2022:3683-1 Security update for libksba
This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser bsc1204357...
libksba 输入验证错误漏洞
libksba is an open source library from GnuPG Mirrors that makes the task of working with X.509 certificates, CMS data and related objects easier. A security vulnerability exists in libksba version 1.3.5-2+deb10u1 that stems from an integer overflow in the CRL parser, which could lead to a denial ...
UBUNTU-CVE-2022-3515
A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...
Accusoft ImageGear GIF LZW decoder heap overflow vulnerability
Summary A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...
CVE-2019-6114
An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An integer overflow in the jp2 parsing library allows an attacker to overwrite memory and to execute arbitrary code...
Tcpdump ISO IS-IS parser buffer overflow vulnerability (CNVD-2017-28238)
Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.ISO IS-IS parser is one of the routing protocol parsers. A buffer...
Tcpdump IKEv1 Parser Buffer Overflow Vulnerability
Tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer. A buffer overflow vulnerability exists in the 'ikev1idprint' of th...
DEBIAN-CVE-2017-5341
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otvprint...
DEBIAN-CVE-2016-7992
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cipifprint...
DEBIAN-CVE-2016-7983
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootpprint...
UBUNTU-CVE-2017-5205
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2eprint...
UBUNTU-CVE-2016-7936
The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udpprint...
VulnCheck KEV: CVE-2016-6909
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER...
Wireshark Catapult DCT2000 Parser Stack Buffer Overflow Vulnerability
Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. A stack buffer overflow vulnerability exists in the...
DEBIAN-CVE-2014-2299
Buffer overflow in the mpegread function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a large record in MPEG data...
MGASA-2014-0125 Updated wireshark packages fix multiple vulnerabilies
Updated wireshark packages fix security vulnerabilities: The NFS dissector could crash CVE-2014-2281. The RLC dissector could crash CVE-2014-2283. The MPEG file parser could overflow a buffer CVE-2014-2299...