SUSE CVE-2005-0530

Signedness error in the copyfromreadbuf function in ntty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument...

SUSE CVE-2010-0295

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into small pieces that are sent at a slow rate...

SUSE CVE-2019-10131

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program...

Vulnerability in OpenSSL - X.509 Name Constraints Read Buffer Overflow

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

UBUNTU-CVE-2022-4203

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in zephyr that stems from not properly checking inputs in lereadbuffersizecomplete, resulting in a denial of service...

CVE-2021-3712: ASN1_STRING structure contains a buffer holding the string data

Security Advisory ID : BSA-2022-1587 Component : OpenSSL Revision : 1.0 ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesent...

PT-2022-21148 · Libdwarf +3 · Libdwarf +3

Name of the Vulnerable Software and Affected Versions: libdwarf version 0.4.0 Description: The issue is a heap-based buffer over-read in the dwarf check string valid function located in dwarf util.c. Recommendations: For libdwarf version 0.4.0, at the moment, there is no information about a newer...

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2022-1417)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an...

Oracle Linux 7 : openssl (ELSA-2022-9017)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9017 advisory. - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings Tenable has extracted the preceding description block directly from the Oracle Linu...

openssl security update

1.0.2k-23 - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz1996054...

Oracle Linux 7 : openssl (ELSA-2022-9023)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9023 advisory. - fixes CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings Tenable has extracted the preceding description block directly from the Oracle Linu...

openssl security update

1:1.1.1k-5 - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings - Resolves: rhbz2005400...

SUSE-SU-2021:4155-1 Security update for libqt4

This update for libqt4 fixes the following issues: - CVE-2021-3481: Fixed out of bounds read in QRadialFetchSimd from crafted svg file bsc1184783. - CVE-2020-17507: Fixed buffer over-read in readxbmbody bsc1176315...

Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 For more details about the security...

Oracle Linux 8 : openssl (ELSA-2021-5226)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-5226 advisory. - CVE-2021-3712 openssl: Read buffer overruns processing ASN.1 strings Tenable has extracted the preceding description block directly from the Oracle Linux...

Wind River VxWorks Resource Management Error Vulnerability

Wind River VxWorks is an operating system from Wind River, Inc. the industry-leading real-time operating system for building embedded devices and systems. A security vulnerability exists in VxWorks 6.9 through 7, which stems from a specially designed packet in the IKE component that could result ...

EulerOS 2.0 SP5 : openssl111d (EulerOS-SA-2021-2668)

According to the versions of the openssl111d packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will ca...

Read buffer overruns processing ASN.1 strings

...

Debian DLA-2774-1 : openssl1.0 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2774 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length...